A million Park’N Fly customers have had their sensitive data stolen after the company suffered a cyberattack.
The news was confirmed in a data breach notification letter sent out by the company, which noted the threat actors accessed the company’s IT infrastructure in July 2024 using stolen VPN credentials. The crooks stole people’s full names, email addresses, postal addresses, Aeroplan numbers, and CAA numbers. No payment data was taken, the company confirmed.
Read more…
Source: MSN News
Related:
- Imperva: Data Breach Caused by Cloud Misconfiguration
October 11, 2019
Imperva, the security vendor, said this week that a misconfiguration of an Amazon Web Services (AWS) cloud instance allowed hackers to exfiltrate information on customers using its Cloud Web Application Firewall (WAF) product. Formerly known as Incapsula, the Cloud WAF analyzes requests coming into applications, and flags or blocks suspicious and malicious activity. The company announced the breach in ...
- IT Firm Manager Arrested in the Biggest Data Breach Case of Ecuador’s History
September 18, 2019
Ecuador officials have arrested the general manager of IT consulting firm Novaestrat after the personal details of almost the entire population of the Republic of Ecuador left exposed online in what seems to be the most significant data breach in the country’s history. Personal records of more than 20 million adults and children, both dead and ...
- Data Leak Impacts Millions of Yves Rocher Cosmetics Company Customers
September 3, 2019
International cosmetics brand Yves Rocher found itself caught in a third-party data exposure incident that leaked the personal information of millions of customers. UPDATE Cosmetics giant Yves Rocher is warning that a giant data leak exposed the personal data of millions of its customers and reams of sensitive internal company information to the public. The data exposure ...
- 4.1B Records Exposed in Breaches in First Half of 2019
August 16, 2019
This year is on track to be the worst year on record for data breach activity, according to a recent analysis. Within the first six months of this year, there have been 3,813 incidents publicly reported, according to Risk Based Security’s 2019 MidYear QuickView Data Breach Report. That’s up 54 percent compared to this time last ...
- Lancaster University students’ data stolen by cyber-thieves
July 23, 2019
Students’ personal data has been stolen in a “sophisticated and malicious” phishing attack at Lancaster University. Officials said the information had been used to send bogus invoices to applicants. “A very small number” of student records, phone numbers and ID documents were also accessed, it said. The breach has been reported to police and the Information Commissioner’s Office. In ...
- Equifax, regulators sign $700m deal to settle data breach lawsuits
July 22, 2019
Equifax signed a settlement today to lay to rest lawsuits brought forward by the US Federal Trade Commission (FTC), state attorneys, and a class-action case relating to the firm’s 2017 data breach. The security incident was caused by a failure to resolve a known security flaw in Apache Struts, despite a patch being made available two ...