GDPR Services report 9 Private Data breaches
– Week 31, 2019 –
This is a curated list about last week’s latest news from by our GDPR Services. Be informed about the latest 9 Private Data breaches, identified and reported publicly during Week 31, 2019.
As these Private Data breaches have a severe negative impact on any business and highly serious legal consequences, consider a these GDPR Service packages: on-demand GDPR COMPLIANCE or a recurrent monthly service of GDPR COMPLIANCE ADD-ON together with your dedicated data protection OFFICER package.
- Counsel for the class that successfully sued Home Depot Inc. following a 2014 credit card data breach will have to have their fee award recalculated.
- Home Depot settled with financial institutions holding the affected accounts for $25 million. The trial court approved attorneys’ fees of $15.7 million, in addition to the settlement fund. Home Depot Gets Another Look at Data Breach Attorneys’ Fees
- Graduation Alliance, a third-party state vendor providing data and web hosting services, reported a possible data breach to servers that contained some student information.
- The data stored on the servers under review does not include Social Security numbers, financial, driver’s license or health information, a release from the concerned parties indicated. However, fields including names, birthdays, gender, ethnicity and, on a smaller batch of records, ACT scores were present. State says Tennessee student data may have been accessed on college planning site
- More than 100 million customers have had their data compromised by a hacker after a cloud misconfiguration at Capital One.
- A massive breach of Capital One customer data has hit more than 100 million people in the U.S. and 6 million in Canada. Thanks to a cloud misconfiguration, a hacker was able to access to credit applications, Social Security numbers and bank account numbers in one of the biggest data breaches to ever hit a financial services company — putting it in the same league in terms of size as the Equifax incident of 2017. Former AWS Engineer Arrested as Capital One Admits Massive Data Breach
- A Puerto Rico-based medical center and a related women and children’s hospital are victims of a recent ransomware attack impacting the data of more than 522,000 individuals.
- The combined incident is currently the largest health data breach reported to federal regulators this year involving ransomware. In a joint statement issued July 19, Bayamón Medical Center and Puerto Rico Women and Children’s Hospital, both part of the same organization and based in Bayamon, Puerto Rico, say that on May 21 they discovered that patient information was involved in “a blocking incident” that affected the hospitals’ computer network. Ransomware Attack Impacts 522,000 Patients in Puerto Rico
Discover more trending and viral stories from our GDPR Service. The remaining Private Data breaches made news headlines. All these news related to GDPR Services happened just in the last week.
- Pearson, the London-based educational software maker, said today that thousands of school and university accounts, mostly in the United States, were affected by a data breach.
- The Wall Street Journal reports that the data breach happened in November 2018 and Pearson was notified by the Federal Bureau of Investigation in March. The perpetrator is still unknown. Education software maker Pearson says data breach affected thousands of accounts in the US
- Clothing resale site Poshmark suffers data breach
- Clothing resale site Poshmark has been hacked. Data from users in the US, including full names, usernames, genders, email addresses, hashed passwords, clothing size preferences and social media profile information, were accessed by “an unauthorized third party.” Emails, names, clothing sizes and hashed passwords were taken.
- This report looks at the number of stolen credit cards that are available on the so-called “dark web.”
- Researchers found 23 million card numbers and describe various ways that criminals can access this trove. There is one IRC bot for example that can “validate” the stolen cards, which was used hundreds of thousands of times. 23 MILLION STOLEN CREDIT CARDS FOR SALE ON THE DARK WEB IN THE FIRST HALF OF 2019
- An unsecured AWS S3 database containing a million recorded phone calls between employees of San Diego-based Bank of Cardiff and potential loan customers has been discovered by a security researcher.
- The files were quickly secured once the researcher contacted the bank last month. Reporters examined several of the calls and they appear to be legit. One Million Bank Phone Calls Found in Exposed Server
- Asian customers of beauty retailer Sephora have been notified about a major breach.
- Personal data, including names and birth dates, potentially were exposed. The key word here is potentially: the company hasn’t yet seen any evidence that the data was actually accessed, and has reset passwords and offered free credit monitoring services to affected customers. Sephora data breach hits Southeast Asia and ANZ customers