The Association of National Advertisers (ANA) admitted this week that it had suffered a data breach last August through October (2018), about which it learned last October (2018), but which it only advised those affected this week (the last week of January, 2019). Consider these dates when also considering the fact that just last month (December 2018, two months after ANA knew about the data breach) ANA was pushing back, hard, against legislation regarding more stringent requirements for – wait for it – notification of data breaches.
Given all of the data breaches in 2018 (Marriott Starwood, 1-800-FLOWERS, Quora, Walgreens, the Post Office, etc.) it is no longer a question of whether your data has been breached – you need to assume that it has been – rather the question is what is the best way to monitor your bank accounts and credit card accounts for fraudulent activity? And what are some ways to protect against it in the future? (The answer to the latter may surprise you!)
Close on the heels of Quora’s data breach just two days ago, online florist 1-800-FLOWERS has announced that they have been subject to a data breach that has been going on for 4 years. The breach was of payment data including credit card number, expiration date, card security code, and the first and last name of the card holder. As many as 75,000 1-800-FLOWERS customers have been affected.
Quora has just announced that it discovered a data breach on Friday, November 30th. Taking a move from the playbook of, apparently, nobody else, Quora did not wait weeks or months or even days to announce the breach – going from discovery to notifying their users in no more than 72 hours. Thank you for that, Quora!
The Marriott hotel chain announced today that their Starwood property has suffered a massive data breach of as many as 500 million guest records. Note that even though the breach was discovered days earlier, they are announcing it on a Friday morning; Friday is known to be the day to announce things if you want them to get the least amount of attention.
At the end of last week, on or around Friday, July 27th, 2018, Walgreens sent out a seemingly innocent email notice of Walgreens updated terms and conditions of use. But some people noticed that it contained a hidden message saying “Walgreens values your privacy. We recently became aware of fraudulent activity.”
In a hack that the New York Times is calling “one of the largest known breaches of a retailer”, Saks 5th Avenue and Lord and Taylor have had the credit card and debit card information of millions of customers compromised by an ongoing hack that lasted for months before it was terminated a few weeks ago.
Those of you who breathed a sigh of relief over the hacking of the Ashley Madison adult cheaters site because instead you are on one of the Friend Finder sex hookup sites, such as Adult Friend Finder (AdultFriendFinder.com) – guess what? It turns out that last month Friend Finder Networks, parent company of Adult Friend Finder and other associated sites such as Penthouse.com, Cams.com, iCams.com, and Stripshow.com – totaling over 412 million accounts – was hacked, exposing email addresses, passwords, and IP addresses – everything your spouse or significant other needs to nail you nailing someone else.
In June the U.S. Office of Personnel Management (OPM) revealed that there had been a massive security breach, exposing the personal personnel data of at least 21.5 million government employees. The data included social security numbers, names, and clearance information. What was less well known is that the data also included fingerprint records, and this week it has been revealed that the hackers got 5.6 million fingerprints.
A massive data breach at Amazon subsidiary Zappos.com has led to the personal information of as many as 24 million customers being exposed. Below is all of the information, as well as the statement from Zappos CEO, Tony Hsieh.