Hotels, a medical clinic and even a state government office all acknowledged data breaches last month. But was there any breach more shocking than the one that occurred at a toymaker? The breach at VTech, which makes electronic toys such as tablets for kids, exposed the private data of 6.4 million children, including photos.
Businesses and consumers alike are suffering the consequences as large, targeted breaches on major companies become more frequent.
As the number of data breaches grows and becomes more diverse, it’s crucial that consumers protect themselves by closely monitoring their credit reports with free tools like myBankrate.
Affected: 6.4 million children and 4.9 million adults.
Information stolen: Names, email addresses, photos, passwords, secret questions, answers for password retrieval, IP addresses, mailing addresses and download history.
Breach details: Hong Kong-based VTech discovered on Nov. 24 that an unauthorized party accessed its Learning Lodge app. While personal information was stolen, VTech says that no credit card information, Social Security numbers or driver’s license numbers were taken.
3 of 6
Affected: Hilton property customers who used their cards at Hilton point-of-sale terminals.
Information stolen: Cardholder names, payment card numbers, security codes and expiration dates.
Breach details: Hilton last month confirmed a cyber intrusion between Nov. 18 and Dec. 5, 2014, and between April 21 and July 27, 2015, that used unauthorized malware to target some point-of-sale systems at Hilton properties. Customer card information was stolen. While Hilton would not address the number of cards impacted, brands that could have been targeted include:
Hampton Inn and Suites
Waldorf Astoria Hotels & Resorts
The hotel franchises more than 4,500 properties across 97 countries.
Affected: 16,000 patients in Kaufman in East Texas.
Information stolen: Patient records, including names, birthdates, diagnoses and treatments.
Breach details: A staff member at Children’s Medical Clinics of East Texas in Kaufman took home documents and didn’t return them. That individual also provided a disgruntled employee with a screen shot of patient records. Those records included the personal information of about 16,000 patients. This breach differed from a traditional hacking scheme in that it was an inside job. The employee who stole the information was an authorized user. Still, patient information was compromised.
5 of 6
Georgia secretary of state’s office
Affected: 6.2 million voters in Georgia.
Information stolen: Names, addresses, birthdates, Social Security numbers, driver’s license numbers, phone numbers, gender and race.
Breach details: Due to a clerical error, sensitive voter information was sent to 12 organizations that were not authorized to receive the information. Those organizations included:
Georgia Democratic Party
Georgia Republican Party
Georgia Libertarian Party
Independence Party of Georgia
Southern Party of Georgia
Savannah Morning News
Georgia GunOwner Magazine
News Publishing Co.
Georgia Secretary of State Brian Kemp’s office says that all 12 discs were either retrieved or destroyed. But voters in Georgia should still be vigilant about fraud.
6 of 6
Gas station pay terminals
Affected: Individuals using their credit cards at pay-at-the-pump gas station terminals in Idaho.
Information stolen: Credit card information, including card numbers.
Breach details: Authorities in Post Falls, Idaho, received reports from regional banks that credit cards were being compromised at places where EMV (Europay, MasterCard, Visa) card readers had not yet been implemented. EMV cards are those new credit and debit cards with an embedded computer chip for added security. Fraudsters in Idaho have been placing skimmers over terminals that lack EMV technology.
Authorities in that area found skimming devices on 2 self-serve gas pumps. This particular instance was limited to the Post Falls area, but it has the potential to become more prevalent nationwide from now until 2017. While many retailers have already installed terminals that read EMV cards, gas stations won’t complete the switch until 2017.