October 25, 2024
October 29, 2024
As autumn ushers in cooler days and the start of festive holiday preparations, cybercriminals continue to ramp up their efforts, with a surge in data breaches reminding us that online threats are ever-present. Recently, companies like Disney, Dell, Fortinet, Comcast, ADT, and MoneyGram have experienced significant data breaches compromising user data. Read on to learn more about each incident:
Disney
Organization Description: The Walt Disney Company is a media and entertainment conglomerate.
Breach Size: 1.1TB
Data Exposed: In July, a data breach at Disney exposed over 1TB of internal Slack messages and files from nearly 10,000 channels. Affected information includes upcoming project details and information related to financials and information technology. This follows another data breach earlier this year, in which 2.5GB of corporate and Club Penguin data was leaked from Disney’s Confluence server. Disney has announced they are transitioning away from the use of Slack and will be implementing new company-wide collaboration tools.
Dell
Organization Description: Dell Inc. is an American technology company specializing in the development and sale of computers.
Breach Size: 10,000
Data Exposed: Dell has recently confirmed it suffered a data breach impacting over 10,000 employees and partners. A threat actor posted a sample of the stolen information on an online hacking form, including employees’ full names, unique identifiers, employment status, and an internal identification string. The full set of stolen data was listed for one site credit, worth approximately $0.30. Dell’s security team is currently investigating the claims.
Fortinet
Organization Description: Fortinet is a cybersecurity company developing and selling security solutions.
Breach Size: 440GB
Data Exposed: Cybersecurity giant Fortinet has confirmed it experienced a data breach in which 440GB of data was stolen from Fortinet’s Microsoft SharePoint server. A limited number of customer data was exposed, though the type and amount of data has not been disclosed. Fortinet is investigating the breach and says that at this time, no malicious activity has affected customers.
Comcast
Organization Description: Comcast Corporation is a telecommunications conglomerate known for broadcasting and cable television.
Breach Size: 273,000
Data Exposed: Following a data breach impacting Financial Business and Consumer Solution (FBCS) in February 2024, the debt collection agency has revealed that among the 4 million impacted individuals, over 273,000 Comcast customers were affected by the breach. Compromised data included names, addresses, Social Security numbers, dates of birth, and Comcast account and ID numbers.
ADT
Organization Description: ADT is a leading provider of security systems for residential and corporate customers.
Breach Size: Unknown
Data Exposed: ADT has recently announced it suffered a second data breach in two months after cybercriminals used stolen credentials from a third-party business partner to access encrypted employee account data. No customer data was impacted. ADT has shut down IT systems to terminate access to its systems and is working with cybersecurity experts to investigate the breach.
MoneyGram
Organization Description: MoneyGram International offers peer-to-peer payments and wire transfers via a website or app.
Breach Size: Unknown
Data Exposed: MoneyGram has confirmed that bad actors have stolen customer information following a September cyberattack. Compromised information includes Social Security numbers, transaction information, email and postal addresses, names, phone numbers, bank account numbers, government IDs, and more. The data was exposed through a social engineering attempt on MoneyGram’s IT help desk, in which cybercriminals impersonated an employee. MoneyGram has sent notifications to impacted customers and is working with cybersecurity experts from CrowdStrike to investigate the incident.
Hacking & Phishing News
Malvertising
Malvertising is a type of cyberattack that involves placing malware-laden ads on legitimate websites. The embedded code redirects users to unsafe websites, often requiring little or no interaction with the malicious advertisement itself. Malicious advertisements may also install spyware onto a target’s computer in an attempt to gain access to sensitive personal information. The use of an ad blocking software can greatly reduce the risk of falling victim to a malvertising attack.
Smishing
Smishing, or SMS phishing, is a form of social engineering in which scammers send fraudulent text messages to potential victims. These messages often include malicious links or urgent requests for personal data from scammers impersonating banks, postal services, or claiming the recipient has won some form of prize, raffle, or lottery. Since people tend to trust text messages more than emails, smishing has become an increasingly popular tactic for cybercriminals in recent years. To avoid falling victim to a smishing attempt, never click on links or respond to messages from unknown numbers, verify the sender’s identity through official channels, and be cautious of urgent requests for personal information.
Learn More
These recent data breaches underscore the ongoing data security challenges facing both organizations and individuals. As cybercriminals persist in their attempts to steal and misuse sensitive information, it’s more critical than ever to protect your personal data. Simple measures like using strong passwords, enabling multi-factor authentication, and remaining alert to phishing scams can greatly reduce your risk of identity theft. Pair these actions with a comprehensive identity theft protection service like IDSeal, which offers more than just monitoring and alerts — you’ll have access to white-glove identity restoration services and 24/7 support from a dedicated team.
Related Articles
Major Data Breaches & Hacking News in June 2024
June 27, 2024While many people across North America were celebrating the end of school, Father’s Day and the beginning of summer this June, identity thieves were celebrating major wins in data breaches. Companies such as Live Nation, Christie’s, Truist Bank, KeyTronic, Panera Bread, and Frontier have all faced significant security…
IDSeal® allows you to independently manage your identity
As we celebrate Independence Day this month, it’s a perfect time to reflect on the true essence of independence. Just as our nation values freedom and self-governance, it’s equally important to adopt a mindset of personal responsibility in our everyday lives. One critical area where this mindset is essential is…
Start protecting your identity today! Signing up is quick & easy
Remember, 1-in-4 Americans are the victim of identity theft. It's not a matter
of if you'll become a victim, it's when...
Get Protected
