Breach Brief – Carnival Cruise, T-mobile, Unknown Real Estate Database.

Published On March 13, 2020 | By Tom Huskerson | Breach Briefs

Did you go on a Carnival Cruise last summer? The world’s largest cruise ship line has reported a data breach of customer data.

The breach was discovered online through a notification letter from the cruise line to its customers. According to Carnival Corporation some unauthorized activity was detected on its network in May 2019. The attack is believed to have continued from April through July of 2019. An investigation confirmed a breach had occurred. The attack happened when the attackers gained access to employee email accounts.

Carnival revealed that the attackers stole the personal information of its customers that includes such highly sensitive information as names, Social Security numbers, addresses, govt. ID numbers, security numbers, and passport or drivers’ license numbers. Some financial information such as credit card numbers, financial account data, and some health-related information was also pilfered.

Carnival has not reported any fraudulent use of the information but they still advise customers to remain vigilant. For any details, customers can contact the cruise line via their toll-free number +1 (833) 719-0091.

T-Mobile

T-Mobile announced a security breach which has potentially impacted the account information of both employees and customers.

According to T-Mobile’s official website, the company’s cyber security team identified and stopped a cyber attack against T-Mobile’s email vendor. The attack gave unauthorized access to certain employee email accounts. Some of those accounts contained customer and employee information. T-Mobile did not name the email vendor.

T-Mobile says the information accessed include customer names, addresses, phone numbers, account numbers, rate plans and features, as well as billing information. The company took pains to assure customers that financial information (such as credit card information) and Social Security numbers were not affected.

This is T-Mobile’s second security breach in the last six months – the telecom firm reported a similar incident last November.

Real Estate Database Exposed

Basic sloppiness has exposed more 200 million records containing a wide range of property-related information on U.S. residents. The database were left unprotected on the web. No password, no authentication and no owner.

The exposed data was a mix of personal and demographic details that included names, addresses, email addresses, age, gender, ethnicity, employment, credit rating, investment preferences, income, net worth. Other property information included:

  • Market value
  • Property type
  • Mortgage amount, rate, type, and lender
  • Refinance amount, rate, type, and lender
  • Previous owners
  • Year built
  • Number of beds and bathrooms
  • Tax assessment information

According to security firm Comparitech, the database was hosted on Google Cloud. It was first indexed by search engine BinaryEdge on the 26th of January and discovered a day later by legendary cybersecurity researcher Bob Diachenko. According to Comparitech the information was being updated regularly so they believed the information was recent and accurate.

The identity of the database owner is unknown. The server was eventually taken offline.




Like this Article? Share it!

About The Author

Tom Huskerson Bio Born in Richmond Virginia Tom Huskerson is a military veteran who settled in California after his discharge. Tom attended Santa Barbara City College where he began his writing career as a campus reporter. He worked as an intern news reporter for the Santa Barbara News-Press writing feature stories before moving on to San Francisco. At San Francisco State University Tom studied broadcast communications and began to focus on the Internet. He completed his graduate thesis on Internet advertising. Tom was the first student to ever focus on the Internet as a graduate student at San Francisco State University. After graduation he went to work for Zona Research in California’s Silicone Valley. As a research associate Tom supported senior analyst writing on the latest developments in the Internet industry. During the dot com boom Tom worked for several web businesses as a market researcher and analyst. As a writer and researcher Tom has authored various technical works including a training program for Charles Schwab security. Other projects included professional presentations on workplace violence and hiring security contractors. Tom has also written both fiction and non-fiction works and blogging for a travel website. He has published two books of short stories and completed two novels. Tom is the owner of Scribe of Life Literature and EbonyCandle.com. Tom is not the chief editor for the OnTechStreet. com. A news and information blog that focuses on tech news for African-Americans. The blog is the result of his desire to inform the African American community of the dangers and benefits of the cyber age. In his blog Tom reports on information security, new and analysis, scams and hoaxes, legal happenings and various topics that arise from the age of information. Tom believes that technology is a necessary tool for black people and they should know what is happening. Tom writes believing that techno speak is for the professional and that valuable information can be communicated using plain language. As a result he has embraced the motto, Less Tech, More Knowledge.

Comments are closed.