A recently announced Evite data breach has some alarming potential outcomes. The internet-driven invitation platform allowed people to sign up for events and virtual meetups, so the very nature of the website gave outsiders a way to contact users via email. Access to the users’ Evite accounts means a hacker could send phishing attempts, malicious […]

In what has become an alarming security trend, yet another company has exposed millions of consumers’ profiles online due to a non-password protected web-based server. Ladders, a recruitment site that lets users create a profile that can be shared with potential employers, was using an Amazon-hosted web server to store the profiles; according to a […]

Why Has UCSD Failed to Notify HIV Patients of Data Breach? Data breaches are already upsetting enough, especially when your highly-sensitive personally identifiable information is put at risk. But when it comes to data breaches and fraud, perhaps there’s no greater intrusion than to suffer a data breach of your medical information; somehow though, even […]

United States Customs and Border Protection (CBP) announced that it was victim of a data breach at the hands of a third-party partner. The information exposed included photos of license plates and travelers. CBP released a statement about the breach saying, “In violation of CBP policies and without CBP’s authorization or knowledge, [a subcontractor] transferred […]

This is an emerging data breach incident – this information will be updated as ITRC receives more information. Last update: 06/07/19 10:30 am Quest Diagnostics is one of the United States’ premier providers of medical testing. They are notifying customers who may be at risk because a third party vendor, American Medical Collection Agency (AMCA), […]

In yet another example of technology outpacing its users, an unsecured database of First American Financial has exposed hundreds of millions of records, including complete identities—names, account numbers, Social Security numbers, and much more—of American consumers. The information was compiled in a database that was left unsecured on a web-based server, meaning anyone with internet […]

When news of yet another data breach comes out, the reaction can range from panic to “blah.” At the one of end of the spectrum, consumers can be left with documented feelings of stress, fear and even paranoia about further attacks to their identity. At the same time, a very real phenomenon known as “data […]

A security researcher discovered an unsecured online storage server—an all-too-common occurrence known as an accidental overexposure—that linked to 4.9 million lines of patient records from an addiction treatment center called Steps to Recovery. Those millions of lines of information were not all for separate patients, but rather were separate entries on almost 150,000 of the […]

Microsoft announced a data breach that gave hackers limited access to some of its customers’ email accounts. The hackers were able to see email addresses, subject lines of emails, and folders, but not open any emails or their attachments. They also were not able to obtain the customers’ passwords. Essentially, the hackers were able to […]

Hackers are targeting vendors of companies for third-party data breach efforts. This trend rose in 2018, with over 4 million records exposed do to criminal efforts focused on vendor security. Data breaches often occur at the hand, or keyboards, of hackers. Criminals can infiltrate insecure systems and steal personal data owned or stored by a […]