Tag Archives: Data Breaches

Convenience store chain Wawa reports data breach

Convenience store chain Wawa has disclosed a data breach that occurred from March 2019 to December 2019.  Malware was detected and then removed from its payment processing servers by their information security team. Payment information, including credit and debit card numbers, expiration dates, and cardholder names were included in this breach. Wawa is offering one year of identity theft protection for affected cardholders.

DoorDash and Dunkin Donuts data security incidents

Meal delivery service DoorDash has reported a data breach of about 4.9 million customer, delivery driver, and merchant user accounts.  Users who registered after April 5, 2018 should not be affected.   DoorDash has also set up a phone help line regarding this data breach that can be reached at 855-646-4683.

Dunkin’ Donuts is also launching an investigation of unknown login attempts to their customer app accounts.

 

 

Equifax data breach settlement

The Federal Trade Commission (FTC) has released more details about the pending settlement regarding the 2017 Equifax data breach. Consumers will be able to file for a claim with an online tool once the settlement is finalized.

More information is available at www.equifaxbreachsettlement.com.

Update: the FTC is now recommending that consumers affected by this data breach choose the credit monitoring option instead of the payment option, which is expected to be smaller due to the large amount of claims filed.

Quest Diagnostics and LabCorp AMCA data security incident

Quest Diagnostics issued a statement that billing collections service American Medical Collection Agency (AMCA) had potential unauthorized activity on AMCA’s web payment page, which could have compromised the data of about 11.9 million Quest patients.  Lab results were not affected by this incident.  Quest Diagnostics is continuing their investigation.

Update: LabCorp also revealed in an SEC filing that AMCA also had 7.7 million of their customer records affected in a similar incident.

Data breach lists and identity theft victim resources

Some of the more comprehensive lists of known data breaches include:

Identity theft victims can receive advice from these websites:

HaveIBeenPwned website checks for emails and passwords included in data breaches

Security researcher Troy Hunt recently published his findings about a huge store of 773 million email accounts with some password information that had previously been stored at a location available to hackers. 

To verify if a specific email address was included in his list of data breaches, enter it at Troy Hunt’s website haveibeenpwned.com.  Passwords can be verified separately at haveibeenpwned.com/Passwords.