Fidelity National Financial subsidiary says 1.3 million were affected by the November cyberattack.

Major insurer Fidelity National Financial has reported a data breach after a November 2023 cyberattack struck one of its subsidiaries. A successful cyberattack at LoanCare, one of the U.S.’s largest providers of loan sub-servicing, led to data exposure for 1,316,938 people. The company said that the attack took place around November 19, 2023. Clients may have had personal data exposed including their name, address, social security number and loan number. Victims are being offered two years of identity protection services from Kroll. 

https://therecord.media/fidelity-national-financial-subsidiary-breach-disclosure

How It Could Affect Your Customers’ Business: In today’s interconnected business world companies can unwittingly provide a back door into a sister company or client’s network.

Xfinity discloses data breach affecting over 35 million people

Xfinity has announced that it experienced a data breach in late October 2023 because of the Citrix Bleed vulnerability. The company said that hackers breached one of its servers and obtained customer information, resulting in data exposure for an estimated 35,879,455 people. The stolen data includes usernames and hashed passwords as well as customer names, contact information, last four digits of social security numbers, dates of birth and/or secret questions and answers. The Citrix Bleed vulnerability first surfaced in August 2023.

https://www.bleepingcomputer.com/news/security/xfinity-discloses-data-breach-affecting-over-35-million-people/#google_vignette

How It Could Affect Your Customers’ Business: Growing reliance on business applications and similar technology means that companies will face a continually growing flood of zero-day threats.

CBS, Paramount owner National Amusements says it was hacked

National Amusements, the corporate parent of major entertainment companies including Paramount and CBS has disclosed that it experienced a data breach in December 2022 in a filing with the Maine Attorney General. The conglomerate says that it discovered the incident in August 2023, which resulted in hackers snatching the personal information of 82,128 people including employees and former employees. The filing specified that the hackers also stole financial information, such as banking account numbers or credit card numbers in combination with associated security codes and passwords.
https://techcrunch.com/2023/12/26/cbs-paramount-owner-national-amusements-hacked/

How It Could Affect Your Customers’ Business: Bad actors don’t have to steal a company’s customer data to get a treasure trove of sensitive information.