Thousands of Dollar Tree Staff Hit By Supplier Breach

A major data breach at IT provider Zeroed-In Technologies has impacted two million end users, including thousands of Dollar Tree and Family Dollar employees, the firm has admitted. A breach notification published by the Office of the Maine Attorney General revealed that a total of 1,977,486 users were impacted by the incident on August 7-8 2023. "Through the investigation, we determined that an unauthorized actor gained access to certain systems between August 7, 2023, and August 8, 2023. While the investigation was able to determine that these systems were accessed, it was not able to confirm all of the specific files that were accessed or taken by the unauthorized actor," the noticed explained. "Therefore, Zeroed-In conducted a review of the contents of the systems to determine what information was present at the time of the incident and to whom the information relates." The workforce analytical services provider found that names, dates of birth and Social Security numbers were stolen by the threat actor. It is offering free credit monitoring services for a year to affected individuals. These details could be highly monetizable for fraudsters, particularly Social Security details which are useful for opening new credit lines and bank accounts. It's unclear how many Dollar Tree and Family Dollar employees are impacted in total, although 7034 were listed on the breach notice for the state of Maine. According to lawyers at The Lyon Firm, the Zeroed-In platform is used by more than 70 businesses and has over 30,000 registered users. The firm is currently mulling legal action to recover damages and hold negligent parties to account - a common risk for breached organizations. "We strongly believe that any organization that collects and stores your personal data has a duty to protect it with reasonably secure IT data security," it wrote. "Should data security systems fail and sensitive personal data is breached, legal action may be necessary."

This Cyber News was published on www.infosecurity-magazine.com. Publication date: Thu, 30 Nov 2023 20:25:00 +0000

Cyber News related to Thousands of Dollar Tree Staff Hit By Supplier Breach

Dollar Tree hit by third-party data breach impacting 2 million people - Discount store chain Dollar Tree was impacted by a third-party data breach affecting 1,977,486 people after the hack of service provider Zeroed-In Technologies. Dollar Tree is a discount retail company that operates the Dollar Tree and Family Dollar ...
7 months ago Bleepingcomputer.com

Thousands of Dollar Tree Staff Hit By Supplier Breach - A major data breach at IT provider Zeroed-In Technologies has impacted two million end users, including thousands of Dollar Tree and Family Dollar employees, the firm has admitted. A breach notification published by the Office of the Maine Attorney ...
7 months ago Infosecurity-magazine.com

Data Breach Response: A Step-by-Step Guide - In today's interconnected world, organizations must be prepared to respond swiftly and effectively in the face of a data breach. To navigate these challenges, a well-defined and comprehensive data breach response plan is essential. Let's explore the ...
4 months ago Securityzap.com

Tech Security Year in Review - In this Tech Security Year in Review for 2023, let's look into the top data breaches of the past year. Each factor contributes to the growing threatscape, demanding a proactive and adaptable cybersecurity approach to safeguard your organization ...
6 months ago Securityboulevard.com

Welltok data breach exposes data of 8.5 million US patients - Healthcare SaaS provider Welltok is warning that a data breach exposed the personal data of nearly 8.5 million patients in the U.S. after a file transfer program used by the company was hacked in a data theft attack. Welltok works with health service ...
7 months ago Bleepingcomputer.com

Human cost of PSNI data breach laid bare in official review The Register - An official review of the Police Service of Northern Ireland's August data breach has revealed the full extent of the impact on staff. The review lays bare the broad impact on staff in Northern Ireland, detailing how various officers have been forced ...
6 months ago Packetstormsecurity.com

Cybercrims target hotel staff for management credentials The Register - Cybercriminals are preying on the inherent helpfulness of hotel staff during the sector's busy holiday season. Researchers at Sophos said the latest malware campaign targeting hotels involves sending emails that play on the emotions of staff, while ...
6 months ago Go.theregister.com

US Releases 3000 Immigrants Seeking Asylum After Data Breach Puts Their Lives At Risk - A recent data breach of one of America’s most notorious immigration detention centers is putting the lives of thousands of asylum seekers at risk. In a surprise move, the U.S. government has released 3000 immigrants seeking asylum, in response to ...
1 year ago Bitdefender.com

FCC orders telecom carriers to report PII data breaches within 30 days - Starting March 13th, telecommunications companies must report data breaches impacting customers' personally identifiable information within 30 days, as required by FCC's updated data breach reporting requirements. FCC's final rule follows several ...
4 months ago Bleepingcomputer.com

Welltok Data Breach: 8.5M US Patients' Information Exposed - In a recent cybersecurity incident, Welltok, a leading healthcare Software as a Service provider, reported unauthorized access to its MOVEit Transfer server, affecting the personal information of approximately 8.5 million patients in the United ...
6 months ago Securityboulevard.com

EU lawmakers finalize tough cyber security rules The Register - Infosec in brief The European Union's Parliament and Council have reached an agreement on the Cyber Resilience Act, setting the long-awaited security regulation on a path to final approval and adoption, along with new rules exempting open source ...
6 months ago Go.theregister.com

Fewer cybersecurity professionals losing their jobs in breach 'blame' game - Cybersecurity job loss after a major incident is becoming less likely as organizations drop the "Blame" game for more practical approaches to breach prevention, a survey of 500 CISOs shows. More than 95% of CISOs reported their teams received greater ...
7 months ago Scmagazine.com

PennyMac Files Notice of Data Breach That Leaked Thousands of SSNs - On October 19, 2023, PennyMac Loan Services LLC filed a notice of data breach with the Attorney General of Texas after discovering that unauthorized actors were able to access information that had been entrusted to the company. In this notice, ...
7 months ago Jdsupra.com

Delta Dental says data breach exposed info of 7 million people - Delta Dental of California is warning almost seven million patients that they suffered a data breach after personal data was exposed in a MOVEit Transfer software breach. Delta Dental is a dental insurance provider that covers 85 million people ...
6 months ago Bleepingcomputer.com

Delta Dental of California data breach exposed info of 7 million people - Delta Dental of California and its affiliates are warning almost seven million patients that they suffered a data breach after personal data was exposed in a MOVEit Transfer software breach. Delta Dental of California is a dental insurance provider ...
6 months ago Bleepingcomputer.com

CVE-2023-34459 - OpenZeppelin Contracts is a library for smart contract development. Starting in version 4.7.0 and prior to version 4.9.2, when the `verifyMultiProof`, `verifyMultiProofCalldata`, `procesprocessMultiProof`, or `processMultiProofCalldat` functions are ...
1 year ago

CVE-2021-47510 - In the Linux kernel, the following vulnerability has been resolved: ...
1 month ago

CVE-2024-37354 - In the Linux kernel, the following vulnerability has been resolved: ...
1 week ago

Assessing and mitigating cybersecurity risks lurking in your supply chain - Most involve the supply of software and digital services, or at least are reliant in some way on online interactions. SMBs in particular may not proactively be looking, or have the resources, to manage security in their supply chains. Blindly ...
5 months ago Welivesecurity.com

23andMe updates user agreement to prevent data breach lawsuits - In October, a threat actor attempted to sell 23andMe customer data and, after failing to do so, leaked the data for 1 million Ashkenazi Jews and 4.1 million people living in the United Kingdom. 23andMe told BleepingComputer that the data was obtained ...
6 months ago Bleepingcomputer.com

Goto Customers Backup Data Breach: Protect Your Business and Handle Data Breach Risks - A data breach at Goto customers exposed their backup data to malicious actors, leading to a data breach that impacted those customers. Businesses need to be aware of the risks associated with data breaches and how to protect their organisations from ...
1 year ago Securityaffairs.com

AvidXchange Notifies Consumers of Data Breach Following Period of Unauthorized Access - On October 13, 2023, AvidXchange, Inc. filed a notice of data breach with the Attorney General of Massachusetts after discovering that a recent cybersecurity event resulted in an unauthorized party being able to access the company's IT network. In ...
7 months ago Jdsupra.com

Akumin Files Notice of Data Breach with the Securities and Exchange Commission - On October 16, 2023, Akumin Inc. filed a notice of data breach with the Securities and Exchange Commission after discovering that it had been the recent victim of a ransomware attack. In this notice, Akumin explains that the incident resulted in an ...
7 months ago Jdsupra.com

Latest Cyber News

CVE-2023-24531 - 3 minutes ago
CVE-2022-30636 - 3 minutes ago
Three Ways to Chill Attacks on Snowflake - 33 minutes ago
CVE-2024-4708 - 1 hour ago
CVE-2024-6387 - 1 hour ago
CVE-2024-2199 - 1 hour ago
CVE-2024-3657 - 1 hour ago
CVE-2023-7250 - 1 hour ago
CVE-2024-6453 - 2 hours ago
CVE-2024-24791 - 2 hours ago
Passkey Redaction Attacks Subvert GitHub, Microsoft Authentication - 2 hours ago
5 ChromeOS settings you should change for a more secure Chromebook - 3 hours ago
TechCrunch is part of the Yahoo family of brands - 3 hours ago
CVE-2024-39326 - 3 hours ago
CVE-2024-39325 - 3 hours ago
CVE-2024-39324 - 3 hours ago
CVE-2024-39322 - 3 hours ago
CVE-2022-29622 - 3 hours ago
CVE-2021-42860 - 3 hours ago
Fintech Frenzy: Affirm & Others Emerge as Victims in Evolve Breach - 4 hours ago

Cyber Trends (last 7 days)

Okta - 7 months ago
23andMe - 6 months ago
Kimsuky - 7 months ago
LogoFAIL - 6 months ago
Gh0st rat - 7 months ago

Trending Cyber News (last 7 days)

CVE-2024-6453 - 2 hours ago
CVE-2024-24791 - 2 hours ago
CVE-2024-4708 - 1 hour ago
Three Ways to Chill Attacks on Snowflake - 33 minutes ago
CVE-2024-6452 - 4 hours ago
CVE-2024-39315 - 4 hours ago
CVE-2024-38537 - 4 hours ago
CVE-2023-24531 - 3 minutes ago
CVE-2022-30636 - 3 minutes ago
CVE-2024-39326 - 3 hours ago
CVE-2024-39325 - 3 hours ago
CVE-2024-39324 - 3 hours ago
CVE-2024-39322 - 3 hours ago
Passkey Redaction Attacks Subvert GitHub, Microsoft Authentication - 2 hours ago
TechCrunch is part of the Yahoo family of brands - 3 hours ago
5 ChromeOS settings you should change for a more secure Chromebook - 3 hours ago
CVE-2024-6381 - 6 hours ago
CVE-2024-39894 - 6 hours ago
CVE-2024-39206 - 6 hours ago
CVE-2024-6341 - 6 hours ago