Unsecured databases and data leaks leave millions of consumer credentials up for grabs on the internet. The abundance of Personally Identifiable Information (PII) in the hands of cybercriminals has left hackers feeling generous. This month, multiple databases containing the stolen information of over 386 million consumers were posted online in a hacker forum — all for free. The posting of these free databases was done for “everyone’s benefit” according to the hacker, which is bad news for personal identities.
Here are the recent data breaches that made headlines in July 2020:
Popular casino gambling app Clubillion has suffered a data leak, exposing the PII of millions of users around the world according to researchers at vpnMentor. While it was open to searchers, the Clubillion database was recording up to 200 million records a day, including users’ IP addresses, email addresses, amounts won, and private messages within the app. The majority of Clubillion’s daily users are from the United States.
Over 450,000 residents of Polk County, Florida had their driver’s license numbers and Social Security numbers exposed after an employee at Polk County Tax Collector fell victim to a phishing attack.
An unsecured server exposed the sensitive data belonging to 60,000 customers of the family history search software company, Ancestry.com. The details leaked include email addresses, geolocation data, IP addresses, system user IDs, support messages and technical details.
Dave Mobile Banking App
A third-party breach leaked the account details of over 7.5 million users of the digital banking app, Dave. Although no financial information was disclosed, the breach exposed names, phone numbers, emails, birth dates, home addresses, and encrypted Social Security numbers.
The online alcohol delivery startup Drizly disclosed to its customers that a hacker accessed the account details of 2.5 million Drizly accounts. The customer information exposed included email addresses, date-of-birth, and hashed passwords.
The video creation platform, Promo.com, confirmed their 22 million customers have had their personal and account information exposed in a third-party data breach. The compromised data includes names, email addresses, IP addresses, user location, gender, and encrypted passwords.
An unsecured database exposed the Personally Identifiable Information(PII) of 19 million customers and potential employees of the cosmetic company, Avon. The leaked information included names, phone numbers, dates of birth, email and home addresses, and GPS coordinates, as well as other technical information.