Hackers targeting large hotel chains and the federal government made for some of the top data breach headlines in September. But health insurance companies and users of Apple devices were hit hard as well. Notable companies such as the Trump Hotel Collection and Excellus Blue Cross Blue Shield became data breach victims. And the Office of Personnel Management released news that its June breach actually affected a lot more people than originally thought.
Big, targeted breaches on major companies and the government are becoming more common, and businesses and consumers are suffering the consequences.
Of course, as the number of breaches increases, it becomes even more crucial for consumers to closely monitor their credit reports, which they can do with free tools such as myBankrate.
Affected: 7 hotels managed by the Trump Hotel Collection.
Information stolen: Credit card numbers, card expiration dates and security codes.
Breach details: Hackers used malware to infect point-of-sale systems at 7 hotels managed by the Trump Hotel Collection between May 2014 and June 2015. (The company publicly acknowledged the breach in September.) Hackers then stole credit card information from an unknown number of people. The affected hotels include Trump SoHo New York, Trump National Doral, Trump International New York, Trump International Chicago, Trump International Waikiki, Trump International Hotel & Tower Las Vegas, and Trump International Toronto. An investigation did not find that any customer payment information had been misused.
Affected: 10.5 million customers dating back to 2013.
Information stolen: Personal information including names, birthdates, Social Security numbers, mailing addresses, telephone numbers, member ID numbers, financial account information and claims information.
Breach details: After a security assessment performed by outside security firm Mandiant, Excellus found that cyberattackers gained access to its IT systems on Dec. 23, 2013. The breach affects Excellus members, patients, and others doing business with Excellus in the 31-county upstate New York area. Those affected are receiving notifications via mail.
Affected: 21.5 million background-check records of federal employees and applicants.
Information stolen: Social Security numbers, employment history and fingerprints.
Breach details: In June, the Office of Personnel Management discovered that hackers had breached its computer systems, stealing background-check records. The original estimate was that 1.1 million fingerprints had been stolen, but in September the OPM increased that estimate to 5.6 million. Overall, the background-check records of 21.5 million people were affected, with 19.7 million former, current and prospective federal employees getting hit, along with 1.8 million of their family members.
Breach details: Visa sent out alerts in August to several financial institutions warning of a potential breach that occurred between April 21 and July 27. In September, 5 banks came out claiming that the common tie among the compromised cards was that they were used at Hilton properties, including Hilton, Embassy Suites, Doubletree, Hampton Inn & Suites, and the Waldorf Astoria Hotels & Resorts. Hilton is investigating the claim.
Affected: Apple device users who downloaded any of 11 apps in the App Store.
Information stolen: Photos, contacts, voice recordings, browser history, phone calls, text messages and precise GPS coordinates.
Breach details: Security firm FireEye found that hackers were using legitimate-looking but malicious apps that mimic popular applications in order to persuade users to download them from an outside link from the App Store. FireEye said that it’s the first instance of targeted iOS malware being used against iOS devices that have not been “jailbroken,” tech speak for gaining super-administrative access to an operating system.