Weekly Cybersecurity Recap November 18
Table of Contents
- By Steven
- Nov 18, 2022
Last week we talked about the calm before the storm; the massive influx of hacks and breaches that come hand in hand with the holidays hadn’t yet started, and all we could report on were lawsuits (of which there were many). Now, it’s a week before Thanksgiving and – more importantly for hackers and con artists of all kinds – Black Friday, and the hacks have begun.
Data breaches are no joke. Even small ones, like the October 2022 Verizon breach, can negatively affect businesses. That’s not even mentioning the victims who had their PII (personally identifying information) involved in the breach. Studies show that after the public is notified of a data breach, the affected company’s stock shares will drop by 3% on average within two weeks.
United Veterinary Clinic
United Veterinary Clinic (UVC) is a national vet care chain that operates in more than 20 states. The company recently announced a data breach that affected both employees and customers. Unfortunately for the pet parents that use the clinic, the hack involved a lot of sensitive information. People had their social security numbers, financial account information, and names released to the hacker. The clinic offered two years of complimentary credit monitoring.
TransUnion is one of the most significant credit bureaus in the world. The breach is said to have affected every active credit user in the US, as it’s tracked almost every single one. The company alerted customers after the breach on November 7, 2022. The notice stated, “As soon as we discovered the incident, we engaged in an investigation to identify and notify individuals whose personal information we believe was accessed by unauthorized actors. We continue to enhance our security controls as appropriate to minimize the risk of any similar incident in the future.”
Camping World Good Sam
CWGS Group is a holding company that owns Camping World and Good Sam, both RV and RV parts sellers. The hacker accessed sensitive customer data, including social security numbers, driver’s license numbers, names, addresses, financial account numbers, government IDs, tax IDs, passwords, usernames, electronic and digital signatures, and credit and debit card data. CWGS offered two years of free credit monitoring to all victims from one of the biggest credit bureaus in the world.
Three Rivers Provider Network
Imagine working at an insurance provider in Vegas; work all day, paint the town at night. The last thing you expect is to be hacked. This became an uncomfortable reality for Three Rivers employees and customers when, on June 3, 2022, the company became aware of unauthorized access to an employee’s email. “On June 3, 2022, TRPN identified unauthorized access to one (1) employee email account by an unauthorized party. We immediately initiated an investigation and secured the compromised account,” said the company’s notification letter. The data included names, birthdays, social security numbers, and more.
My Life Foundation
The My Life Foundation is an organization dedicated to bettering the lives of those with intellectual disabilities. The company noticed that one of its employees was acting strange; an investigation showed that he and a former employee were in cahoots to sell personal employee data to an unauthorized third party. It took months for the foundation to fully recover the stolen data, as the third party ignored the claims until a court order forced them to return the details. The organization wants customers to know that their data was utterly unaffected by the breach and that they have nothing to worry about.