Human Investing Employee Email Gets Hacked
Table of Contents
- By Steven
- Published: Dec 29, 2022
- Last Updated: Dec 30, 2022
We’re about two-thirds of the way through our holiday hack spree, and it doesn’t seem to be slowing down. Another financial company has been added to the ever-growing list, making it difficult for anyone with an online or cyber presence to trust anything or anyone online. This hack was likely the result of a phishing scam, as most hacks are.
How Did the Attack Occur?
HI discovered the breach when an employee found that an unauthorized third party had accessed their email without authorization. The company began an immediate investigation into what may have been accessed by the hacker. “The investigation determined that an unauthorized actor gained access to one email account on July 20, 2022,” says the notice sent to the California State Attorney General’s Office. “The investigation was unable to determine whether any emails or attachments were viewed by the unauthorized party. Therefore, we reviewed the contents of the email account.”
What Information Was Viewed or Stolen?
The information that was leaked varies by the individual. As a result, the notice only said that names were involved, though it may have included certain other information. If you or a loved one have received a letter from Human Investing, you will know what of your personal information was contained in that email.
How Did HI Admit to the Breach?
Human Investing admitted to the breach on December 22, 2022. From the company’s best interpretation, the hack occurred on July 20, 2022, and the investigation concluded in October. It took some time to send the notices to the victims and the Attorney General’s Offices, as there are certain legal loopholes with any data breach. Still, the details in the notices are very informative and allow victims to garner a good idea of what they’re facing.
What Will Become of the Stolen Information?
As we don’t know exactly what information is involved in this breach, we can’t say for sure. We can, however, point out that most hacks result in the sale and/or redistribution of accessed information. Some hackers sell it on the dark web, while others post it onto a TOR browser and label it free to download. There are other options, like the hacker using whatever they gathered, stealing a series of identities, and using them for their own gain. Luckily, HI has found no evidence that the hacker actually accessed any of the details in the emails.
What Should Affected Parties Do in the Aftermath of the Breach?
For people new to the world of cybersecurity, it can seem very daunting. It seems like a lot when you get into the simple things, like what to do after being hacked, so it can be hard to imagine how difficult the rest is. Fortunately, cybersecurity is not as complex as most people think it is. While it may seem like too many options, the market for internet and device security is pretty simple. Do some research and find out what works best for you.