Weekly Recap December 16
Table of Contents
- By Steven
- Dec 16, 2022
Long gone are the days of a tall, dark, and mysterious gentleman and his colleagues in ski masks breaking into an office building and digging through files. Yes, it's entertaining to watch on TV and in movies, but it's incredibly unsafe. Now, in our digital age, it's more likely these same people would use their unique skill sets to bribe a young hacker to dig through the files for them. Of course, this is only in movies. In reality, there is a higher chance of being hacked than ever before. Let's look at this week's "honorable mentions."
Teleperformance USA is an American subsidiary of Teleperformance, a French company. "On November 4, 2022, we detected that an unauthorized third party gained remote access to a portion of TPUSA's network," TPUSA said. The hacker accessed names, addresses, and social security numbers, which seems bad, but, in all actuality, isn't nearly as terrible as many other breaches we've seen.
Upper Peninsula Power Company
The UPPC hack affected nearly 40,000 individuals. "On or around June 23, 2022, UPPCO experienced a network intrusion that affected a limited number of systems," said the company. "Upon discovery, UPPCO immediately secured its network and engaged a third-party forensic firm to investigate the event." The stolen data only pertained to social security numbers, which seemed to be a mercy for the company. There are a lot of things that power companies have access to and need access to in order to provide power for their customers, so the hacker only accessing SSNs was massively lucky for the company and the victims.
Veros Credit is a Californian auto financing company. About 54,000 customers were involved in the breach, which highly impacted all of them. Yes, Veros told customers that it had "no reason to believe anyone's information has been misused," but it would simply be naive to assume so. The hacker accessed credit/debit card data (which may have included security codes, passwords, and PINs), passwords and usernames, health insurance information, passport numbers, SSNs, state IDs, and driver's license numbers.
This breach was undoubtedly the largest of our covered bunch; this breach impacted approximately 240,000 individuals. These people had their lives turned upside down, as the accessed data is vast and deeply personal. The hacker acquired payment card numbers, health insurance and policy details, birthdays, biometric information, addresses, tax ID numbers, financial account numbers, driver's license numbers, state IDs, government IDs, insurance information, medical data, social security numbers, and names.
Black, Gould & Associates
BGA accessed the social security numbers of almost 42,000 people. The hacker compromised the company's computer systems, gathering PII from the systems. The company immediately contacted law enforcement and third-party forensic investigators to study the breach. It contacted the Maine and Texas Attorney Generals' offices and sent notices to all victims. The hacker will most likely sell the stolen data, as they can make decent money from that amount of SSNs.