Login credentials were a jackpot for hackers in April, with companies like Zoom, Facebook, and Nintendo exposing millions of their user’s emails and passwords. It is essential to safeguard your information by updating your passwords, making sure you do not use the same password on multiple accounts, and turn on two-factor authentication to further protect yourself from account takeover attacks.
If you are part of the remote workforce, read more about the latest COVID-19 scams and download additional safe online conferencing tips in our free, sharable tip sheet, Eight Tips for Safe Online Conferencing.
Here are the recent data breaches that made headlines in April 2020:
A digital wallet app, Key Ring, left stored customer data of 14 million users accessible in an unsecured database. The app allows its users to easily upload and store scans and photos of membership and loyalty cards to a digital folder in their mobile device. The exposed data includes names, full credit card details (including CVV numbers), email address, birth date, address, membership ID numbers, retail club and loyalty card memberships, government IDs, gift cards, medical insurance cards, medical marijuana IDs, IP address and encrypted passwords.
San Francisco International Airport (SFO)
Two websites hosted by the San Francisco International Airport (SFO), SFOConnect.com and SFOConstruction.com, suffered a security incident in which hackers injected malicious code to collect users’ login credentials. The malware gained access to usernames and passwords used to log on to the impacted websites.
The credentials of over 500,000 Zoom teleconferencing accounts were found for sale on the dark web and hacker forums for as little as $.02. Email addresses, passwords, personal meeting URLs, and host keys are said to be collected through a credential stuffing attack.
A collection of 4 million login records belonging to the online marketplace Quidd was breached through a hack then posted on the dark web forum for free. Once accessible, the usernames, email addresses, and hashed account passwords were shared among members of the forum. Although the passwords were hashed, cybercriminals are unhashing them and selling the data again.
The personal and medical information of over 112,000 employees and patients of Beaumont Health was accessed by a malicious actor after compromising employee email accounts through a phishing attack. The information impacted includes names, birth dates, Social Security numbers, driver’s license numbers, medical condition data and bank account data.
More than 267 million Facebook profiles have been listed for sale on the Dark Web – all for $600. Reports link these profiles back to the data leak discovered in December, with additional PII attached, including email addresses. Researchers are still uncertain how this data was exposed originally, but have noted that 16.8 million of the Facebook profiles now include more data than originally exposed.
A card payments processor startup, Paay, left a database containing 2.5 million card transaction records accessible online without a password. The exposed payment transaction belonging to 15 to 20 merchants includes full plaintext credit card number, expiry date and the amount spent.
A credential stuffing attack using previously exposed user IDs and passwords of popular video game company, Nintendo, granted hackers access to over 160,000 player accounts. With unauthorized access to the accounts, the fraudsters may have purchased digital items using stored cards as well as view personal information including name, date of birth, gender, country/region and email address.
Ambry Genetics, a genetic testing laboratory based in the U.S., announced 233,000 medical patients had their personal and medical information accessed by a third party through an employee email. The unauthorized party accessed names, information related to customers’ use of the genetic laboratory’s services and medical information as well as the Social Security numbers of some of the victims.