Included in the leaked database were BreachForums 1.0 members' user IDs, login names, email addresses, registration IP addresses, and last used IP addresses.
Threat actors behind the attack discovered on April 13 were able to exfiltrate 6.5 TB of data, including names, birthdates, contact details, addresses, individual healthcare identifiers, Medicare numbers, and prescription information from customers who used the service between March 2019 and November 2023.
Such a significant increase in victimization comes amid a 14% increase in the number of data breaches, as well as a 23% growth in driver's license data exfiltration between the first half of 2023 and the first half of 2024, according to a report from the Identity Theft Resource Center.
The U.S. Postal Service has confirmed halting the sharing of its online customers' postal addresses with Meta, Snap, and LinkedIn following a TechCrunch report detailing its disclosure of customer details via tracking pixels across its website.
Druva's introduction of such functionality has been accompanied by the expansion of its free Managed Data Detection and Response service to customers around the world.
Further investigation of the leaked 38 TB dataset revealed links to another storage repository with 89,475 records belonging to backend technology provider Legal Connect, which shares the same parent firm as Rapid Legal.
Fast Five
Selected by the SC Media Editorial team every Tuesday.
Sign up now for the top five issues cybersecurity pros need to know this week.
