Two companies owned by PeopleConnect, Instant Checkmate and TruthFinder, have revealed that they have suffered data breaches affecting a total of more than 20 million users. On February 3, the companies informed users that the incident was discovered after cybercriminals started sharing databases stolen from the two companies on underground forums. The databases contained names, email addresses, phone numbers, encrypted passwords, and password reset tokens. It is believed that the list was created several years ago and includes all customer accounts created between 2011 and 2019. The companies have confirmed that the list originated from within their company. The leaked information does not include details on user activity or payment data, and no readable or usable passwords or other means to compromise user accounts were leaked. Investigations have been launched into both incidents, but no evidence of malicious activity has been found as of now. The data breach is believed to have been caused by the inadvertent leak or theft of the impacted database. The leaked databases include the information of more than 11.9 million Instant Checkmate accounts, and the details of over 8.1 million TruthFinder accounts. The companies have advised users to not respond to suspicious communications, and that they will never ask for passwords, social security numbers or payment information via email or telephone.
This Cyber News was published on www.securityweek.com. Publication date: Mon, 06 Feb 2023 13:44:03 +0000