Joseph Cox reports:
Last week rumours of a potentially serious data breach at UK car insurance company the AA circulated in the security research community. In response, the AA’s customer support Twitter account downplayed those fears, and told users that their data remained secure.
However, an exposed server contained sensitive information on over 100,000 AA customers, in many cases including partial credit card data, according to a database obtained by Motherboard. Judging by interviews with victims, the AA never directly informed affected customers either, even though the company says it knew about the breach in April.
Read more on Motherboard.