U-Haul has sent breach notifications to customers after attackers were able to access an internal system for dealers and employees. The breach exposed personal info of customers, including name, date of birth and driver's license, but not payment details. Approximately 67k customer were affected in US and Canada. Affected customers are advised to be vigilant of phishing attempts, and to get identity theft protection.
#FCC gets tough: #Telcos must now tell you when your personal info is stolen
The FCC now "requires carriers to notify customers of #breaches of covered data without unreasonable delay … and in no case more than 30 days following reasonable determination of a #breach."
Yep, cell carriers didn't have to do this before https://www.theregister.com/2024/02/12/fcc_gets_tough_on_telcos/
Just In: Hackers leak an alleged partial Facebook Marketplace database, claiming to have stolen it from a contractor responsible for managing Facebook's cloud services.
If a site's data is breached, after changing the password, is it necessary to redo the 2FA in the app by removing and redoing? (Does not apply to SMS or email 2FA, obviously). Emails, IP, passwords and 2FA info hacked according to #haveibeenpwned
"The incident also exposed 2FA secrets and backup codes along with password reset tokens."