#CustomerProtection

Patelco Credit Union Scrambling to Restore Systems Following Ransomware Attack

by

July 3, 2024 at 08:41AM Patelco Credit Union, serving 500,000 customers, faced a ransomware attack, impacting its online banking, mobile app, and call center. Electronic transactions are unavailable and restoration efforts are ongoing. Patelco emphasized secure system restoration, cooperation with cybersecurity experts, regulators, and law enforcement. Customer reimbursement for late payment fees is assured. Based … Read more

Santander Falls Victim to Data Breach Involving Third-Party Provider

by

May 16, 2024 at 05:16PM Santander, a Spanish bank, experienced a data breach from a third-party provider, impacting customers in Chile, Spain, and Uruguay. The bank quickly blocked access to the compromised database and implemented fraud prevention measures. External breaches are becoming a common issue for financial institutions, highlighting the need for proactive risk assessment … Read more

Banco Santander warns of a data breach exposing customer info

by

May 15, 2024 at 10:16AM Banco Santander S.A. confirmed a recent data breach impacting customers and employees in Spain, Chile, and Uruguay. The unauthorized access to a third-party hosted database led to the compromise of information for current and some former employees as well as customers. The bank has implemented fraud prevention measures and assured … Read more

Dell customer order database of ’49M records’ stolen, now up for sale on dark web

by

May 9, 2024 at 02:07PM Dell confirmed a data breach on one of its portals, with information stolen from 49 million records now for sale on the dark web. The stolen data includes customer names, addresses, and Dell equipment details, but not payment info. Dell is undertaking an investigation and taking steps to protect customer … Read more

FCC fines carriers $200 million for illegally sharing user location

by

April 29, 2024 at 03:41PM The FCC has fined major U.S. wireless carriers around $200 million for sharing customers’ real-time location data without consent. AT&T, Sprint, T-Mobile, and Verizon faced fines for unauthorized disclosure of location information. Carriers sold data to third parties without obtaining valid customer consent, failing to safeguard it as required by … Read more

Roku Mandates 2FA for Customers After Credential-Stuffing Compromise

by

April 15, 2024 at 04:19PM Roku is enforcing mandatory two-factor authentication for all users following two incidents where customer accounts were compromised. Approximately 591,000 customers were affected, with 400 having their accounts used for unauthorized purchases. The breach did not expose sensitive financial or personal information, and Roku has reset passwords for the affected accounts. … Read more

Roku warns 576,000 accounts hacked in new credential stuffing attacks

by

April 12, 2024 at 11:06AM Roku disclosed two separate incidents of account breaches in March, with approximately 576,000 accounts compromised in the latest attack. Threat actors utilized stolen login information from other platforms to execute credential stuffing attacks. While some accounts were used for unauthorized purchases, Roku confirmed no sensitive information was accessed. Additionally, the … Read more

AT&T now says data breach impacted 51 million customers

by

April 10, 2024 at 10:44AM AT&T notifies 51 million current and former customers of a data breach, exposing personal information in a hacking forum. Despite delay, AT&T confirmed the data’s origin and issued identity theft protection. Customers urged to monitor accounts. AT&T faces lawsuits for delay and risks of cyber attacks. The breach raises concerns … Read more

Cyberattack Causes Disruptions at Omni Hotels

by

April 4, 2024 at 10:30AM Omni Hotels & Resorts announced a cyberattack prompted system shutdowns on March 29. With operations in 50 upscale North American hotels and around 14,000 employees, the chain has restored most systems and is investigating the event’s scope with external specialists. Though suspected as ransomware, no group has claimed responsibility. Customers … Read more

AT&T Confirms 73M Customers Affected in Data Leak

by

April 1, 2024 at 04:09PM AT&T denies unauthorized access but admits data set on Dark Web including sensitive customer information is genuine. Based on the meeting notes, the key takeaway is that AT&T denies unauthorized access but acknowledges that a data set containing sensitive customer information has been released on the Dark Web, affirming its … Read more