w45-2022

Here’s your weekly #databreach news roundup:​​​​​

TransUnion LLC, Department for Education(DfE), Morrison Products, Flora & Fauna, Continental, and Victorian Populace.

TransUnion LLC

TransUnion

TransUnion LLC reported a data breach with the Massachusetts Attorney General after information in the company’s possession was subject to unauthorized access. According to TransUnion, the breach resulted in the names, Social Security numbers, financial account numbers and driver’s license numbers being compromised. Recently, TransUnion sent out data breach letters to all affected parties, informing them of the incident and what they can do to protect themselves from identity theft and other frauds.

Department for Education (DfE)

The Department for Education (DfE) has been given a reprimand but escaped a £10m regulatory fine for a data breach that saw a database of personal information held on 28 million people misused by a third-party organisation over a “prolonged” period between September 2018 and January 2020.

The Learning Records Service (LRS) database contains the full name, date of birth, gender, and learning and training achievements of 28 million people from the age of 14 upwards, as well as email addresses and nationality in some cases.

It is kept for 66 years – meaning that at the time of the breach it could have contained data on pupils who were at school in the early 1950s – and is used by more than 12,600 organisations, mostly educational providers, to verify various functions such as the academic qualifications of prospective students, or funding eligibility.

Morrison Products

Morrison Products

Morrison Products, Inc. reported a data breach with the Attorneys General of Montana and Texas after the company learned that an unauthorized party was able to access sensitive information belonging to certain employees. According to Morrison Products, the breach resulted in employees’ names, addresses, and Social Security numbers being compromised. Recently, Morrison Products sent out data breach letters to all affected parties, informing them of the incident and what they can do to protect themselves from identity theft and other frauds.

Flora & Fauna

Flora & Fauna

The company reports that a malicious code was transmitting customer credit card details to a third party between 13 August 2022 and 29 September 2022. Approximately 2,500 customers may have been affected by this data breach. Credit card numbers and expiry dates may have been compromised. CVV codes, customer names, and passwords were not compromised in this breach.

Continental

Continental

German tyre and automotive parts maker Continental said on Monday that a cyberattack it reported in August had resulted in some data being stolen from the company.

The investigation into the incident is still ongoing, said a spokesperson for the company in a statement.

German daily Handelsblatt earlier on Monday reported that 40 terabyte of data had been stolen during the attack, and that the cyberattackers had demanded ransom.

Victorian Populace

Data of Australian Victorian Populace appears to be exposed, as a technology company managing and serving was infiltrated by hackers on Wednesday last week. PNORS Technology Group, is the company that witnessed a compromise of its computer network recently, apparently spilling sensitive details to hackers.