3 Data Breaches Disclosed This Week: J.Crew, T-Mobile, and Carnival3 Data Breaches Disclosed This Week: J.Crew, T-Mobile, and Carnival
The separate incidents show how data theft knows no market-based limits.
March 6, 2020
A series of enterprise data breaches disclosed this week underscores how criminals target various industries to steal and monetize data. The breaches at J.Crew, T-Mobile, and two units of cruise-line operator Carnival Corp., show that millions of customers can feel the effect of even the simplest exploit.
In its disclosure letter to customers, J.Crew said that customers' email addresses and passwords were obtained by an unauthorized third party and that significant additional personal information could have been accessed in the April 2019 incident. No information was provided on the number of customers affected, but the notification noted that the breached accounts had been de-activated pending a customer telephone call and password re-set.
T-Mobile disclosed a breach affecting an unknown number of customers, though gaining that information is complicated because of the path taken to the customer information: Employee data was breached, some of which contained customer information. In a notification document, the wireless carrier said, "Information accessed illegally may have included names and addresses, phone numbers, account numbers, rate plans and features, and billing information."
Finally, Holland America Line and Princess Cruises, two units of Carnival Corp, disclosed a breach from May 2019 in which personal information including mail accounts, names, Social Security numbers, and credit card information of some employees and customers were illegally accessed. While no numbers were given regarding victims, a notice with the California Attorney General's office indicates that more than 500 individuals were affected. Carnival said that when the breach was discovered, it acted quickly to shut down the unauthorized access.
Check out The Edge, Dark Reading's new section for features, threat data, and in-depth perspectives. Today's featured story: "The Perfect Travel Security Policy for a Globe-Trotting Laptop."
About the Author(s)
You May Also Like
Reducing Cyber Risk in Enterprise Email Systems: It's Not Just Spam and PhishingNov 01, 2023
SecOps & DevSecOps in the CloudNov 06, 2023
What's In Your Cloud?Nov 30, 2023
Everything You Need to Know About DNS AttacksNov 30, 2023
9 Traits You Need to Succeed as a Cybersecurity Leader
The Ultimate Guide to the CISSP
Selling Breaches: The Transfer of Enterprise Network Access on Criminal Forums
Protecting Critical Infrastructure: The 2021 Energy, Utilities, and Industrials Cyber Threat Landscape Report
4 Ways XDR Levels Up Security Programs