In the ever-evolving landscape of cybersecurity, staying updated on the latest data breaches is essential. Over the past month, several high-profile incidents have reminded us of the importance of safeguarding personal information. Here’s a summary:
- Truist Bank Breach
- DG3 North America, Inc. Investigation
- Snowflake Customers Affected
- Pure Storage Breach
Truist Bank Breach
In October 2023, Truist Bank, one of the top-10 commercial banks in the US, suffered a cyberattack — with the resulting data breach only just confirmed this month. The breach became evident when stolen data from the bank appeared on a cybercrime forum for sale. The unauthorized party was able to access information belonging to certain Truist clients. The threat actor behind the breach is known as Sp1d3r, and claims to have stolen the information of 65,000 victims, including bank transactions with names, account numbers, balances, and IVR funds transfer source codes.
DG3 North America, Inc. Investigation
DG3 North America, Inc., a vendor that provides printing, mailing, and communication services for its business partners, experienced a cyber incident discovered around March 19, 2024. The company launched an investigation with forensic specialists to assess the full extent of the breach. Personal information, including names, Social Security numbers, addresses, and financial account details, was accessed and potentially copied from its systems between February 5 and February 22, 2024. The law firm Federman & Sherwood has initiated an investigation into DG3 North America, Inc. with respect to this data breach. More details will hopefully follow in due course.
Snowflake Customers Affected
A significant number of Snowflake customers may have been affected by a data breach. The breach was attributed to a credential stuffing attack, where the threat actor “stuffs” the platform with countless log-in combinations obtained elsewhere until it finds one that works. The breach did not originate from Snowflake’s infrastructure but was the result of compromised customer credentials. The group carrying out the attacks is financially motivated, with members principally located in North America. Another credential stuffing attack is another reminder to use different passwords for different accounts — credential stuffing relies on user complacency!
Pure Storage Breach
Pure Storage, a leading provider of cloud storage systems in the US, has confirmed a data breach after unauthorized access to its Snowflake workspace. The breach exposed telemetry information, including company names, LDAP usernames, email addresses, and software release version numbers. Fortunately, passwords for array access and customer data were not compromised.
Security Tips to Protect Your Information
The above incidents highlight the importance of robust cybersecurity measures and the need for constant vigilance in the face of ever-evolving cyber threats. It is crucial for organizations to invest in security infrastructure, enforce strong password policies, and educate employees about potential cyber threats to prevent such breaches. Readers, remember to:
- Use Strong, Unique Passwords: Avoid reusing passwords across multiple sites. Use a combination of letters, numbers, and special characters to create strong passwords.
- Enable Two-Factor Authentication (2FA): This adds an extra layer of security by requiring a second form of verification in addition to your password.
- Monitor Your Accounts: Regularly check your bank and credit card statements for any suspicious activity.
- Update Software Regularly: Ensure that all your devices and software are up-to-date with the latest security patches.
- Be Cautious with Personal Information: Be mindful of the information you share online and with whom you share it.
Secure Your Digital Info
For an added layer of protection, consider using Trend Micro ID Protection. This service offers advanced features to secure your personal information:
- Real-Time Monitoring: IDP constantly scans the web for any signs of your personal information having been compromised.
- Dark Web Surveillance: Alerts you if your data appears on the dark web.
- Identity Recovery Assistance: Provides expert help if your identity is compromised.
What’s even better is that you can enjoy a 30-day free trial of ID Protection‘s paid version, so that you can take advantage of all its awesome features and start securing your identity and privacy today! Why not give it a go today?