Tag Archive for: finance
Nissan data breach leaks customers full names, dates of birth, & Nissan finance account number
/in Mobile Security
Nissan North America has alerted affected customers of a breach that occurred at a third-party service provider and resulted in the exposure of client information.
According to the notification, Nissan states that on June 21, 2022, it was notified of a data breach by one of the software development suppliers that it works with.
The customer data that the third party had obtained from Nissan to utilize in creating and testing software solutions for the carmaker had mistakenly been exposed owing to a poorly configured database. The data had been received by the third party from Nissan.
In January 2021, Nissan North America was the victim of an incident that was similar to this one. The company accidentally left a Git server accessible online with default access credentials, which led to numerous of the company’s repositories being made public.
This event resulted in the loss of twenty gigabytes worth of data, which included the source code for mobile applications and internal tools, information on market research and client acquisition, diagnostics, and specifics regarding NissanConnect services.
As soon as Nissan became aware of the security breach, the company took immediate action to guarantee that the vulnerable database was protected and began an internal inquiry. On September 26, 2022, it was confirmed that the data had most likely been accessed by a third party that was not permitted.
On Monday, January 16, 2023, the security breach was reported to the Office of the Attorney General of Maine, where Nissan confirmed that a total of 17,998 customers had their information compromised by the attack.
Full names, birth dates, and NMAC account numbers are among the information that has been compromised (Nissan finance account). In addition, the warning makes it quite clear that the information that was disclosed did not include any credit card or Social Security number specifics.
Nissan claims that it has, as of this point in time, found no proof that any of this information has been abused. Nevertheless, the company is sending out the letters because it wants to err on the side of caution.
In addition, Experian will provide each person who…
Royal Mail alert as ‘easy to fall for’ scam could ‘drain bank accounts’ | Personal Finance | Finance
/in Computer Security
With the Royal Mail warning customers earlier this month that postage will be affected by striking workers, scammers have been seizing the opportunity to trick unsuspecting victims waiting for their parcels. Phishing attacks related to missed deliveries continue to be prevalent, making it vital to know what to look out for now more than ever.
The Royal Mail scam is simple, an email is sent out claiming that the person has missed a parcel or that it is being held. They are then redirected to a website that looks like the Royal Mail’s official site to arrange delivery.
They then have to enter their details on the site and depending on the version of the scam, they could either be asked to pay a small fee or call a premium rate phone number.
Jacco, computer security expert at Next Day Delivery, said: “This scam is known as a phishing scam and if you are waiting for a parcel or have ordered many gifts online this month then it’s easy to fall for.”
He continued: “The easiest way to tell if these emails are legitimate is to check the sending address of the emailer. You can do this on your computer or your phone by clicking on the person’s name.”
READ MORE: Martin Lewis scam ‘stealing money and personal data from thousands’
Verification code hijacking
Another common scam circulating is a malicious caller posing as a bank or another company with whom a person holds an account.
Mr Bulvshtein explained: “They’ll tell you there’s a problem with your account. They’ll then say that they’re sending a text message to you, with a code to prove your identity.
“By posing as an official company, they turn the tables on you. You’re put on the spot and expected to prove who you are. Actually, they’re the criminal, and they already have your password.”
He went on to say that the code the person might be handing over “will allow them to process a payment or log into your account” with two-factor authentication before warning that unfortunately, “many companies will no longer refund customers who willingly handed over a security passcode.”
Mr Bulvshtein suggested: “Be sure to use a password manager to create strong, secure, and unique passwords. Set up two-factor authentication on…