Some ecommerce sites may be unwittingly placing customer data at risk of exposure through forms that unintentionally collect PII without user consent. Here’s what retail security teams need to know about “leaky forms” and how to implement security policies that can protect customer data from this hazard.
German banks Deutsche Bank AG, ING, Postbank, and Commerzbank’s subsidiary Comdirect, have leaked customer data via third-party service provider MOVEit data breach.
Italian supercar maker Ferrari disclosed a data breach impacting an unknown amount of customer data after a hacker demanded ransom, a request that the company turned down.
A cyber attack has compromised UK fashion retailer JD Sports with 10 million records of customer data stolen from online purchases made between November 2018 and October 2020.
Password manager LastPass notified its customers of a second security breach in 2022, with the threat actor accessing customer data stored on a shared cloud service.
Thomson Reuters database leak exposed 3TB of platform information and customer data after the media company left three databases unsecured and publicly accessible for days.
Security firm disclosed a Microsoft data breach that exposed customer data affecting over 65,000 organizations in 111 countries. Microsoft expressed disappointment at the security firm for exaggerated numbers and releasing a search tool.
A data breach of the third largest storage space provider and popular moving company, U-Haul, exposed sensitive customer data in the contractual information of 2.2 million users over five months.
India’s new CERT-In order applies to VPN providers, virtual private server (VPS) providers, data centers and cloud service providers. These services are required to hold and turn over a variety of customer data.
The company arranged a payment of $200,000 through a third party, but customer data from the T-Mobile hack was subsequently seen for sale on dark net forums.