CP
cyberpings
BreachesHIGH

Aura Data Breach - Customer Records Exposed in Attack

SCSC Media
AuraShinyHuntersdata breachvoice phishingcustomer data
🎯

Basically, Aura's customer data was stolen through a phone scam.

Quick Summary

Aura has confirmed a data breach affecting 900,000 customer records due to a voice phishing attack. Names, emails, and addresses were compromised, raising significant privacy concerns. The company is notifying affected individuals and working with law enforcement to investigate the incident.

What Happened

Aura, a leading identity protection company, recently reported a significant data breach affecting nearly 900,000 customer records. This incident was triggered by a voice phishing attack that compromised an employee's credentials. The attackers, known as the ShinyHunters, claimed responsibility for stealing 12GB of files from Aura's marketing tool, which was acquired in 2021.

The breach exposed various types of customer information, primarily names, email addresses, home addresses, and phone numbers. While the scale of the breach is concerning, Aura has assured its customers that sensitive data such as Social Security Numbers, account passwords, and financial information were not accessed during the incident.

Who's Affected

The breach impacts approximately 20,000 current customers and 15,000 former customers. This means that a significant number of individuals may be at risk of identity theft or phishing attempts, as their personal information is now in the hands of cybercriminals. Notably, the Have I Been Pwned service reported that 90% of the exposed email addresses were already present in its database from previous incidents, indicating a recurring vulnerability among users.

Aura is taking the situation seriously and is currently conducting an internal review with cybersecurity experts to assess the full extent of the breach and its implications.

What Data Was Exposed

The exposed data primarily includes:

  • Names
  • Email addresses
  • Home addresses
  • Phone numbers

Although the breach did not compromise sensitive information like Social Security Numbers, the availability of such personal data can still lead to various forms of identity theft and fraud. Customers should remain vigilant and monitor their accounts for any suspicious activity.

What You Should Do

If you are among those affected by this breach, here are some immediate actions you should consider:

  • Change your passwords: Even though passwords were not compromised, it's a good practice to update them regularly.
  • Monitor your accounts: Keep an eye on your financial accounts for any unusual transactions.
  • Stay informed: Watch for any communications from Aura regarding the breach and follow their recommendations.
  • Consider identity theft protection: Given the nature of the data exposed, you may want to explore identity theft protection services to safeguard your information.

Aura has committed to notifying affected individuals and is cooperating with law enforcement to address the breach. Staying proactive can help mitigate potential risks stemming from this incident.

🔒 Pro insight: The ShinyHunters' involvement highlights a sophisticated approach to voice phishing, emphasizing the need for robust employee training against social engineering tactics.

Original article from

SC Media

Read Full Article

Share

Related Pings

HIGHBreaches

Data Breach - Navia Affects 2.7 Million Individuals

Navia disclosed a data breach affecting 2.7 million individuals, exposing sensitive information. The company is offering credit monitoring to those impacted, highlighting the risks of identity theft.

BleepingComputer·
HIGHBreaches

Marquis Data Breach - Affects 672,000 Individuals Revealed

Marquis has revealed a data breach affecting 672,000 individuals. Sensitive personal and financial information has been compromised, raising significant security concerns. Affected individuals should monitor their accounts closely.

SecurityWeek·
HIGHBreaches

Data Breach - Aura Exposes 900,000 Records After Phishing

Aura has disclosed a data breach affecting 900,000 records due to a phishing attack. The exposed data includes names and email addresses of customers. While immediate actions were taken, affected individuals should remain vigilant against potential identity theft.

SecurityWeek·
HIGHBreaches

Aura Data Breach - 900,000 Records Exposed in Attack

Aura has confirmed a data breach exposing 900,000 records due to a phishing attack. Affected individuals include active and former customers. The notorious hacking group ShinyHunters is believed to be behind the breach, raising concerns about data security.

Help Net Security·
HIGHBreaches

Data Breach - Major Verizon Retailer's Records Stolen

A major data breach has hit Russell Cellular, a Verizon retailer, with over 6.3 million customer records stolen. This breach poses significant risks to customers and employees alike. Immediate action is required to protect sensitive information.

SC Media·
HIGHBreaches

Data Breach - Aura Exposes 900,000 Marketing Contacts

Aura confirmed a data breach exposing 900,000 customer records. Names and emails were compromised, raising identity theft concerns. Aura is notifying affected individuals and working with experts.

BleepingComputer·