Major Data Breaches in May

Data breaches occur at an unfortunately frequent rate, with more than an estimated 780,000 records lost on a daily basis. Here, we’ll take a high-level look at three of the major data breaches that happened this month. 

T-Mobile - May 1st

Yet another data breach has hit the mobile provider, with roughly 800 customers’ having PII such as social security numbers and ID cards, among other data, being scraped in this one. Data scraping happens when one program imports or scrapes data from another, this is often done with data taken from the Internet and saved onto a local device.

Discord - May 12th

Discord is a chat platform that is popular with video gamers; the chatting platform informed users that their data might have been exposed through a third-party customer service agent who made it so that a malicious actor was able to gain access to the data. This data includes email addresses as well as records of any customer service requests.

Apria Healthcare - May 23rd

Apria Healthcare informed roughly 1.9 million customers that their personal data might have been exposed by an “unauthorized third party” who accessed systems for the company in 2019 and then again in 2021. It is not clear why the company chose to notify the affected parties so long after the events occurred, but customers and other impacted key members are understandably upset.

‍

If you believe you might have been affected by one of these or any other breaches, you should:

1. Check to see if your login credentials were included in the list of affected data for the company which was impacted by the breach; sites like Have I Been Pwned allow you to enter your data to see if it was hit in the breach.
2. Update your login credentials for all sites. When one account is hit by a breach, you want to just take this as a reminder to update all of your accounts, particularly if you practiced poor password hygiene and used the same or similar passwords for multiple sites. Create strong, unique passwords for all of your accounts following a data breach.
3. Check your credit report. If a malicious actor gained access to your account information and it is in any way tied to your financial data or if the password you used for the affected site is the same or similar to one you use for your bank, this is an essential step. You can put a freeze on your credit report too so that you do not have to worry about any suspect activity.

‍

Image by Freepik.

‍