Here’s your monthly roundup of the latest hacks and data breaches around the world. In this new monthly series, we’ll share information and updates on the most recent hacks that have made headlines, including causes, resolutions, and what you can do to protect your data.
April saw what has now become the usual list of successful cyber attacks and data breaches across all industries, with healthcare and retail dominating the list.
Panera Bread
On April 3, 2018, it was reported that Panera Bread may have exposed the personal data of millions of customers who made purchases via their website. No full credit card numbers were among the information stolen, however names, addresses, email addresses, and birthdays were, all information that can easily lead to identity fraud. While Panera admits to 10,000 customer records being stolen, security expert Brian Krebs believes the number to be much higher, and that he noticed the breach 8 months ago. Read More.
Hudson’s Bay Co.
The Canadian based company which is the parent company of Saks Fifth Avenue and Lord & Taylor announced that they were recently hit by a data breach that likely compromised millions of customer card information. They were targeted by the criminal group JokerStash, who sells credit card information on the black market. While it is still too early to tell how many cards were affected, this is shaping up to be one of the biggest payment card hacks in the last couple years. Read More.
Careem
A popular ride sharing service in the Middle East experienced a major data breach of more than 14 million of their customers. While there is no evidence that credit card information was stolen, personal information like name, email address and trip information was compromised. Read More.
Center for Orthopaedic Specialists
A mult-office medical group in California experienced a ransomware attack on their computer systems. Malware software was used to gain access to the network and encrypt patient data, however before the data was lost permanently, their IT vendor was able to take the system offline permanently. While it is believed that no patient information was compromised, the COS group is working to inform patients and offer them free identity protection services for the next two years. Read More.
Under Armour
In one of the largest breaches so far this year, Under Armour, the owner of the popular fitness app, MyFitnessPal, announced that over 150 million users had their personal data stolen. While no government-issued identifiers like social security numbers were stolen, the hackers now have valuable information into the habits and whereabouts of users. Under Armour says no financial data was stolen, but encouraged users to change their passwords immediately to a more secure password. Read More.
And even though these events happened prior to April 2018, they still dominated the headlines throughout the month.
Facebook - Cambridge Analytica
While not a true data breach, the Facebook-Cambridge Analytica scandal still warrants some attention due to the highly sensitive nature of the information shared. Facebook recently announced that it suspended 200 apps after the scandal was revealed, due to ongoing investigations over improper use of personal data. WIth GDPR only days away, it’s likely that we’ll see a resurgence in this story as data privacy and security become a hot topic in Europe. Read More.
Equifax
Equifax has spent over $242.7 million on it’s data breach to date. After last September’s massive data breach, the company has spent an additional $45.7 million in the first quarter of 2018 to update IT infrastructure, applications, and security. Read More.
[Want to make sure your company’s data is secure? Download our whitepaper: Protecting the Data to learn how complete network visibility can be your greatest defense against hackers.]