January 24, 2021: The dating platform, MeetMindful.com, was hacked by a well-known hacker and had its users account details and personal information posted for free in a hacker forum. "We have investigated the matter thoroughly, addressed the cause and have implemented additional security measures as a precaution.". 14 19 Wayfair annual orders declined by 16% in 2021 to 51 million. This has now been remediated. The leaked user records include usernames, emails, IP addresses, hashed passwords, Facebook, Twitter and Google IDs, bets and data on players who were banned from the platform. Cybercriminals are also focusing their time on other lucrative cyberattacks, such as ransomware, credential stuffing, malware and Virtual Private Network (VPN) exploitation. UpGuard's researchers also discovered and disclosed a related breach by AggregateIQ, a Canadian company with close ties to Cambridge Analytica. Signet Jewelers, parent company of Kay Jewelers, had a vulnerability in its website that exposed customers' information after they had purchased jewelry online. Overview and forecasts on trending topics, Industry and market insights and forecasts, Key figures and rankings about companies and products, Consumer and brand insights and preferences in various industries, Detailed information about political and social topics, All key figures about countries and regions, Market forecast and expert KPIs for 600+ segments in 150+ countries, Insights on consumer attitudes and behavior worldwide, Business information on 60m+ public and private companies, Detailed information for 35,000+ online stores and marketplaces. In 2019, this sensitive data appeared listed for sale on a dark web marketplace and began circulating more broadly, so it was identified and provided to data security website Have I Been Pwned. April 20, 2021. Free Shipping on most items. Data accessed in the breach included travel details email addresses as well as the complete credit card details of 2,208 customers. The leaked details of more than 2.28 million users registered included names, email addresses, location details, dating preferences, marital status, birth dates, IP addresses, Bcrypt-hashed account passwords, Facebook user IDs and Facebook authentication tokens. The following categories of data were accessed, amounting to the 12.3 million total: This database was not connected to Bonobos private data, which was siloed for protection. Let's hope SlickWraps finally strengthens their cybersecurity framework after such a tumultuous history. Hacking group identified as Impact Team compromised 35 million user records from the cheating website Ashley Madison. In contrast, the six other industriesfood and beverage, utilities, construction . In 2019, this data appeared for sales on the dark web and was circulated more broadly. Learn about the dangers of typosquatting and what your business can do to protect itself from this malicious threat. The breach occurred in October 2017, but wasn't disclosed until June 2018. The attackers exploited a known vulnerability to perform a SQL injection attack. The breach allowed access to private information of Aadhaar holders, exposing their names, their unique 12-digit identity numbers, and their bank details. The stolen records include client names, addresses, invoices, receipts and credit notes. Though this breach did not directly expose financial information, if compromised users recycled their Paypal passwords when signing up to 123RF, theyre at a high risk of suffering financial theft. The data was scraped in a vulnerability that the company patched in 2019, and includes users phone numbers, full names, location, email address and biographical information. Replace a Damaged Item. Feb. 19, 2020. It was also the second notable phishing scheme the company has suffered in recent years. Between February and March 2014, eBay was the victim of a breach of encrypted passwords, which resulted in asking all of its 145 million users to reset their password. In 2020, Kroll data shows an average 125% growth in breach notification cases for industries which experienced five or more breaches in 2019. Some Planet Hollywood restaurants were also impacted by the breach that hit parent company Earl Enterprises. Attackers used a small set of employee credentials to access this trove of user data. The most important key figures provide you with a compact summary of the topic of "Wayfair" and take you straight to the corresponding statistics. The company said that the stolen data "does not include any financial or physical address information" and that it shouldn't have compromised any passwords. April 19, 2021: The auto insurance company Government Employees Insurance Company, known as GEICO, filed a data breach notice announcing information gathered from other sources was used to obtain unauthorized access to your drivers license number through the online sales system on our website. The total normal of insured drivers affected has not been disclosed but the hackers had access between January 21 and March 1. More than 150 million people's information was likely compromised. The breach included email addresses and salted SHA1 password hashes. Auth0's anomaly detection tool tracks breaches and maintains a database of compromised credentials. "Marriott reported this incident to law enforcement and continues to support their investigation," the company said at the time. The data exposed included patient names, addresses, dates of birth, patient account numbers, health insurance plan member ID numbers, healthcare provider names and/or medical and clinical treatment information among other sensitive data. After learning of the incident, Neiman Marcus Group contacted impacted customers that had not changed their password since May 2020, urging them to immediately do so. Hudson's Bay, the parent company of Saks Fifth Ave, confirmed in April 2018that a data breach compromised payment systems and therefore customers' credit and debit cards. In June 2013 around 360 million MySpace accounts were compromised by a Russian hacker, but the incident was not publicly disclosed until 2016. TJX, the owner of a number of retail brands, had one of its payment systems breached exposing over 45 million credit and debit card numbers. Se ha llegado a un Acuerdo de Conciliacin en una demanda . Due to the licentious connection of the breached database, compromised users could fall victim to blackmail and defamation attempts for many years to come. But one expert from a personal virtual network service provider said that he's worried about the ultimate fallout from all these breaches. The compromised data included usernames and PINS for vote-counting machines (VCM). January 22, 2021: Customer data was stolen from the mens clothing retailer, Bonobos, was found for free in a hacker forum after a cybercriminal downloaded the companys backup cloud data. US-based retailer, Neiman Marcus, has confirmed in a statement that an unauthorized party can access to sensitive customer information including: The breach impacted almost 3.1 million payment and virtual gift cards, of which more than 85% were either expired or no longer valid. The UK's Information Commissioner's Office (ICO) issued more than 42 million ($59m) worth of fines in 2020 to companies that breached data protection and privacy regulations. The following types of sensitive information were compromised in the cyberattack: In an email to its users, Plex assured its users that all compromised passwords were hashed and secured in accordance with best cybersecurity practices. In April 2019, Evite, a social planning and invitation site identified a data breach from 2013. Eugene is the Director, Technology and Security of Sontiq, a TransUnion company. During the investigation of the ransomwares attack impact on its network, they discovered some of its current and former employees personal information was accessed by the attackers. The data leaks impacted American Airlines, Microsoft, J.B. Hunt and governments of Indiana, Maryland and New York City. Something went wrong while submitting the form. The records of 200 million voters was accessed from Deep Root Analytics, a firm working on behalf of the Republican National Committee (RNC). ", Arne Sorenson, Marriott's president and CEO, said: "We deeply regret this incident happened.". In October 2016, hackers collected 20 years of data on six databases that included names, email addresses and passwords for The AdultFriendFinder Network. It did not, and still does not, manufacture its own products. Panera Bread confirmed on April 2, 2018 that it was notified of a data leak on its website. April 3, 2021: The personal data of 533 million Facebook users from 106 countries has been posted online for free in a low-level hacking forum. However, data breach investigators BleepingComputer managed to successfully convert the hashed passwords of numerous accounts to plain-text using online MD5 cracking tools. Your Wayfair account has been locked for security, so you will have to set up a new one if you still wish to use the retailer. 8.3 million database records from popular stock photo and vector image seller 123RF were copied and posted for sales on a hacker forum. It was only about two years later that Yahoo publicly disclosed the breach after a stolen database from the company allegedly went up for sale on the black market. April 12, 2021: A third-party software vulnerability is responsible for exposing 21 million customer records belonging to ParkMobile, a contactless payment parking app. Some of the high-profile customers reportedly impacted by this breach include: Impact: 1000 schools / 600,000 students / 500GB of data. Get the Cost of a Data Breach Report 2022 for the most up-to-date insights into the evolving cybersecurity threat landscape. Quora, a popular site for Q&A suffered a data breach in 2018 exposed the personal data of up to 100 million users.The types of leaked data included personal information such as names, email addresses, encrypted passwords, user accounts linked to Quora and public questions and answers posted by users. At the time of the breach, Heartland was processing north of 100 million credit card transactions per month for 175,000 merchants. July 9, 2021: U.S. healthcare provider, Forefront Dermatology, announced unauthorized access to its IT systems exposed the personal data and medical records of up to 2.4 million patients. Breached MeetMindful data dumped on dark web hacker forum - Source: ZDNet. Though Twitch admitted in its statement that a subset of creator payout data was also accessed, the company assures that credit card number and bank information was not compromised. Estimates of the amount of affected customers were not released, but it could number in the millions. This makes Facebook one of the recently hacked companies 2021, and therefore, one of the largest companies to be hacked in 2021. Some of the records accessed include. While desperately scouring the client email lists stored in Mailchimps internal tools, the cybercriminals finally found what they were looking for - an email list of customers of the hardware cryptocurrency wallet, Trezor. Amazon had shifted from selling books and buying single product websites to the Everything store, like an online Walmart. The encryption was weak and many were quickly resolved back to plain text, the password hints added to the damage making it easy to guess the passwords of many users. Left unanswered is why LinkedIn did not further investigate the original breach, or inform more than 100 million affected users, in the intervening four years. Data breaches in the health sector are amp lified during the worst pandemic of the last century. As of August 2020, the biggest fine and settlement resulting from a data breach was 575 million U.S. dollars fined to consumer credit reporting agency . May 25, 2021: Audio maker, Bose Corporation, disclosed a data breach following a ransomware attack. Data breaches are on the rise for all kinds of businesses, including retailers. November 22, 2021: The restaurant chain, California Pizza Kitchen (CPK), revealed a data breach that exposed the personal details of over 100,000 current and former employees. The data was stolen when the 123RF data breach occurred. How UpGuard helps financial services companies secure customer data. The data accessed consists of 2.3 millions data points which could be reverse engineered to recreate each original fingerprint. Because customer credit card information was leaked, this cyber attack exposes Easyjets breach of the General Data Protection Regulation, which could result in a fine of up to 4% of its global annual turnover. However, by October of 2017, Yahoo changed the estimate to 3 billion user accounts.