Here are the top 5 breaches reported in September:
Yahoo! – Although the breach occurred in late 2014, Yahoo and its users started feeling the ramifications in September. The company confirmed that data from at least 500 million user accounts were stolen, including names, email addresses, telephone numbers, dates of birth and “hashed” passwords. This may be the largest cybersecurity breach ever and the company believes it may have been the result of a state-sponsored actor. Yahoo also found that a hacker was selling a database consisting of 200 million users in August.
World Anti-Doping Agency – A group of Russian hackers claimed responsibility for breaching the World Anti-Doping Agency’s database and initially leaking medical information of tennis player Serena Williams and gymnast Simone Biles in what could be retaliation for the suspension of Russian athletes during the Olympics. They also recently released the medical records of Spanish tennis player Rafael Nadal, British runner Mo Farah, and American gymnast Laurie Hernandez.
ClixSense – The company acknowledged a data breach in which a hacker was able to gain access to its database using an old server that was still networked. The hacker posted 2.2 million records, while offering an additional 4.4 million more to the highest bidder. The information includes account passwords, user birth dates, email addresses, account balances and payment histories.
BlueSnap – Although the company hasn’t acknowledged this yet, it is believed that approximately 324,000 users have been affected by a data breach at BlueSnap, a payment gateway, or its affiliate RegPack. The news of this breach became public when a link was posted on Twitter that reportedly contained the financial data of the company’s users, including the CVV codes on their credit cards.
Idaho Department of Fish and Wildlife – Another state agency fell victim to a breach that may include data from 2.4 million license buyers. Active Network, the company that manages the site, has agreed to provide a customer call center and identity protection services to those whose data was potentially compromised. The stolen data includes names, addresses, dates of birth and the last four digits of the Social Security numbers, and some customers’ driver’s license numbers.
From online giants to state agencies, no one seems to be immune from hackers. There is a better approach to protecting your company’s most valuable assets. Start by clicking here to learn how your cyber posture compares to other leading organizations.
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.