Recent Data Breaches You Should Know

Imagine for a second what would happen if your business’ data was exposed and stolen. You’d have a really difficult time going forward as your client base dwindled and your opportunities for growth dried up. Some very successful companies have had this type of thing happen. Today, we will look at some of the largest data breaches since Sept. 1.

September 

Sept. 5
Providence Health Plan: 122,000 members of the Providence Health Plan had personal information leaked when an unauthorized party accessed the company’s servers. Information that was stolen included plan member names, addresses, email addresses, birth dates, Social Security numbers, member ID numbers and subscriber numbers.

Facebook: Facebook had an unprotected server with more than 419 million records accessed.  Users had their Facebook’s user ID and phone number exposed. In some cases, user’s names, genders and locations were also leaked.

Sept. 16
Dealer Leader, LLC: 198 million prospective car buyers were left exposed by an unprotected server. The information that was left out there included names, email addresses, phone numbers, addresses and IPs.

Sept. 27
DoorDash: The popular food delivery app had 4.9 million customers’ information breached by a third party. The information left exposed included the names, delivery addresses, phone numbers, hashed passwords, order history and the last four numbers of each’s credit card number. In the same hack, more than 100,000 delivery drivers had their driver’s license information leaked.

Sept. 30
Zynga: The mobile game maker, with popular mobile games such as Farmville and Words with Friends, has announced that 218 million players had their data exposed after their network was breached by a hacker. The company had player names, email addresses, login IDs, phone numbers, Facebook IDs and more left exposed.

October

Oct. 17
Methodist Hospitals of Indiana: The Methodist Hospitals of Indiana fell victim to an email phishing scam, and it allowed hackers to steal 68,000 records that included names, addresses, birth dates, Social Security numbers, driver’s licenses and more.

Oct. 21
Autoclerk: Autoclerk, a hotel property management software developer, had an open database infiltrated exposing data that included names, birth dates, home addresses, phone numbers, dates of travel, travel costs, room numbers and some masked credit card details of hundreds of thousands of guests.

Oct. 22
Kalispell Regional Healthcare: More than 130,000 Social Security numbers, addresses, medical record numbers, birth dates, medical histories and treatment information and names of treating physicians were exposed by hackers.

Oct. 26
Adobe: Data was exposed that included email addresses, usernames, location, Adobe product licenses, account creation dates and payment statuses. 7.5 million users were affected.

Oct. 27
Network Solutions: The world’s oldest domain name provider was exposed in a hack. Millions of individuals’ data that included names, addresses, phone numbers, email addresses and service information was compromised.

November

Nov. 9
Texas Health Resources: The Texas-based health care provider reported a data breach where 82,000 patient records were exposed. Included in the breach were names, addresses, email information, health information and more.

Nov. 16
Disney+: The brand-spanking-new Disney+ streaming service had new user account information hijacked by hackers. Login credentials wound up on the dark web soon after.

Magic the Gathering: The popular online strategy game has reported that an unsecured website database has exposed 452,000 player records that include names, usernames and more.

Nov. 18
State of Louisiana: The State of Louisiana has been a victim of a ransomware attack that took down many state agencies’ servers. Although no data is said to be lost, the state’s crucial computing infrastructure was down for several days as systems were restored from backup.

Nov. 19
Macy’s: Macy’s had their ecommerce site hacked. Hackers embedded malicious code into their checkout page and put a skimming code on the company’s wallet page. The malware retrieved names, addresses, phone numbers, email addresses, payment card numbers, card security codes and card expiration dates.

Nov. 22
T-Mobile: T-Mobile had more than 1 million customers’ information accessed by a hacker. Information accessed included names, billing addresses, phone numbers, rates and calling features.

Unknown: An unsecured server containing more than 622 million email addresses and 50 million phone numbers and millions of pieces of other information was discovered. It is unknown what organization this data is tied to as the time of writing.

With hundreds of millions of records being exposed each month, it’s hard to feel confident about giving your personal or financial information to anyone in the current threat landscape. If your business needs help trying to be secure, call us today at 844.671.6071.