June Security Breaches — 5 Companies That Had Data Breaches This Month

Jun 26, 2019 | Identity Theft, News

Take a deep breath in, and breathe out. We’re about to give you the 4-1-1 on the biggest data breaches that happened this month. If you’ve been following this series (which just started last month, by the way), then you know how important it is to monitor your data. Identity theft has been labeled the fastest growing crime by the FBI and the way technology keeps advancing, that’s not going to change any time soon.

Enrolling in an identity theft protection won’t only help you recover and recoup your information if it’s leaked, but it can help stop the hackers from getting your information in the first place. There are companies that will monitor everything from your Social Security number to your social media profiles. The following text was taken from emails that ID Watchdog sends out to spread the word about how common data breaches are:

1. Evite

Date of Incident: Beginning February 22, 2019

Date Made Public: June 10, 2019

Records Affected: 10 million

Data Compromised: Evite, a social planning and e-invitations service, has confirmed a security breach that reportedly resulted in a hacker posting 10 million Evite user records for sale on the dark web. Potentially exposed information may include names, usernames, email addresses, passwords, and, if the user provided the information to Evite, dates of birth, phone numbers, and mailing addresses. No financial data or Social Security numbers were exposed. According to the company, the compromised records were an older backup and contained user information from before 2013. Evite said it would be prompting users to reset their passwords during their next login, and it is also encouraging users to change their passwords for any other account on which they used the same or similar information as Evite. More information about the incident is available on Evite’s website.

2. The Union Labor Life Insurance Company

Date of Incident: April 1, 2019

Date Made Public: June 14, 2019 (Data breach report submitted to US Department of Health on May 31, 2019)

Records Affected: 87,400

Data Compromised: The Union Labor Life Insurance Company (ULLI), a subsidiary of Ullico Inc., has reported that the protected health information of an estimated 87,400 plan members may have been exposed as a result of an employee responding to a phishing email. Potentially compromised information may have included names, addresses, dates of birth, Social Security numbers, and some personal health information of plan members and their family. ULLI says it is notifying its plan members and will offer all affected individuals 24 months of complimentary credit monitoring and identity theft protection services.

3. Emuparadise

Date of Incident: April 1, 2018

Date Made Public: June 9, 2019

Records Affected: 1.1 million

Data Compromised: Retro gaming website Emuparadise has reportedly experienced a data breach that may have led to the exposure of an estimated 1.1 million user accounts. Exposed information may include email addresses, IP addresses, usernames, and passwords stored as salted MD5 hashes, which is an older algorithm that is no longer considered safe for protecting passwords. Although the company has not yet confirmed the incident, security experts are recommending that Emuparadise users consider changing login credentials that they use on the service and also consider using a unique set of credentials for every online account.

4. Canva

Date of Incident: May 24, 2019

Date Made Public: May 24, 2019

Records Affected: 139 million users

Data Compromised: Canva, a graphic design website, was hacked in an incident that reportedly compromised the data of approximately 139 million users. Exposed data may have included usernames, actual names, email addresses, city and country information, and Google tokens that are used to sign up for the site without setting a password. For 61 million Canva users, encrypted passwords may have also been compromised. The passwords were hashed with the bcrypt algorithm, which experts consider to be a secure password-hashing algorithm. The company says that credit card payment information was not stored on Canva. The company is encouraging users to change their passwords. Users can learn more information about the incident on Canva’s website.

5. EatStreet

Date of Incident: May 3, 2019

Date Made Public: June 18, 2019

Records Affected: Unknown

Data Compromised: Online food ordering and delivery service, EatStreet, has reportedly suffered a data breach that exposed a variety of personal data, including payment card information. The company stated that an unauthorized third party gained entry to the firm’s network and may have accessed payment card information for a limited number of customers. The information may have included name, credit card numbers, expiration date, card verification code, billing address, email address, and phone number. The company operates in 38 states and the District of Columbia, but it did not indicate how many customers were impacted by the breach. EatStreet is improving the security of its systems and sending notification letters to affected customers and partners.

Editor’s Picks

Recommended Reading

Get monthly updates on industry trends.

Don’t worry, no spam here! We share with you only industry best practices and trends to keep you in the know. No longer interested in our content? No problem — we don’t hide our “unsubscribe” option.

You have successfully subscribed!