Data Breaches
1.
McDonald's latest company to be hit by a data breach:
..... McDonald's has become the latest company to be hit by a data Breach after unauthorized activity on its network exposed the personal data of some customers in South Korea and Taiwan.
..... McDonald's Corporation said Friday [06/11/2021] that it quickly identified and contained the incident and that a through investigation was done.
..... "While we were able to close off access quickly after identification, our investigation has determined that a small number of files were accessed, some of which contains personal data," the burger chain said.
..... McDonald's said its investigation determined that only South Korea and Taiwan had customer personal data accessed, and that the company would be taking steps to notify regulators and also the customers who might be impacted.
..... No customers payment information was exposed.
.... McDonald's said it will look at the investigation's findings, coupled with input from security resources, to identify ways to further enhance its existing security measures.
2.
Cruise giant Carnival says customers affected by breach:
..... Carnival Corporation said Thursday [06/17/2021] that a data breach in March [2021] might have exposed personal information about customers and employees on Carnival Cruise Line, Holland America Line and Princess cruises.
..... In a letter to customers, the company indicated that outsiders might have gained access to Social Security numbers, passport numbers, dates of birth, addresses and health information of people.
.... The company declined to say how many people's information was exposed. The breach comes after Carnival was hit twice last year [2020] by ransomware attacks.
..... Carnival spokesman Roger Frizzell said the company detected the latest intrusion to some of its information technology systems on March 19 [2021] and shut down access and hired a cybersecurity company to investigate. He said Carnival is making changes to improve security of its information system.
3.
Robinhood hit by data breach exposing users' emails,names:
..... Popular investing app Robinhood said Monday [11/08/2021] that it suffered a security breach last week [11/01-06/2021] in which hackers accessed some personal information for roughly 7 million users and demanded a ransom payment.
..... The Online trading platform said that it believes no Social Security numbers , bank account numbers or debit-card numbers were exposed and that customers have seen no financial losses because of the intrusion.
..... For the vast majority of affected customers, the only information obtained was an email address or a full name. For 310 people, the information taken included their name, date of birth and ZIP code. Of those, 10 customers had "more extensive account details revealed," Robinhood said in a statement.
..... Robinhood said that after it contained the intrusion, "the unauthorized party demanded an extortion payment." The company said it notified law enforcement and is investigation the incident with the help of the security firm Mandiant.
4.
Data Breach - GoDaddy:
..... Go Daddy, the domain registrar and web hosting, company, disclosed a data breach involving 1.2 million customers of its managed WordPress hosting services. Since September 6, 2021, an unauthorized third party used a compromised password to gain access to the network and data for three months. Breached customers data included database usenames and passwords, email addresses, customer numbers, and a subset of customers' private SSL encryption keys. GoDaddy reset passwords and is in the processing of issuing new SSL certificates. The investigation is ongoing and impacted customers will be notified.
5.
Morgan Stanley
Morgan Stanley Wealth Management, the wealth and asset management division of Morgan Stanley,
discovered a data breach in February that affected some of its customers. Through vishing, an unauthorized party socially engineered the firms’ customers to divulge sensitive information, including banking information, login account credentials, and authentication codes. Once the accounts were accessed, the threat actors initiated Zelle payments to electronically transfer funds from the victims' accounts to their own bank account. Additionally, other information potentially exposed, included the victims' name, address, account number(s), as well as the names, addresses, and phone numbers of their trusted contacts. Affected customers were notified and offered credit monitoring services. The NJCCIC recommends users remain vigilant of these and similar scams. Also, use strong, unique
passwords for all accounts, enable
MFA, and review additional information and recommendations in the
Identity Theft and Compromised PII NJCCIC Product.
6.
Cash App
Block Inc. confirmed a data breach affecting roughly 8.2 million current and former US Cash App customers. A Form 8-K SEC was filed with the US Securities and Exchange Commission on April 4, detailing that a former employee without authorization accessed and downloaded records containing customer information on December 10. Breached information includes full name and brokerage account number and, for some customers, brokerage portfolio value, holdings, or specific stock trading activity. Block Inc. stated in the filing that other sensitive information, such as personally identifiable information and account credentials, were not exposed in the data breach. The intent behind the data breach is unknown at this time. Upon discovery of the breach, Block Inc. notified law enforcement, launched an investigation with a forensics firm, and took steps to remediate the incident. The company will notify affected customers of the breach's potential impact. |
|
7.
Meat company JBS confirms it paid $11M ransom in cyberattack:
..... The world's largest meat processing company says it paid the equivalent of $11 million to hackers who broke into its computer system late last month. [05/2021]
..... Brazil-based JBS SA said on May 31 [2021] that it was the victim of a ransomware attack, but Wednesday [06/09/2021] was the first time the company's U.S. division confirmed that it had paid the ransom.
..... The FBI has attributed the attack to Revil, a Russian-speaking gang that has made some of the largest ransomware demands on record in recent months. The FBI said it will work to bring the group to justice and it urged anyone who is the victim of a cyberattack to contact the bureau immediately.
8.
U-Haul data breach exposes driver's license information
* Why am I receiving this?
.... A data security incident has surfaced. You may or may not have been affected, but as always, we want to make you aware of the incident and remind you can take steps to help protect yourself.
What Happened?
..... U-Haul International, a moving and storage company, announced that customers' rental contracts between November 2021 and April 2022 were accessed by hackers. Breached information includes customers' names and driver's license information. If exploited, cybercriminals can use this information to commit identity theft.
What should you do?
..... Make sure that you're responding to LifeLock alerts, updating any software you use, changing your passwords often, and always watching out for phishing attempts.
9.
American Airlines data breach includes customers; passport info
Why an I receiving this?
..... American Airlines has discovered a data breach that exposed the sensitive personal information of an undisclosed number of customers. The information was accessed through breached employee email accounts and could include customers' names, passport and driver's license information, plus certain medical info and more. If exploited, cybercriminals can use this information to commit identity theft.
10.
Toyota Confirms Data Leak on GitHub
On October 7, Toyota released a notice confirming a data leak that occurred between December 2017 and September 15 exposed the private information of 296,019 customers. The leak occurred after a portion of source code related to T-Connect, an app that links a driver’s smartphone to their Toyota vehicle, was mistakenly posted on GitHub. This source code contained an access key to one of Toyota’s servers, which stored customers’ email information and management numbers. Toyota confirmed that customer names, credit card information, and phone numbers were not exposed. Toyota stated that a subcontracting company was at fault for the leak; however, the automobile manufacturer acknowledged it was responsible for the security of customer data and will notify affected customers that their information may have been leaked. While there is no indication that a malicious third party accessed the data, T-Connect users should exercise caution with emails that claim to be from Toyota. |
|
11.
Uber
Uber suffered a data leak that exposed sensitive employee and company data. Threat actors gained access to Uber’s third-party asset management and tracking services vendor, Teqtivity , by compromising its Amazon Web Services (AWS) backup server. The incident was discovered after a threat actor named UberLeaks posted the stolen data from Uber and Uber Eats in a cybercrime forum. While no customer information appears to have been compromised in the breach, the personal information of an estimated 77,000 Uber employees was exposed. This data includes employees’ names, work emails, work location details, Windows Active Directory information, and device information, such as serial numbers, makes and models, and other technical specifications. Uber stated that this is considered a new leak and not related to an incident from September. The exposed data may be used to conduct further cybercriminal activity, such as phishing attacks to gain access to more sensitive information. Uber employees are advised to exercise caution with emails claiming to be from Uber IT support and confirm all information directly with IT administrators before responding.
|
|
12.
Medicare Beneficiaries
A government subcontractor, Healthcare Management Solutions, was the victim of a ransomware incident that potentially revealed data of up to 245,000 Medicare beneficiaries, including name, date of birth, address, Social Security number, phone number, Medicare beneficiary identifier, banking information, and other personal information. Those impacted will be contacted by the Centers for Medicare & Medicaid Services (CMS), issued a replacement Medicare card with a new identification number, and provided free credit monitoring services. Medicare beneficiaries are advised to exercise caution with communications claiming to be related to the breach, as threat actors may capitalize on the incident to launch phishing campaigns luring beneficiaries into clicking links, opening attachments, or divulging sensitive information. Unauthorized financial transactions should be reported to the associated banking institution immediately. Additional data breach details can be found in the CMS press release. |
|
13.
PayPal
PayPal, a popular online payment platform, notified users of breached accounts as a result of credential stuffing attacks between December 6 and 8. Unauthorized parties compromised almost 35,000 accounts with access to full names, dates of birth, postal addresses, Social Security numbers, individual tax identification numbers, transaction histories, connected credit or debit card details, and PayPal invoicing data. PayPal stopped the intrusion and reset passwords for compromised accounts. PayPal stated that no personal information was misused or unauthorized transactions attempted, and it offered two years of free credit monitoring. Users are highly advised to update passwords for any online accounts where the compromised password was reused to protect against account compromise, refrain from password reuse, and enable multi-factor authentication (MFA). Affected users who suspect their PII has been compromised should review the Identity Theft and Compromised PII NJCCIC Informational Report for additional recommendations and resources. |
|
T-Mobile
On January 19, mobile telecommunications company T-Mobile posted a press release notifying users of a data breach that exposed the information of 37 million customer accounts. The breach, detected on January 5, resulted from a threat actor accessing a T-Mobile Application Programming Interface (API) since at least November 25. The customer information obtained in the breach included full names, billing addresses, email information, phone numbers, dates of birth, account numbers, and service plan features. In the release, T-Mobile defined the stolen data as limited; however, the information accessed could be used to launch convincing phishing attacks against affected users to obtain additional information or trick victims into downloading malicious files. Additionally, an attacker could use the compromised information to conduct SIM swapping attacks, where a threat actor uses a victim’s personal information to convince wireless carriers to transfer the information from the victim’s SIM card to one the attacker controls. A successful SIM swapping attack may allow the threat actor to log in to the victim’s other accounts through MFA, steal information, change password information, and extract funds. The NJCCIC recommends that T-Mobile customers treat unexpected messages or emails from unverified senders with caution and remain vigilant for unexpected account activity or potential identity theft. |
|
14.
Pepsi
Pepsi Bottling Ventures LLC released a
consumer notification letter regarding a data breach that occurred approximately December 23, when an unknown party gained access to the company’s internal IT systems and installed information-stealing malware. The unusual activity was detected on January 10, when the company took action to secure its systems. The last known date of unauthorized access was January 19. In the notification, Pepsi Bottling Ventures stated that the amount of information compromised varied by individual, and it is currently unknown if the scope of those affected is limited to employees or includes customers.
15.
As summer approaches, many prospective international travelers may need a new or renewed passport. The United States Department of State advised international travelers to check passport expiration dates and renew their passports before making final travel plans to avoid last-minute issues. Also, there may be special travel restrictions as some countries require passports to be valid for at least six months beyond the scheduled travel dates. So far, the surge in passport demand is causing significant delays for international travelers and increased workload for State Department staff. Routine processing times range from 10-13 weeks, whereas expedited processing times are seven to nine weeks for an additional fee. |
|
Threat actors are exploiting these delays using sophisticated and convincing websites to sway prospective travelers to provide personal and financial information for non-existent services, including quick passport renewals. Travelers may not realize they were scammed for weeks or months after their passport is not received as promised. Scams may start with emails, SMS text messages, or fraudulent social media ads purporting to be promises of quick passports or renewals that are “too good to be true.” |
|
An example of a fraudulent passport website |
Potential travelers may inadvertently click on third-party websites to renew their passports while using online searches. For example, search results may include fraudulent websites such as pass[-]travel-usa[.]com, which convinces the target to fill out a form; download, print, and mail; and pay a fee. Personal information may be captured, such as name, address, phone number, email address, Social Security number, mother’s maiden name, and date of birth. Red flags for fraudulent websites include the use of government branding or icons without the use of a .GOV domain, spoofed domain names, unusual domain extensions in the website’s URL, and misspellings on the website. These websites typically do not offer a privacy policy. Also, contact information may not be listed or legitimate. Another red flag is cash payments via wire transfers, gift cards, or cryptocurrency since these methods are considered difficult to trace and recover. |
|
The NJCCIC recommends users educate themselves and others on this and similar scams to prevent future victimization. We highly recommend users navigate to secure and official websites. The United States Department of State is the official government website for applications for new passports and passport renewals, and other travel information. Additionally, special passport acceptance fairs are being held across the United States, including multiple locations in New Jersey. Users are advised to exercise caution and carefully examine search results prior to clicking links or providing sensitive information, ensuring websites are known and legitimate. Reputable websites offer privacy policies, legitimate contact information, and secure payment options. Furthermore, enable payment transaction notifications to alert of any unauthorized charges and consider using credit over debit, as credit often provides better consumer fraud protection. If an unauthorized transaction occurs, notify the associated bank immediately, lock the payment card (where available), and request a new card. If victimized, report fraud to US Passports and Visa Fraud, local police department, Federal Trade Commission, FBI IC3, and the NJCCIC. |
|
16.
The Metropolitan Opera
On May 5, the Metropolitan Opera (also known as the Met) in New York City began releasing a series of security alerts to over 45,000 individuals affected by a data breach that occurred in December 2022. In these alerts, the Met
explained that they identified suspicious activity on their network on December 6 and forensic specialists confirmed that the initial breach occurred as early as September 30. During this time, threat actors accessed sensitive information stored on the Met’s systems, which may include financial account numbers, payment card information (along with the security codes, access codes, and PIN information of affected cards), tax ID numbers, Social Security numbers, and driver’s license numbers. While the Met did not publicly disclose the nature of the breach or whether the breach affected customers or employees, the ransomware group
Snatch took credit for the attack on March 1. The Met launched an investigation in response to the incident with a team consisting of cybersecurity specialists and federal law enforcement, announcing they will provide one year of identity and credit monitoring services at no cost to impacted individuals.
17.
SchoolDude
Brightly Software distributed notifications to current and former users regarding a security incident impacting accounts associated with the SchoolDude software suite application. This online platform is used by educational institutions to manage maintenance work orders. Through unauthorized access, a threat actor was able to obtain information regarding current and former SchoolDude users, including name, email address, account password, phone number, and school district name. Brightly reset impacted users’ passwords; however, those users are highly advised to also change passwords for accounts using the same credentials. Due to the exposure of users’ email addresses and associated district names, affected users may be at an increased risk of receiving spearphishing emails and should, therefore, remain cautious with received communications.
18. Managed Care confirms breach of nearly 9 million patients' info
What happened?
..... Managed Care of North America, Incorporated (MCNA), a major insurance company, suffered a data breach that exposed the personal information of nearly 9 million patients. Hackers had access to MCNA systems from February 26 to March 7, 2023, compromising confidential patient information such as full names, addresses, birth-dates, driver's license numbers, phone numbers, social security numbers, and protected health information. If exploited cybercriminals can use this information to commit identity theft.
We have you back.
..... You can feel confident knowing that your membership gives you the tools you need if your information becomes exposed from this incident or others. You'll get an alert if we detect possible fraudulent sue of your information or find it on the dark web. If you become victim of ID theft, we work to fix it on your behalf.
19.
 |
| Data Breach Notification |
| Xfinity data breach affects more than 35 million people |
|
|
|
|
|
Why are you receiving this? |
|
|
|
|
A security incident has surfaced. You may or may not have been affected, but as always, we want to make you aware of the incident and remind you that you can take steps to help protect yourself. Check to make sure that you’re responding to LifeLock alerts, updating any software you use, changing your passwords often, and always watching out for phishing attempts. |
|
|
|
|
|
|
A security flaw is being blamed for a third-party data breach that has exposed the information of more than 35 million Xfinity customers. The internet provider reports stolen information that includes names, contact info, last four digits of Social Security numbers, and secret questions and answers. If exploited, cybercriminals can use this information to commit identity theft. |
|
|
|
|
|
|
You can feel confident knowing that your membership gives you the tools you need if your information becomes exposed from this incident or others. You’ll get an alert if we detect possible fraudulent use of your information or find it on the dark web. If you become a victim of ID theft, we work to fix it. |
|
|
|
|
Any new info you’d like us to monitor? |
|
|
|
|
Your plan already includes Dark Web Monitoring, so make sure your information is complete and current. Take a moment to add or update information like your email, home address, phone number, credit card numbers, and more. We’ll send you a notification if we detect your personal information on the dark web. In the event this happens, please refer to our dedicated support page. |
|
|
|
|
|
 |
|
No one can prevent all identity theft or cybercrime.
The Norton and LifeLock brands are part of NortonLifeLock Inc.
Copyright © 2023 NortonLifeLock Inc. All rights reserved. NortonLifeLock, the NortonLifeLock Logo, the Checkmark Logo, Norton, LifeLock, and the LockMan Logo are trademarks or registered trademarks of NortonLifeLock Inc. or its affiliates in the United States and other countries. Other names may be trademarks of their respective owners.
NortonLifeLock Inc. | 60 E Rio Salado Pkwy STE 1000, Tempe, AZ 85281 |
|
|
|
20.
| Omni Hotels & Resorts suffers breach, potentially impacting millions |
|
|
|
|
|
Why are you receiving this? |
|
|
|
|
A security incident has surfaced. You may or may not have been affected, but as always, we want to make you aware of the incident and remind you that you can take steps to help protect yourself. Check to make sure that you’re responding to LifeLock alerts, updating any software you use, changing your passwords often, and always watching out for phishing attempts. |
|
|
|
|
|
|
Omni Hotels & Resorts suffered a recent cyberattack that potentially exposed information for millions of guests, including names, emails, addresses, and more. To learn more about the breach, check out Omni Hotels & Resorts’ updates here. |
|
|
|
|
|
|
You can feel confident knowing that your membership gives you the tools you need if your information becomes exposed from this incident or others. You’ll get an alert if we detect possible fraudulent use of your information or find it on the dark web. If you become a victim of ID theft, we work to fix it. |
|
|
|
|
Any new info you’d like us to monitor? |
|
|
|
|
Your plan already includes Dark Web Monitoring, so make sure your information is complete and current. Take a moment to add or update information like your email, home address, phone number, credit card numbers, and more. We’ll send you a notification if we detect your personal information on the dark web. In the event this happens, please refer to our dedicated support page. |
|
|
|
21.
From Life Lock & Norton
 |
|
|
|
 |
| Data Breach Notification |
| Data breach exposes American Express credit cards |
|
|
|
|
|
Why are you receiving this? |
|
|
|
|
A security incident has surfaced. You may or may not have been affected, but as always, we want to make you aware of the incident and remind you that you can take steps to help protect yourself. Check to make sure that you’re responding to LifeLock alerts, updating any software you use, changing your passwords often, and always watching out for phishing attempts. |
|
|
|
|
|
|
American Express is warning card members of a third-party data breach. Several other companies that use the hacked merchant processor could also be affected. Exposed American Express Card member data includes account numbers, names, and expiration dates. If exploited, cybercriminals can use this information to commit identity theft. |
|
|
|
|
|
|
You can feel confident knowing that your membership gives you the tools you need if your information becomes exposed from this incident or others. You’ll get an alert if we detect possible fraudulent use of your information or find it on the dark web. If you become a victim of ID theft, we work to fix it. |
|
|
|
|
Any new info you’d like us to monitor? |
|
|
|
|
Your plan already includes Dark Web Monitoring, so make sure your information is complete and current. Take a moment to add or update information like your email, home address, phone number, credit card numbers, and more. We’ll send you a notification if we detect your personal information on the dark web. In the event this happens, please refer to our dedicated support page. |
|
|
|
22. Hacker breach 2 casinos in Vegas- Click Here
23. Florida company confirms massive data Breach - Click Here
24. Data breach victims top 1 billion so far this year - Click Here - 2024
25. Data of 2.2 million Rite Aid customers exposed - Click Here
