Analysts at Breach Clarity have identified a number of significant data breaches during the last week of August 2020. Many of these impact businesses where there is considerable interaction with consumers, and there are risks concerning personally identifiable information.
Digital Journal has selected three examples from the Breach City list. The first comes from the travel sector; the second from the world of investments; and the third comes from the charity sector. Each of the cases comes from the U.S.
Pacific Huntington Hotel Corporation
The hotel group suffered from a data incident that scored 6 on the Breach Clarity Score. The incident involved an unauthorized access to an employee’s email account. This incident took place at The Langham, located in Pasadena CA, U.S. This incident led to the exposure of Social Security numbers and insurance identification numbers. Impacted residents need to review the information provided and weight up the relative risk, on a case-by-case basis.
The investment company recorded a Breach Clarity Score of 4, marking it to be a mid-level security incident. This data breach occurred following unauthorized access to a cloud environment. This area held data collected during the registration process at the broker’s exposed investors’ personally identifiable information. This consisted of names, addresses, Social Security numbers, and drivers license numbers. This leads to a risk of criminals fraudulently opening credit accounts.
Saint Luke’s Foundation
This incident recorded a score of 3, and the type of attack was ransomware, where the cyberattack was launched against software provider Blackbaud. This enabled cybercriminals to steal data belonging to a large number of companies, including Saint Luke’s Foundation. The goal was to extort the charitable organization so that money was passed over in order to regain access to files. The potential was for criminals to gain access to client information, and where this information could eventually be exploited.
Going forwards, Blackbaud has affirmed to the foundation that it has already implemented changes to help protect its system from any subsequent incidents.