February 2017: Breaches increase, scattered across many industries

Lookout tracks breaches related to companies and services that may impact customers with our Breach Report feature. Breach Report looks at the largest companies globally, and reports on those breaches to provide  customers the most relevant information. It also provides remediation actions to help keep them safe. Interested in getting Breach Report? Upgrade to Premium now.

Attackers successfully breached 15 companies from a wide range of industries including retail, transportation, government services, hospitality, technology, gaming, and more. Among them, the biggest names included popular music festival Coachella, restaurant chain Arby’s, and the InterContinental Hotel Group. In the process, attackers were able to compromise nearly 7 million accounts, according to public reports of these incidents.

Though there was a large distribution of impacted industries this month, two familiar trends occurred. First, we saw yet another successful attack against a healthcare institution. Second, attackers put point-of-sale systems in their crosshairs again, this time impacting Arby’s. We saw a large number of attacks against healthcare institutions and point-of-sale systems in 2016, a trend that has seemingly stuck.

The types of data stolen

In February, customer names, as well as email addresses both topped the list as the most-often stolen pieces of data, each impacting roughly 46 percent of the companies.

Attackers also stole passwords in 26 percent of the breaches, as well as financial information in 26 percent of the breaches.

In the case of CloudPets, a company that creates stuffed animals that can send and receive voice messages, criminals stole nearly 2.2 million voice recordings from kids and parents, in addition to over 820,000 email addresses.

Staying safe

Watch out for phishing attacks. In many cases, criminals will use contact information as a way to gain more sensitive information. If your email or phone number is stolen, watch for suspicious emails and text messages that seem to be asking for more information that you’re comfortable giving. You can always contact the company in question directly if you’re ever worried.

Companies will also periodically put out new information about a breach via blog post or email, or even offer a telephone number (or other form of contact) to impacted customers. Take advantage of the opportunity to gather as much information about the situation as possible.

When financial information is in question, it’s important that data breach victims monitor their bank accounts and credit cards for fraudulent activity. Contact your bank or credit provider if you see anything that looks odd.

Stay up to date on the latest data breaches with Breach Report. Upgrade to Premium today to receive timely notifications about breaches that impact industries, companies, or even services you use.


Don’t already have Lookout? Download it today.