3 Data Breaches Disclosed This Week: J.Crew, T-Mobile, and Carnival
The separate incidents show how data theft knows no market-based limits.
A series of enterprise data breaches disclosed this week underscores how criminals target various industries to steal and monetize data. The breaches at J.Crew, T-Mobile, and two units of cruise-line operator Carnival Corp., show that millions of customers can feel the effect of even the simplest exploit.
In its disclosure letter to customers, J.Crew said that customers' email addresses and passwords were obtained by an unauthorized third party and that significant additional personal information could have been accessed in the April 2019 incident. No information was provided on the number of customers affected, but the notification noted that the breached accounts had been de-activated pending a customer telephone call and password re-set.
T-Mobile disclosed a breach affecting an unknown number of customers, though gaining that information is complicated because of the path taken to the customer information: Employee data was breached, some of which contained customer information. In a notification document, the wireless carrier said, "Information accessed illegally may have included names and addresses, phone numbers, account numbers, rate plans and features, and billing information."
Finally, Holland America Line and Princess Cruises, two units of Carnival Corp, disclosed a breach from May 2019 in which personal information including mail accounts, names, Social Security numbers, and credit card information of some employees and customers were illegally accessed. While no numbers were given regarding victims, a notice with the California Attorney General's office indicates that more than 500 individuals were affected. Carnival said that when the breach was discovered, it acted quickly to shut down the unauthorized access.
For more, read here, here, and here.
Check out The Edge, Dark Reading's new section for features, threat data, and in-depth perspectives. Today's featured story: "The Perfect Travel Security Policy for a Globe-Trotting Laptop."
About the Author
You May Also Like
DevSecOps/AWS
Oct 17, 2024Social Engineering: New Tricks, New Threats, New Defenses
Oct 23, 202410 Emerging Vulnerabilities Every Enterprise Should Know
Oct 30, 2024Simplify Data Security with Automation
Oct 31, 2024Unleashing AI to Assess Cyber Security Risk
Nov 12, 2024