week19-2023

Here’s your weekly #databreach news roundup:

Discord, T-Mobile, Toyota, The National Smallbore Rifle Association, NextGen Healthcare, Jewel-Osco, Brightline, Sysco, and Brightly.

T-Mobile

w1-2021-newsletter-tmobile

T-Mobile on Monday said it experienced a hack that exposed account PINs and other customer data in the company’s second network intrusion this year and the ninth since 2018.

The intrusion, which started on February 24 and lasted until March 30, affected 836 customers, according to a notification on the website of Maine Attorney General Aaron Frey.

“The information obtained for each customer varied but may have included full name, contact information, account number and associated phone numbers, T-Mobile account PIN, social security number, government ID, date of birth, balance due, internal codes that T-Mobile uses to service customer accounts (for example, rate plan and feature codes), and the number of lines,” the company wrote in a letter sent to affected customers. Account PINs, which customers use to swap out SIM cards and authorize other important changes to their accounts, were reset once T-Mobile discovered the breach on March 27.

The National Smallbore Rifle Association

The National Smallbore Rifle Association (NSRA) has warned members of possible follow-on fraud and cybercrime after its IT systems were breached.

The association is currently working with the UK’s South East Regional Organised Cybercrime Unit (SEROCU) after the attack, which it revealed last Friday.

“All our IT systems are fully operational, no funds have been lost and we will communicate fully to our members on the conclusion of the police investigation. We can confirm that this attack has not affected the membership portal, which remains secure,” the NSRA explained in a statement.

“This attack has targeted legacy servers that contain working documents, not a full database. At this time, we cannot say exactly who this affects as we have no access to the servers.”

NextGen Healthcare

NextGen Healthcare

NextGen Healthcare, Inc. (“NextGen”) filed a notice of data breach with the Attorney General of Montana after learning that a recent data security incident impacting the company’s computer network resulted in confidential consumer information being made accessible to an unauthorized party. Based on the company’s official filing, the incident resulted in an unauthorized party gaining access to consumers’ names, dates of birth, Social Security numbers and addresses. After confirming that consumer data was leaked, NextGen began sending out data breach notification letters to all individuals who were impacted by the recent data security incident.

Jewel-Osco

Thousands of Jewel-Osco employees might have had their personal information exposed in a data breach.CBS 2 has obtained a letter sent to employees by Jewel-Osco parent company Albertsons last week.
The letter said hackers were able to infiltrate Albertsons internal computer systems last December and steal employee data – including names, dates of birth, and Social Security numbers.

Brightline

Brightline

Pediatric mental health provider Brightline is warning patients that it suffered a data breach impacting 783,606 people after a ransomware gang stole data using a zero-day vulnerability in its Fortra GoAnywhere MFT secure file-sharing platform.

Brightline is a mental and behavioral health provider offering virtual counseling for children, teenagers, and their families.

In a new ‘data security notice’ displayed on the company’s website, Brightline confirmed that data was stolen from its GoAnywhere MFT service that contained protected health information.

Sysco

Sysco, a leading global food distribution company, has confirmed that its network was breached earlier this year by attackers who stole sensitive information, including business, customer, and employee data.

In an internal memo sent to employees on May 3rd and seen by BleepingComputer, the company revealed that customer and supplier data in the U.S. and Canada, as well as personal information belonging to U.S. employees, may have been impacted in the incident.

“On March 5, 2023, Sysco became aware of a cybersecurity event perpetrated by a threat actor believed to have begun on January 14, 2023, in which the threat actor gained access to our systems without authorization and claimed to have acquired certain data,” Sysco added in data breach notification letters sent to some of the affected individuals.

Brightly

U.S. tech company and Siemens subsidiary Brightly Software is notifying customers that their personal information and credentials were stolen by attackers who gained access to the database of its SchoolDude online platform.

SchoolDude is a cloud-based platform for managing work orders used by over 7,000 colleges, universities, and K-12 schools from school districts of up to 600,000 students.The companies’ other SaaS solutions are being used by more than 12,000 organizations worldwide, most from the United States, Canada, the United Kingdom, and Australia.

Discord

Discord is notifying users of a data breach that occurred after the account of a third-party support agent was compromised.

The security breach exposed the agent’s support ticket queue, which contained user email addresses, messages exchanged with Discord support, and any attachments sent as part of the tickets.

Discord says it immediately addressed the breached support account by disabling it once the incident was discovered.

“Due to the nature of the incident, it is possible that your email address, the contents of customer service messages and any attachments sent between you and Discord may have been exposed to a third party,” Discord said in letters sent to affected users.

Toyota

Toyota

Toyota Motor Corp (7203.T) said on Friday the vehicle data of 2.15 million users in Japan, or almost the entire customer base who signed up for its main cloud service platforms since 2012, had been publicly available for a decade due to human error.

The incident, which also affected customers of its luxury brand Lexus, comes as the world’s biggest automaker by sales makes a push into vehicle connectivity and cloud-based data management which are seen as crucial to offering autonomous driving and other artificial intelligence-backed features.