Members of the Girl Scouts of Orange County were notified this week that their personal information may have been exposed Attack.Databreach to an unknown party who gained access Attack.Databreach to an organization email account last month , according to a letter sent to members . The organization sent the letter Tuesday to about 2,800 members who may have been affected by the data breach Attack.Databreach . Christina Salcido , vice president of mission operations , said members ’ names , birth dates , home addresses , insurance policy numbers and health history information could have been accessed Attack.Databreach from Sept 30 to Oct 1 . “ Out of an abundance of caution , we are notifying everyone whose email was in this email account , ” Salcido wrote in the letter . On the day the organization became aware of the breach , IT services changed the password and determined it was secure , Salcido wrote . The Girl Scouts of Orange County reviewed the account , eliminated all personal information it contained and notified the California attorney general ’ s office of the breach . Because the email account was used for the organization ’ s travel purposes , it contained information about members dating to 2014 . Salcido said the third party used the account to send messages , but she did not specify what type of messages were sent . Elizabeth Fairchild , spokeswoman for the Girl Scouts of Orange County , said staff members noticed Oct 1 that the email account had been used the day before “ to send out non-Girl Scout related emails. ” On Oct 1 , staff members sent an email to members telling them what happened , stating they had secured the account and advising them to not open any unusual emails from that account . “ The vast majority of information stored in the account was nonsensitive , ” Fairchild said . “ Fewer than 300 had sensitive information stored in the account. ” The Girl Scouts of Orange County provided contact information for the credit bureaus Equifax , Experian and TransUnion and suggested that members place fraud alerts on their accounts . If members have questions or concerns about the breach , they can call ( 800 ) 974-9444 or email customercare @ girlscoutsoc.org .

Yahoo , Adult Friend Finder , LinkedIn , Tumblr and Daily Motion all have something in common : in 2016 , details of massive hacks perpetrated against the companies were disclosed . The firms represent a handful of the companies and public bodies around the world that suffered at the hands of hackers last year . Data compromised Attack.Databreach usually included names , emails , and physical addresses , and even personal bank details , ethnicity data , and phone numbers . And the hacks aren ’ t stopping anytime soon . 2017 has already been dominated by numerous data breaches Attack.Databreach and the most recent affects the Association of British Travel Agents , commonly known as ABTA . To keep you in the loop on data breaches Attack.Databreach this year , WIRED will keep a running tally of successful hacks . The abta.com web server for the Association of British Travel Agents ( ABTA ) was recently hacked Attack.Databreach by “ an external infiltrator ” who exposed Attack.Databreach the details of 43,000 individuals . Around 1,000 of these included files that could include personal identity information of customers of ABTA members uploaded since 11 January 2017 , while around 650 may also include personal identity information of ABTA members . As the UK ’ s largest travel association , ABTA ’ s members include travel agents and tour operators . The unauthorised access Attack.Databreach was said to be possible due to a system vulnerability “ that the infiltrator exploited ” to access Attack.Databreach some data provided by some customers of ABTA Members and by ABTA Members themselves . On immediate investigation , ABTA said Vulnerability-related.DiscoverVulnerability it identified Vulnerability-related.DiscoverVulnerability that although ABTA ’ s own IT systems remained secure , there was a vulnerability to the web server managed for ABTA through a third-party web developer and hosting company . “ This , unfortunately , means some documentation uploaded to the website , as well as some information provided by customers , may have been accessed Attack.Databreach , ” ABTA ’ s CEO , Mark Tanzer said . As a precautionary measure , it has taken steps to warn its members and customers of ABTA members who have the potential to be affected . The group has also alerted the relevant authorities , including the Information Commissioner ( ICO ) and the police .

Washington University School of Medicine is committed to protecting the security and confidentiality of our patients ’ information . We regret , however , that information about some of our patients may have been accessed Attack.Databreach by an unauthorized third party due to an email “ phishing ” incident . On January 24 , 2017 , the medical school learned that some of its employees responded to a Dec 2 , 2016 , “ phishing ” email , believing it to be a legitimate request . A “ phishing ” email is designed to look like Attack.Phishing a legitimate email but tricks Attack.Phishing the recipient into taking some action , such as providing login credentials . Upon learning of the incident , we secured the email accounts and began an investigation . The investigation could not rule out that an unauthorized third party may have gained access Attack.Databreach to some employees ’ email accounts . We conducted a detailed review of the employees ’ email accounts and confirmed that some of the emails contained patient information , which may have included names , birth dates , medical record numbers , diagnosis and treatment information , other clinical information , and in some instances Social Security numbers . We reported the phishing incident Attack.Phishing to law enforcement and are cooperating with the investigation . We have no indication that the information in the emails has been misused . However , as a precaution , we began mailing letters to affected patients on March 24 , 2017 , and have established a dedicated call center to answer any questions patients may have . If you believe you may be affected and have not received a letter by April 24 , 2017 , or if you have any questions regarding this incident , please call 844-641-5630 . The call center is open Monday through Friday from 9 a.m. to 5 p.m. central time . We regret any inconvenience this incident may have caused our patients . To help prevent such incidents in the future , we are reinforcing education with our staff and faculty of existing protocols and university resources regarding “ phishing ” emails . We also are reviewing enhancements to strengthen our business practices and user login authentication process .

About 1,000 files accessed Attack.Databreach may include personal identity information of individuals who have made a complaint about an Abta-registered travel agent . It says it is contacting those affected by the hack which happened on 27 February and has a dedicated helpline . It has also alerted the police and the Information Commissioner 's Office ( ICO ) . Part of the ICO 's role is to help the public manage their personal data . Abta chief executive Mark Tanzer said he would `` personally like to apologise for the anxiety and concern '' caused to Abta customers and members . `` It is extremely disappointing that our web server , managed for Abta through a third party web developer and hosting company , was compromised and we are taking every step we can to help those affected . '' Mr Tanzer said the organisation was not aware of any of the information being shared Attack.Databreach beyond the infiltrator . The organisation gives advice and guidance to holidaymakers , sets standards for travel firms and promotes responsible tourism in the UK and abroad . It said the type of data which may have been accessed Attack.Databreach included : Abta said the `` vast majority '' of the 43,000 people affected were those who had registered with email addresses and encrypted passwords or had filled in an online form with basic contact details . It said there was `` a very low exposure risk to identity theft or online fraud '' with this kind of data . It advised customers and ABTA members registered on the site to change their passwords as a `` precautionary measure '' . It has also offered people who may be affected a free-of-charge identity theft protection service .

Northrop Grumman has admitted one of its internal portals was broken into , exposing Attack.Databreach employees ' sensitive tax records to miscreants . In a letter [ PDF ] to workers and the California Attorney General 's office , the aerospace contractor said that between April 18 , 2016 and March 29 , 2017 , crooks infiltrated the website , allowing them to access Attack.Databreach staffers ' W-2 paperwork for the 2016 tax year . These W-2 forms can be used by identity thieves to claim tax rebates owed to employees , allowing the crims to pocket victims ' money . The corp sent out its warning letters on April 18 , the last day to file 2016 tax returns . `` The personal information that may have been accessed Attack.Databreach includes your name , address , work email address , work phone number , Social Security number , employer identification number , and wage and tax information , as well as any personal phone number , personal email address , or answers to customized security questions that you may have entered on the W-2 online portal , '' the contractor told its employees . The Stealth Bomber maker says it will provide all of the exposed workers with three years of free identity-theft monitoring services . Northrop Grumman has also disabled access to the W-2 portal through any method other than its internal single sign-on tool . The aerospace giant said it farmed out its tax portal to Equifax Workforce Solutions , which was working with the defense giant to get to the bottom of the intrusion . `` Promptly after confirming the incident , we worked with Equifax to determine the details of the issue , '' Northrop told its teams . `` Northrop Grumman and Equifax are coordinating with law enforcement authorities to assist them in their investigation of recent incidents Attack.Databreach involving unauthorized actors gaining access Attack.Databreach to individuals ’ personal information through the W-2 online portal . '' According to Equifax , the portal was accessed Attack.Databreach not by hackers but by someone using stolen login details . `` We are investigating alleged unauthorized access Attack.Databreach to our online portal where a person or persons using stolen credentials accessed Attack.Databreach W-2 information of a limited number of individuals , '' an Equifax spokesperson told El Reg on Monday . `` Based on the investigation to date , Equifax has no reason to believe that its systems were compromised Attack.Databreach or that it was the source of the information used to gain access Attack.Databreach to the online portal . ''