Unsecured databases continue to expose the personal and financial information of millions of consumers, leaving individuals at increased risk for identity theft, credit card fraud, and more. Research by Comparitech found the hackers prey on newly uploaded databases and can compromise it’s data within hours if it is not protected with a strong password.
Here are the recent data breaches that made headlines in November 2020:
JM Bullion
November 3, 2020: Malware embedded in the online shopping platform of precious metals dealer, JM Bullion, captured the personal and banking card information of customers who made purchases between February and July 2020. Using the malicious code, hackers we able to collect an undisclosed number of customer names, addresses, and payment card details including account numbers, card expiration dates, and the security codes.
Mashable.com
A database containing staff, users, and subscribers data of the online media company, Mashable.com, was leaked by hackers. The database contains an undisclosed number of names, email addresses, country, gender, job description, online behavior related details, date of registration, IP addresses, social media profile links, and authentication tokens.
Expedia, Hotels.com & Booking.com
An unsecured database belonging to the hotel reservation platform, Prestige Software, leaked sensitive data from over 10 million hotel guests worldwide, dating as far back as 2013. The third-party data leak affected guests that have booked reservations through travel companies such as Expedia, Hotels.com, Booking.com, Agoda, Amadeus, Hotelbeds, Omnibees, Sabre and more. The information exposed in the data leak includes names, email addresses, national ID numbers, phone numbers of hotel guests, and reservation details such as reservation number, dates of a stay, the price paid per night. The unsecured database also disclosed sensitive credit card details from over 100,000 guests, including card number, cardholder’s name, CVV, and expiration data, and total cost of hotel reservations.
Vertafore
Vertafore, an insurance software firm, fell victim to a data breach and exposed the personal and driver’s license data of over 27 million Texas citizens. The files accessed by an unauthorized party contained Texas driver license numbers, as well as names, dates of birth, addresses and vehicle registration histories.
Pray.com
An unsecured database belonging to the Christian faith app, Pray.com, exposed the personal information of over 10 million individuals – including users of the app and their contacts. The impacted information includes photos uploaded by the app’s users, names, home and email addresses, phone numbers, marital status, login information along with users’ phone contacts names, phone numbers, email, home and business addresses, company names and family ties.
- 2014 Data Breaches | Major Data Breaches
- 2015 Data Breaches | Data Breaches That Made Headlines
- 2016 Data Breaches | The Largest Data Breaches of the Year
- 2017 Data Breaches | The Year of Equifax
- 2018 Data Breaches | The Worst Breaches of the Year
- 2019 Data Breaches | The Biggest Breaches of the Year
- 2020 Data Breaches | The Worst So Far
