As we pass through the middle of 2024, we’ve already seen a staggering number of data breaches, reminding us of the importance of safeguarding personal information. Here’s a summary:
- Disney
- Pintrest
- Trello
- Medisecure
- Roblox
- Healthed
Disney
Walt Disney’s internal communications on Slack have been leaked online exposing sensitive data including: project details, technical information, raw images, ad campaigns, studio technology and interview data. The hacker group ‘NullBulge’ claims to be responsible for the discovered 1.2 TB of data. Disney has not yet provided a confirmation but are currently investigating the incident.
Pinterest, the image sharing platform with over 500 million active users, may have suffered a potential data leak. Hackers claim to have captured 6 million database records — containing 60 million rows of data including email addresses, usernames, user IDs, IP addresses and more.
Trello
The project managemnt tool, Trello, has suffered a data breach due to unsecured API endpoints providing unauthorised access to hackers. Although the data was extracted in January 2024, the hackers have just recently dumped the data online (07/16), containing usernames, full names, profile URLs, and more. After the discovery of the API vulnerability, Atlassian has updated the API to prevent misuse by hackers. There has not been an official response to the breach incident.
Medisecure
Medisecure is an eScript software provider that specialises in transferring prescriptions between prescribers and dispensers. The organisation has confirmed that 12.9 million Australians data has been leaked including details like name of drugs, strength, quantity and repeats, reason for prescription and instructions to using medication specifically Medisecure officially confirmed it cannot identify the individuals whose data has been stolen and has since entered voluntary administration.
Roblox
Roblox is an online game platform and game creation system launched in 2006 that allows users to program and play games created by themselves and others. In early July a third-party events company that coordinates Roblox’s annual conference was breached via its website. As a result, information from 2022-2024 was stolen including names, emails and IP addresses. Unsurprisingly this is not the first time Roblox has been breached in this way. Previous breaches have resulted in targeted attacks on Roblox developers including information stealing malware.
Healthed
Healthed is an educational resource provider for general practitioners and healthcare professionals. Recently a breach related to a third-party contractor enabled cybercriminals to steal the details of HealthEd students including names, email addresses, postal addresses and mobile phone numbers. The attack was focused on students who attended Healthed’s face-to-face seminars. Healthed has contacted and advised students if their data was impact by the breach.
How can I keep my data safe?
As data breaches become more common, the importance of taking personal action to safeguard your data, privacy and identity increases. Leaked personal information might not be of concern instantly, but overtime cyber-criminals pool leaked data to create more compelling scams, phishing attacks and even commit identity fraud. Here are some key tips to protect your information:
- Use strong, unique passwords: Avoid reusing passwords and combine letters, numbers, and special characters.
- Enable two-factor authentication (2FA): Add an extra layer of security by requiring a second verification step.
- Monitor your accounts: Regularly check bank and credit card statements for suspicious activity.
- Update software regularly: Keep devices and software up to date with the latest security patches.
- Be cautious with personal information: Carefully consider what information you share online and with whom.
You can check if your data has been breached through our free tool here . If your data has been breached, contact ID Care.