The breach, uncovered on April 28 by Cybernews researchers, impacted 37,349 files containing sensitive data such as names, email addresses, home addresses, and order information.
Attackers who infiltrated Arden Claims Service's systems around Oct. 3, 2023, were able to exfiltrate individuals' names and other personally identifiable information, according to the notification letter provided to Vermont and Maine regulators.
Aside from preventing disruptions of IT admin activities and other kernel dependency-related issues due to its operating system layer operations, Fortanix File System Encryption also eases agent deployment scaling and enables total access policy control.
Information leaked by the misconfigured database included individuals' full names, emails, phone numbers, encrypted passwords, and verification tokens, as well as join dates and private chats.
Threat actors were able to secure payment card details, including individuals' names, payment card numbers, CVVs, and expiration dates, between Dec. 20, 2023 and Jun. 26, 2024, after redirecting online ticket transactions from a third-party vendor, said Oregon Zoo officials in a filing with Maine regulators.
Information compromised due to the misconfiguration included individuals' names, birth years, shipping addresses, billing addresses, IP addresses, social media accounts, and phone numbers, as well as their credit cards' last four digits, aircraft and industry details, titles, pilot status, and account activity, said FlightAware in its website.
Fast Five
Selected by the SC Media Editorial team every Tuesday.
Sign up now for the top five issues cybersecurity pros need to know this week.
