Some of the top data-breach headlines in October came from hackers targeting financial institutions. But breaches at thrift stores and ride-hailing companies made headlines as well. Thrift company America’s Thrift Stores was hit hard. And a glitch at Uber exposed the personal information of its drivers.
Businesses and consumers alike are suffering the consequences as large targeted breaches on major companies become more frequent.
And as the number of data breaches grows, it becomes crucial for consumers to closely monitor their credit reports, which they can do with free tools like myBankrate.
Here are the 5 top data breaches last month.
The Bankrate Daily
2 of 6
Affected: 4.6 million Scottrade customers.
Information stolen: Names and home addresses.
Breach details: Between late 2013 and early 2014, hackers gained access to the trading site’s network and stole customer names and street addresses. Anyone who was a customer with an account at Scottrade before February 2014 could have been impacted by the breach. Social Security numbers, email addresses and other sensitive personal information are not believed to have been compromised, although that data was contained in the system. The breach has been connected to a stock manipulation scheme in which the scammers stole the Scottrade customers’ information, then contacted those customers and tried to trick them into buying penny stocks the thieves had invested in to drive up the price, federal prosecutors allege in an indictment that was unsealed in early November.
Information stolen: Debit card information, including card numbers.
Breach details: First National Bank of Omaha sent out new debit cards to customers in Colorado, Illinois, Iowa, Kansas, Nebraska, South Dakota and Texas after a large breach at an unidentified national business. Details about the breach have not yet been announced, but so far it seems that only debit cards were impacted. While the bank’s own security was not compromised, its connection to the breach at a large company prompted it to take action. Customers at First National Bank of Omaha who have done business with the unidentified company in those 7 states could be at risk.
Affected: 18 stores throughout Alabama, Georgia, Louisiana, Mississippi and Tennessee.
Information stolen: Credit and debit card numbers.
Breach details: Hackers from Eastern Europe used malware to get into the systems at America’s Thrift Stores from Sept. 1-27. At-risk customers include those who used their credit or debit card at the stores in the 5 affected states during that time period. The company has removed the malware from its computer system and is working on additional security measures.
Information stolen: Social Security numbers, driver’s license scans, W-9 tax forms, company car articles of incorporation and potentially other sensitive information.
Breach details: Uber launched a new app for drivers and a glitch exposed the sensitive information of hundreds of drivers, including Social Security numbers. The new app aims to help drivers manage accounts and track rides, but it’s also a spot used to upload employment information. While Uber fixed the glitch within 30 minutes, the employment details of 674 Uber drivers were posted to the hosting service GitHub.
Affected: 3,500 current and former subscribers to The Wall Street Journal, MarketWatch and Barron’s.
Information stolen: Names, addresses, email addresses and phone numbers.
Breach details: Hackers used spear phishing and breached the computer systems of Dow Jones between August 2012 and July 2015, exposing the personal information of 3,500 current and former subscribers to publications like The Wall Street Journal, MarketWatch and Barron’s. While Dow Jones claimed it had no “direct evidence” that its customers’ information was stolen, payment card and contact info could have been compromised. Hackers gained access to other personal information as well. This breach is also related to the indictments announced this month regarding a stock manipulation scheme. Bloomberg Business reports that the breach may have impacted well more than the several thousand people acknowledged by Dow Jones. Bloomberg says the hackers may have stolen millions of subscriber email addresses from the publisher.