The security community has seen a series of data breach incidents in the last 15 days that impacted hundreds of millions of users. We've reviewed them here to remind users what they should do if they think they have been compromised.
On Oct. 2, J.P. Morgan Chase confirmed in a Form 8-K securities filing that up to 76 million households and 7 million small businesses were affected by a cybersecurity attack. Users’ contact details – names, addresses, phone numbers and email addresses – were compromised and they believe that account numbers, passwords, user IDs, dates of birth or SSNs are not at risk. In this attack, hackers accessed more than 90 of JP Morgan’s servers for short periods of time from mid-June to mid-August. Although J.P. Morgan Chase stated that they haven’t seen any unusual fraud activities caused by this incident, if you are one of their customers, you should be vigilant in reviewing transactions and details for all your bank accounts or credit cards issued by them.
On Oct. 6, AT&T sent a letter to the Vermont AG warning customers that in August 2014 an employee had gained unauthorized access to personal information, including social security numbers and driver’s license numbers. This is the second time in 2014 that an insider has leaked confidential AT&T customer information. Around 1,600 customers were affected in this security breach. AT&T is offering an apology and a year of credit monitoring services for free to customers who were affected.
Again on Oct. 6, a security company, Future South Technologies, revealed that several Yahoo servers had been compromised by hackers using Shellshock exploits—the most recent severe vulnerability in Bash. After an immediate investigation, Yahoo CISO Alex Stamos refuted these claims, but stated that three Yahoo Sports API servers were indeed infected with malware by hackers; but the exploits were not related to Shellshock. Those servers, which provide live game streaming data, did not store user data and were isolated upon discovery of malware.
On Oct. 9, Dairy Queen confirmed that almost 400 Dairy Queen stores and one Orange Julius location had their in-store payment systems infected with Backoff malware, providing hackers with access to customers’ names, payment card numbers and expiration dates. The news about this breach was first revealed in August, but Diary Queen denied it initially and then started a formal investigation. Dairy Queen now has the malware contained, and listed all affected stores as well as the dates of the attack on their company’s website. If you have visited Dairy Queen in last few months, it is better to be cautious and ensure you review your credit card transactions and bank statements.
On Oct. 13, hackers posted four files on Pastebin with hundreds of usernames and passwords claiming to be from Dropbox users and that they have up to 7 million accounts in possession. However, Dropbox quickly denied it, stating that these usernames and passwords were stolen from other services/websites, not theirs. If you are a Dropbox user, Barracuda Labs recommends to enable 2-step verification on your account.
Hackers are thirsty for your bank information and other data on the internet, so make sure you are closely monitoring this information in order to keep yourself safe.