Businesses and government agencies across the world now suffer data breaches on a weekly basis, but they often leave out specific details about the scope of the hack, or, in some cases, fail to alert consumers about the hack at all.
In comes HaveIBeenPwned, a website developed by former Microsoft employee Troy Hunt. The service, which has actually been around since 2013 but has proven to be more useful as hacks grow more common in recent years, invites consumers to submit their email addresses into an online database, which then promises to uncover any data breaches linked to the account in question.
Travel booking sites, flush with credit card information and other consumer data, have proven to be popular targets to hackers, and HaveIBeenPwned is now reporting that one such site appears to have been a major target.
Over five million accounts on Yatra, a travel-booking site based in India and available across the globe, had user data compromised, according to the service.
HaveIBeenPwned tweeted on Wednesday that the breach dates back to 2013 and includes phone numbers, passwords and PIN numbers. But Yatra never disclosed the apparent breach to consumers, according to the Huffington Post.
In a recent interview, Hunt explained that consumers are growing used to data breaches as a normal part of online life and that they are more concerned with how companies handle such breaches rather than whether or not they simply occurred. It would seem, then, that Yatra joins the ranks of Equifax and others accused of failing this important litmus test.
A single computer in Alaska
A state agency in rural Alaska says that 500 people may have had their data exposed in a hack that was possibly linked to Russian cyber criminals.
The Alaska Department of Health and Social Services announced that a computer in northern Alaska was found to be infected with a virus. That same computer also had unauthorized software installed onto it, and according to the state’s investigation, had accessed websites in Russia.
It’s unknown how or why that computer was targeted, but according to the agency, it contained documents “including information on pregnancy status, death status, incarceration status, Medicaid/Medicare billing codes, criminal justice, health billing, social security numbers, driver’s license numbers, first and last names, birthdates, phone numbers, and other confidential data.”
Alaskans are invited to call the agency to see if they were affected.