Leah Murray reports that an insider breach at a property management firm resulted in dozens of tenants being notified that their information may have been stolen. The unauthorized access is believed to have occurred sometime between August 2016 and November 2016: A company that operates apartment buildings in several Alberta communities, including Lethbridge, Medicine Hat…
Category: Business Sector
Arlo advises customers to change passwords after credential-stuffing attempts detected
May 26 notification posted to community.netgear.com. Here’s how it begins: Dear Arlo Customer: We have recently observed suspicious activity potentially impacting Arlo accounts. We take the privacy and security of your account and personal information very seriously and have initiated an investigation into the suspicious activity. From our initial investigation, it appears that attackers may…
Aflac says agent emails were hacked, exposing personal information of clients
WXYZ reports that American Family Life Assurance Company of Columbus (Aflac) has issued a press release concerning the breach of independent contractor sales agents’ email accounts. The breach has reportedly affected some clients’ personal information. WXYZ reports: Clients’ personal information such as names, addresses, dates of birth, policy numbers, social security numbers and bank account information…
T-Mobile bug let anyone see any customer’s account details
Zack Whittaker reports: A bug in T-Mobile’s website let anyone access the personal account details of any customer with just their cell phone number. The flaw, since fixed, could have been exploited by anyone who knew where to look — a little-known T-Mobile subdomain that staff use as a customer care portal to access the…
Insurance startup leaks sensitive customer health data
Zack Whittaker reports: A software startup that provides independent insurance brokers with customer management software has exposed highly sensitive information on thousands of insurance policy holders. A vast cache of data was stored on Amazon S3 storage bucket by AgentRun, a Chicago, Ill.-based company founded in 2012 by Andrew Lech, a former independent insurance broker….
Coca-Cola notifying employees of insider breach (updated)
Coca-Cola is notifying employees that a former employee reportedly misappropriated their personal information. The number of employees or other individuals affected was not disclosed in the notification letter, but Coca-Cola reports that they learned of the breach on September 1, 2017 from law enforcement, who asked them to delay notification. Law enforcement recently gave Coca-Cola…