There’s a reason that browsers like Firefox, Chrome, Edge etc. have integrated password breach notifications recently. Data breaches are an unfortunate part of life, and can have costly consequences for individuals. Hackers can steal identities and compromise bank accounts, just to name a couple. We bet it has happened to you too!
Don’t believe us? Check for yourself (for free), we bet you’ll be shocked!
Cybercriminals breach almost 5,000 websites every single month with form-jacking code. It has become all too common to hear of a large hotel chain or social media company exposing customer data.
Hackers breach your private information and passwords without you even knowing it, and the time from breach to notification of the breach can be quite. One example is the data breach of CafePress, a popular online retailer that prints personalized items. CafePress suffered a data breach in February 2019 exposing millions of names, addresses, security questions, and more. Hackers also breached social security numbers that weren’t encrypted.
As mentioned, the breach happened in February. But many consumers weren’t notified until late summer. The FTC recently took action against the company as a result, citing their careless security practices.
The point is that months-to-years can go by where your compromised data is being bought and sold on darknet markets, without any notice or warning. Unless you happen to look at the right website, you may not even realize it. Those breached password features in browsers are helpful, but what if you have other information beyond a password compromised?
It’s best to protect yourself with some basic tips and tricks. We’ll help start your journey by listing several recent breaches. If you’ve interacted with any of these companies, you’ll want to take steps to protect yourself from the fallout before it’s too late.
Recent Breaches of Personal Information You Might Be Caught Up In
Microsoft’s Customer Data Breach
On October 19, 2022, Microsoft announced a customer data breach. A server misconfiguration was the cause, and the breach exposed lots of business transaction data. It’s thought that the breach affected more than 65,000 entities worldwide.
2.5 Million Student Loan Records Exposed
Did you get a student loan from EdFinancial and/or the Oklahoma Student Loan Authority (OSLA)? If so, you’ve been caught up in a breach! The organizations notified impacted individuals by letter in July 2022.
Personal information found in the breach include:
The breach compromised over 2.5 million loan recipients’ data.
U-Haul Breach of 2.2 Million Customers’ Data
Vehicle & Storage rental firm U-Haul is a household name. When it comes to moving, U-Haul is top of mind. It also just had a major data breach, notifying clients in August 2022 that some rental agreements were compromised. The contacts in question were dated from November 5, 2021, to April 5, 2022.
The breach exposed names, driver’s license numbers, and personal identification numbers. It impacted over 2.2 million individuals that rented vehicles from the company within the above timeframe.
Neopets Breach May Have Compromised 69 Million Accounts
What a throwback! If you were growing up on the internet in the 2000s, you might have played a browser game called Neopets. You wouldn’t suspect a cute site like that to be a cybersecurity risk, but users of the platform got a rude awakening due to a breach of the service. An estimated 69 million accounts may have had emails and passwords leaked.
The full stolen Neopet database and copy of the source code were being offered for sale for about $94,500. While (we hope) your password practices have evolved since then (password123 is not a best practice…), chances are some of the data may still be of use to buyers, so take steps to ensure you have everything covered.
A Single Employee Computer Caused a Marriott Breach
Hotel giant Marriott suffered yet another breach in July 2022. This time, they blamed a single unsecured employee computer. About 300-400 individuals had data leaked, so nothing huge. Unfortunately, this data included credit card numbers and other confidential information.
This is especially disappointing, as the company continues to show a pattern of poor cybersecurity. Within the last four years, they’ve suffered three separate major breaches. That’s enough to want to pay in cash or use a pre-paid card if you stay there, though they likely require a credit card for damage protection.
Shield Health Care Group Exposed ~2 Million Records
In March 2022, Shield Health Care Group detected a breach. This Massachusetts-based company found hackers stole up to potentially 2 million customer records. This includes medical records, social security numbers, and other sensitive personal data.
Flagstar Bank Took 6 Months to Inform Individuals Affected in Breach
In December 2021, Flagstar Bank suffered a major breach. It wasn’t until 6 months later that it identified the individuals affected. The impact was quite large, including exposed social security numbers. The hack impacted about 1.5 million customers.
8.2 million Current & Former Block Customers Exposed
Formerly known as Square, Block is a popular mobile payment processing platform. They announced in April 2022 that they suffered a breach that previous December. A former employee accessed customer names and brokerage account numbers. Some accounts also had other stock trading information accessed to boot. Overall, ~8.2 Million individual entities were exposed in the leak
Hackers Net North of $30 Million in Crypto.com Breach
Cryptocurrency was pretty hot recently, which always leads to a spike in cyberattacks. January 2022 saw over 483 users find their Crypto.com wallets drained.
The criminals made it past two-factor authentication, which is usually quite effective. They stole about $18 million in bitcoin, and a further $15 million in Ethereum + other cryptocurrencies.
Do You Know How Secure Your Passwords Are?
There are many solutions that can help you better manage and secure your passwords, without having to manually check or monitor the darknet. Give us a call to learn more about how we can protect and monitor your personal data, both on the clearnet and on the darknet.