Breach Brief – T-Mobile, Elasticsearch, Church’s Chicken
Cell carrier T-Mobile reported a data breach affecting its pre-paid customers. According to T-Mobile the data breach took place on its network sometime in early November and is affecting less than 1.5 percent of its customers. But that is no small number and equates to roughly a million customers.
Although passwords and Social Security numbers were not lost other important information was. The breached data includes customer name, billing address, phone number, account number, and details of your T-Mobile rate plan. The information is easily enough to get access to your account by impersonating you. Cyber criminals could use the information to perform a SIM swapping attack.
T-Mobile is notifying the customers affected. If you receive a notification the company recommends either confirming or updating your account’s PIN by dialing 611 from your T-Mobile device. You can also reach customer service by dialing 1-800-TMOBILE from any phone.
Another helluva of data leak has occurred and the numbers will stagger you. Try one billion records belonging to at least two different companies.
The two companies, People Data Labs and OxyData, are known as data enrichment or aggregation providers. They sell access to massive stores of data merged from multiple third-party sources. The data is used by companies to expand their knowledge and insight into potential and current customers. The companies also provide data on millions of businesses.
The exposed data was found by Bob Diachenko and Vinny Troia in mid-October. The two men found a completely unsecured Elasticsearch server holding over four billion user accounts among 4TB of data.
Troia, chief of threat intelligence at DataViper.io said, “A total count of unique people across all data sets reached more than 1.2 billion people, making this one of the largest data leaks from a single source organization in history. The leaked data contained names, email addresses, phone numbers, LinkedIn and Facebook profile information.”
In total around 622 million unique email addresses associated with People Data Labs and OxyData were found exposed. OxyData’s information appeared to have been a complete harvest from LinkedIn accounts.
Church’s Chicken has reported a breach of its payment systems. Cajun Operating Company, commonly known as Church’s Chicken or Church’s, operates a string of restaurants in the United States and throughout the world.
The fast food chain is investigating after suspicious behavior on its systems was detected at the end of October. According to the company any previous unauthorized third-party access that may have occurred has been halted. In a statement released on its website, the company said that the possible breach would only impact some of the company-owned restaurants in the United States.
The data breach seems to confined to the southern United States and a list of 130 restaurants in Alabama, Arkansas, Florida, Georgia, Illinois, Louisiana, Mississippi, Missouri, South Carolina, Tennessee, and Texas that may have been impacted has been published by the company on its website.
In a statement a company spokesperson said, “Our company immediately retained a leading cybersecurity forensics firm to help us contain and remediate the activity, and launch an investigation to determine the extent to which information in Church’s systems may have been impacted. In addition, we are continuing to cooperate with federal law enforcement and have notified payment card networks and credit monitoring agencies.”
The investigation into a possible breach is continuing. The company is trying to determine which restaurants may have been involved and when the incidents may have occurred. The company has not specified how many customers have been affected or what information was lost.