IdentityForce Logo IdentityForce Logo
Protect What Matters Most.
Posted on August 30, 2019 by in Data Breach & Technology, Identity & Privacy, Personal

There has been a trend this August with companies requesting users reset passwords after their personal information has been exposed in a data breach. This reaction from organizations confirms that updating your account logins with a new, hard to crack password may decrease the vulnerability of having hackers takeover your accounts. 

Here are the recent data breaches that made headlines in August 2019:

Poshmark

A hacker accessed the names, usernames, genders, city data, email addresses, size preferences, and scrambled password of up to 50 million users of the online marketplace, Poshmark.

StockX

Over 6.8 million Stock X customers were emailed a password reset after an unknown third party accessed customer names, email addresses, shipping addresses, usernames, hashed passwords, and purchase histories.

Presbyterian Healthcare Services

Presbyterian Healthcare Services of New Mexico reported a data breach exposing the names, dates of birth, Social Security numbers, along with health plan and clinical information of 183,000 medical patients. The healthcare service fell victim to a phishing attack, giving hackers access to the patient information.

CafePress

The custom T-shirt and merchandise company, CafePress, sent out a pass reset before disclosing it had exposed the names, email addresses, physical addresses, phone numbers, and hashed passwords of over 23.2 million customers.

State Farm

Through a credential stuffing attack, an unknown number of State Farm insurance users became victims of an account takeover scheme, where the hackers accessed their accounts using the usernames and passwords exposed from another company’s data breach.

Hy-Vee

Hy-Vee, a supermarket chain, announced their point-of-sale (PoS) systems were hacked this month. The breach to the payment processing systems affected customers who made purchases at Hy-Vee fuel pumps, drive-thru coffee shops, and restaurants (Market Grilles, Market Grille Express, and Wahlburgers) but not their grocery stores, drugstores, or convenience stores. Later this month, a database with 53 million credit and debit card accounts linking back to this breach was put up for sale in the Dark Web.

Choice Hotels

A hacker accessed guest records belonging to hotel franchise Choice Hotels through an unsecured database, leaving a ransom note demanding money for the halt of further exposure. The names, addresses, and phone numbers of 700,000 guests were impacted by the breach.

BioStar 2

A database belonging to BioStar 2, a security platform, exposed the biometric data of 27.8 million individuals. The database contained the facial recognition information, and unencrypted usernames and passwords and fingerprint data of 1 million individuals.

MoviePass

An unsecured on a server containing names, addresses, MoviePass debit card number, card expiration date, card balance and activation date of moviegoers subscribed to the movie ticket subscription service, MoviePass, was left exposed. The server was not password protected and impacted the personal and credit card information of 58,000 subscribers.

Hostinger

Over 14 million clients of the web hosting company, Hostinger, were urged to reset their passwords following a hack to their API server which exposed first names, usernames, email addresses, IP addresses and hashed passwords.

Foxit

The PDF Reader software company, Foxit, requested 328,000 of its users to updated their passwords after they discovered a hacker had access to names, email addresses, passwords, phone numbers, company names, and IP addresses.

Data Breach Response Plan