Fidelity, Radisson, others experience recent data breaches

Recent data breaches overview: 

• Who: Fidelity, Cisco, Internet Archive and Radisson all recently confirmed, said they are investigating or reportedly experienced a data breach. 
• Why: The confirmed and alleged data breaches have been broadly attributed to bad actors and a ransomware group. 
• Where: The data breach incidents affect consumers nationwide.

Fidelity, Cisco, Internet Archive and Radisson all either recently confirmed, are investigating or were alleged to have suffered a data breach at the hands of bad actors. 

In addition, the Canadian Department of Justice arrested a hacker believed to be behind recent data breaches involving Ticketmaster and AT&T, among dozens of others. 

Fidelity confirms it suffered data breach affecting 77K+ customers

Last month, Fidelity Investments confirmed it suffered a data breach that exposed the personal information of more than 77,000 of its customers. 

The multinational financial services company attributed the data breach to a third party using two recently established customer accounts to gain access to and obtain certain information without authorization. 

The Fidelity data breach began Aug. 17, 2024. Fidelity says it discovered the breach Aug. 19, 2024. 

Fidelity says the information exposed in the data breach belonged to a small subset of customers and that it is not aware of misuse of any of the personal information compromised during the incident. 

Cisco confirms it is investigating potential data breach 

In October, Cisco confirmed it was investigating a potential data breach in the wake of a well-known threat actor selling data allegedly stolen from the company on the hacking forum BreachForums. 

The hacker, who goes by IntelBroker, claimed they and two other bad actors stole a large amount of developer data from Cisco during a data breach that allegedly occurred Oct. 6, 2024, Bleeping Computer reports.

IntelBroker reportedly shared a sample of the stolen data, which included customer information, a database and a variety of customer documentation and screenshots of customer management portfolios. 

The threat actor reportedly did not disclose any details of how they and the other two threat actors obtained the stolen data, according to Bleeping Computer. 

Internet Archive reportedly suffers second October data breach 

Digital library Internet Archive reportedly suffered a second data breach during the month of October, with the latest incident affecting its Zendesk email support platform. 

The threat actor purportedly behind the second data breach reportedly wrote in an email that it was “dispiriting to see” Internet Archive had not done its due diligence by rotating out all of the API keys that were stolen during the initial breach, BleepingComputer reports. 

Ransomware group claims responsibility for alleged Radisson data breach

The Country Inn & Suites Radisson hotel chain reportedly suffered an alleged data breach that may have exposed the personal information of thousands of its customers. 

The Everest ransomware group reportedly took responsibility for the alleged Radisson data breach, posting on its dark leak blog Oct. 19 that it stole “thousands and thousands of client’s personal information,” CyberNews.com reports. 

The alleged data breach may have exposed Radisson customer names, addresses, phone numbers, booking dates, emails, room types, rates, guest tax ID rewards, program info and Choice/Radisson reward account numbers. 

Everest reportedly posted a ransom clock showing how much time Radisson had to follow its instructions “to resolve the issue,” warning it would otherwise publish the allegedly stolen data on its leak site, according to CyberNews.com.

Police arrest hacker believed to be behind Ticketmaster, AT&T data breaches

On Oct. 20, the Canadian Department of Justice arrested a hacker accused of being responsible for dozens of data breaches involving companies who used the data analysis and cloud services provider Snowflake.

The hacker, Alexander Moucka, also known as Connor Moucka, was arrested in Canada on a provisional warrant at the request of the U.S. government. 

Moucka, who goes by the monikers Waifu and Judische, is believed to be among a pair of hackers behind data breaches involving Ticketmaster and AT&T, among dozens of other companies who used Snowflake. 

John Binns, Moucka’s alleged co-conspirator in the data breaches, was reportedly arrested in Turkey earlier this year. 

Have you been affected by any recent data breaches? Let us know in the comments.

Read About More Class Action Lawsuits & Class Action Settlements:

• Puma uses TikTok software to ‘trap and trace’ website visitors, class action claims
• Capital One seeks dismissal of class action claiming it shares data with Meta, Google
• Paramount+ shares viewing data with third parties, class action claims
• Ubisoft class action claims co. sends customer data to Meta