In this blog, we list a short recap of November’s most notable reports about various companies being hacked, data breaches and security vulnerabilities exposed. Read on for the Hacks of the month — November 2019 Edition.
Facebook reveals a security accident that 100 app developers may have accessed its users’ data in certain Facebook groups. App developers gained access through “Group API” an interface between Facebook and third-party apps. This group API gave the app developers extended access to group information longer than intended. The company has not disclosed the number of users affected. Information that was possibly accessed includes:
- Profile pictures
The California Department of Motor Vehicles announced it suffered a data breach affecting 3200 people in the state. The data breach comprised of seven federal agencies that had improperly accessed about 3,200 accounts with social security information. The DMV has notified all affected parties. They also stated that no information was accessed or shared with private individuals during the breach.
Within hours of the launch of the anticipated streaming platform Disney+, many users out of the thousands of users who signed up reported that their accounts have been hacked and locked out. The compromised data exposed account information such as email addresses and passwords. However, the company later released a statement that its systems were not hacked.
The company disclosed the data breach on its website saying they discovered “malicious, unauthorized access” to information associated with its prepaid customers. The prepaid accounts data that may have been breached included:
- Phone numbers
- Billing addresses
- Account numbers
- Rate plans and features
Customers of OnePlus smartphones suffered a data breach. The company informed authorities and sent all impacted customers’ emails. The affected users’ data exposed includes:
- Payment information
The company notified its customers a major data breach through email on November 21, 2019. The email statement mentions no passwords or payment data was compromised and none of Magento’s products or services were affected. The data exposed includes:
- Email addresses
- Billing & Shipping addresses
- Phone numbers
As we now are at the end of the year and holiday season, we strongly encourage everyone to practice good online security and safety. This is especially important for those making online gift purchases, whether you are using your smartphone or desktop. Check out our post that covers basic cybersecurity tips.