Bill Toulas reports:
Hackers breached Zacks Investment Research (Zacks) company last year and gained access to personal and sensitive information belonging to 820,000 customers.
[…]
An internal investigation into the incident determined that a threat actor gained access to the network somewhere between November 2021 and August 2022.
It is unclear if any data was stolen but the information exposed during the breach includes full names, addresses, phone numbers, email addresses, and user passwords for the Zacks.com website.
Read more at BleepingComputer.
A copy of their notification letter, as submitted to the Maine Attorney General’s Office, is embedded below:
Zacks Notification Letter