IdentityForce LogoIdentityForce Logo
Protect What Matters Most.
Posted on November 27, 2019 by in Data Breach & Technology, Identity & Privacy, Personal

November is the time we start preparing for the holidays and gift-giving — and online shopping — kicks into high gear. The end of the year distractions are also the time data breaches increase and identity thieves took for opportunities to steal your sensitive information. Prepare yourself, your family, and your employees with a refresher on safe online shopping habits, so your holiday season is full of joy and time spent together instead of time spent repairing your identity.

Here are the recent data breaches that made headlines in November 2019:

Disney Plus

Users of the newly released Disney+ streaming services were locked out of their accounts after being hijacked by fraudsters. Disney+ members’ login credentials, including usernames and passwords, were found up for sale on the Dark Web starting at $3 per record.

Macy’s E-Commerce Website

Macy’s e-commerce site was hacked by a third party, embedding malicious code into Macy’s online checkout page. A skimming code was also placed on the Macy’s Wallet page, used by account holders to store payment credentials. The malware gathered names, full addresses, phone numbers, email addresses, payment card numbers, card security codes, and payment expiration dates of shoppers who made purchases through the Macy’s website.


Over 1 million T-Mobile customers had their personal information accessed by a hacker. Their names, billing addresses, phone numbers, account numbers, rates, plans and calling features were exposed, but no financial or password data were compromised.


The unsecured server containing over 622 million email addresses, 50 million phone numbers, along with names and profile information from LinkedIn and Facebook, such as email addresses, employers, locations, job titles, names, phone numbers, and social media profiles was discovered. The data of over 1.2 billion individuals has been exposed and the owner of the database remains unknown.

Data Breach Response Plan