1.6 Million people who filed for unemployment claims in 2020 in Washington state have had their personal information exposed in a data breach. The Washington State data breach was due to data stolen from a third-party company, Accellion.   What Personal Information Was Exposed in the Washington State Data Breach? · Names · Social Security numbers · Driver’s License or state […]

Bonobos suffered a data breach when the hacking group, ShinyHunters, downloaded and posted a database on a free hacker forum, compromising close to three million accounts.   ShinyHunters also stole a database from online dating website MeetMindful.com, compromising 1.4 million accounts and exposing 2.28 million user’s information. Data in the database included IP addresses, encrypted account passwords and Facebook information.  A U.S. Cellular data breach occurred after hackers were able to […]

The Identity Theft Resource Center (ITRC) unveiled its 15th annual data breach report, which revealed a 19 percent decrease in breaches and a 66 percent decrease in individuals impacted.  The ITRC 2020 Data Breach Report identifies a trend that cybercriminals are less interested in stealing large amounts of consumers’ personal information.  Threat actors are now more interested in taking advantage of bad consumer behaviors […]

In 2020, the number of individuals impacted by a data breach was down 66 percent from 2019; cybercriminals continue to shift away from mass attacks seeking consumer information and towards attacks aimed at businesses using stolen logins and passwords   SAN DIEGO, January 28, 2021 – Today, the Identity Theft Resource Center® (ITRC), a nationally recognized non-profit organization […]

A T-Mobile repeat data breach event resulted from unauthorized access to 200,000 customer accounts, including call records. It is the fourth time T-Mobile has sent a data breach notification since 2018. The T-Mobile data breach in December was the second one in 2020. An investigation into the SolarWinds data hack has not revealed any evidence […]

Last week, FireEye, a cybersecurity provider, revealed their tools to detect and block sophisticated cyberattacks were stolen in a security breach.  This week we learned attackers, believed to be affiliated with Russia’s state security service, infiltrated government agencies and potentially thousands of companies through a software update from IT management company SolarWinds that was issued months ago.  So far, there is no indication that […]

A Canon data breach resulted from a ransomware attack on the company by the Maze ransomware group. Canon is just one of many companies recently hit with a ransomware attack, a trend the Identity Theft Resource Center predicts to continue in 2021.   The mobile video game Animal Jam suffered a data breach affecting 46 million users after threat actors stole a database. However, WildWorks, the game’s owner, has been very transparent throughout the […]

Vertafore, a Denver based insurance tech company, discovered three files containing driver-related information were posted to an unsecured online storage service. The files included data from before February 2019 on nearly 28 million Texas drivers. The files included lienholder information, drivers’ license numbers, names, dates of birth, addresses and vehicle registration histories. Failing to secure […]

The software provider behind some of the largest travel websites, Prestige Software, maintained a cloud database without a password. The unsecured database led to approximately 10 million accounts being available to view online to anyone who knew where to look.   Prestige Software provides technology services to Booking.com, Expedia, Hotels.com, Sabre and other hotel reservation websites around the world. Information included credit card details, payment details […]

Timberline Billing Service recently determined a supposed ransomware attack led to encrypted files and information removed from their network. So far, the Identity Theft Resource Center (ITRC) has tracked 14 impacted schools.   A database exposure was recently discovered at BankSight Software Systems, exposing over 300 million records for at least 100,000 people.   MAXEX exposed 9 GB of internal data, including confidential banking documents, […]