CP
cyberpings
BreachesHIGH

Data Breach - Aura Exposes 900,000 Marketing Contacts

BCBleepingComputer
AuraShinyHuntersdata breachcustomer dataidentity theft
🎯

Basically, a hacker accessed Aura's customer data through a phone scam.

Quick Summary

Aura confirmed a data breach exposing 900,000 customer records. Names and emails were compromised, raising identity theft concerns. Aura is notifying affected individuals and working with experts.

What Happened

Aura, a company specializing in identity protection, recently confirmed a significant data breach. An unauthorized party accessed nearly 900,000 customer records due to a voice phishing attack targeting one of its employees. This breach has raised alarms about the security of personal data in the digital age.

The attack exposed sensitive information of 20,000 current and 15,000 former customers. The compromised data originated from a marketing tool used by a company that Aura acquired in 2021. During this acquisition, Aura inherited a database that contained limited customer information, which has now become a focal point of concern.

Who's Affected

The breach has impacted a large number of individuals, with nearly 900,000 records being compromised. This includes full names, email addresses, home addresses, and phone numbers. However, Aura has confirmed that more sensitive information, such as Social Security Numbers (SSNs), account passwords, and financial details, were not part of the breach.

Interestingly, the Have I Been Pwned (HIBP) service analyzed the leaked data and found that 90% of the email addresses were already in their database from previous incidents. This suggests that many affected individuals may have already been exposed in other breaches, raising concerns about the cumulative risk of data exposure.

What Data Was Exposed

The data breach involved the exposure of various types of personal information. While the most concerning elements like SSNs and financial data were safeguarded, the leaked records still pose a significant risk. Affected individuals may face potential phishing attempts and other identity theft risks due to the availability of their names and contact information.

Aura has stated that they are conducting an internal review in collaboration with external cybersecurity experts. They are also in contact with law enforcement to ensure that the situation is handled appropriately. Affected individuals will soon receive personalized notifications regarding the breach and the data exposed.

What You Should Do

If you believe you are among those affected by the Aura data breach, it is crucial to take immediate action. Here are some recommended steps:

  • Monitor your accounts for any suspicious activity. Check bank statements and credit reports regularly.
  • Change passwords for any accounts that may be linked to the exposed email addresses.
  • Consider enrolling in identity theft protection services to safeguard against potential misuse of your information.
  • Stay informed about the situation by keeping an eye on official communications from Aura and cybersecurity news outlets.

While Aura has assured that they are taking the necessary steps to address the breach, it's essential for individuals to remain vigilant and proactive in protecting their personal information.

🔒 Pro insight: This incident underscores the vulnerabilities of inherited data from acquisitions, emphasizing the need for thorough security audits post-merger.

Original article from

BleepingComputer · Bill Toulas

Read Full Article

Share

Related Pings

HIGHBreaches

Data Breach - Over 670,000 Affected by Marquis Software Attack

A massive data breach at Marquis Software has impacted over 670,000 individuals. Sensitive information, including Social Security numbers, has been exposed. This incident raises serious privacy concerns for numerous financial institutions involved. Stay alert for updates and protective measures.

The Record·
MEDIUMBreaches

Stryker - Restoring Ordering and Shipping Systems After Attack

Stryker is recovering from a cyberattack that disrupted its ordering and shipping systems. The company believes the threat is contained and is restoring operations. This incident highlights the importance of cybersecurity in healthcare.

Cybersecurity Dive·
HIGHBreaches

Data Breach - Marquis Exposes 672,000 Personal Records

Marquis has revealed a ransomware attack affecting over 672,000 people. Personal and financial data, including Social Security numbers, were stolen. This breach raises serious security concerns for those affected.

TechCrunch Security·
HIGHBreaches

Data Breach - Intuitive Hit by Phishing Attack

Intuitive has suffered a data breach following a phishing attack. Customer and corporate data were accessed, raising concerns about data security. The company assures that surgical systems remain unaffected.

SC Media·
HIGHBreaches

Data Breaches - UK Businesses Face Risks from Identity Security

UK businesses are facing significant risks of data breaches due to poor identity security practices. A recent report reveals that many organizations fail to deactivate ex-employee accounts promptly. This negligence, coupled with a rise in credential compromise incidents, puts sensitive data at risk. Immediate action is necessary to protect against potential breaches.

SC Media·
HIGHBreaches

Companies House - Security Issue Exposes Director Data

A security issue at Companies House exposed sensitive data of company directors. This breach raises serious privacy concerns for those affected. The agency is investigating the incident and taking action.

SC Media·