Convenience store chain Wawa reports data breach

Convenience store chain Wawa has disclosed a data breach that occurred from March 2019 to December 2019.  Malware was detected and then removed from its payment processing servers by their information security team. Payment information, including credit and debit card numbers, expiration dates, and cardholder names were included in this breach. Wawa is offering one year of identity theft protection for affected cardholders.

Ring states that its services have not been compromised by hackers

Video camera maker Ring released a statement specifying that its customer accounts have not been compromised by hackers.   A small number of Ring customers had Ring home video cameras accessed by third parties using login credentials that were previously made available in data breaches from other companies and websites.  Ring recommended setting up two-factor authentication, not reusing passwords for multiple websites, and other security measures to its customers.

Microarchitectural Data Sampling (MDS) security vulnerability in CPUs

Intel released information regarding a new set of CPU vulnerabilities called Microarchitectural Data Sampling (MDS).  A list of affected Intel products may be found here.

Updates are available from major technology companies for this issue, including:

AMD states that their CPUS are not affected by this vulnerability.

Data breach lists and identity theft victim resources

Some of the more comprehensive lists of known data breaches include:

Identity theft victims can receive advice from these websites:

HaveIBeenPwned website checks for emails and passwords included in data breaches

Security researcher Troy Hunt recently published his findings about a huge store of 773 million email accounts with some password information that had previously been stored at a location available to hackers. 

To verify if a specific email address was included in his list of data breaches, enter it at Troy Hunt’s website haveibeenpwned.com.  Passwords can be verified separately at haveibeenpwned.com/Passwords.