Image removed

Did you hear the news? American car rental giant Avis recently informed customers that cybercriminals breached one of its business applications last month and stole some of their personal information.

According to data breach notification letters sent to impacted customers and filed with California’s Office of the Attorney General, Avis took action to stop the unauthorized access and launched an investigation with the help of external cybersecurity experts after learning of the breach on August 5th.

What did the investigation uncover?

The investigation revealed that the attacker had access to Avis’s business application from August 3rd to 6th. The company managed to evict the malicious actor from its systems and blocked its access on August 6th. On August 14th, it also discovered that the attacker stole some customers’ personal information, including their names and other undisclosed sensitive data.

Since the breach, Avis says it has worked with outside experts to strengthen security measures for the affected application and implemented additional safeguards across its systems.

What has Avis done to protect its customers?

Avis has been actively reviewing security monitoring and controls to bolster security defenses and warned customers of identity theft and fraud risks following the data breach. The company advised those whose personal information was stolen to remain vigilant against threats of identity theft or fraud. They suggested customers do this by regularly reviewing and monitoring their account statements and credit history for any signs of unauthorized transactions or activity and contacting credit reporting agencies if they suspect any unauthorized activity.

Moreover, Avis offered those affected a free one-year membership to Equifax’s credit monitoring service, which provides assistance with identity theft detection and resolution.

About Avis and its global presence

Avis is a subsidiary of Avis Budget Group, a leading global mobility solutions provider that also owns Zipcar, the world’s leading car-sharing network. Its Avis and Budget car rental brands operate over 10,000 rental locations in 180 countries across North America, Europe, and Australasia. Avis Budget Group has reported more than $3.0 billion in revenues for the second quarter of 2024.

We reached out to Avis for more information about the attack’s nature, the number of affected customers, and the other personal information stolen in the breach, but the company has not responded yet.

Stay informed and protected

Cybersecurity is more important than ever, and we at IT Services are dedicated to helping you stay informed and protected. We encourage you to keep coming back to learn more about the latest cybersecurity news and trends. Together, we can make the digital world a safer place for everyone. If you have any questions or concerns, don’t hesitate to contact us!

Imagine waking up one day to find out that your personal information has been stolen by hackers. Your name, contact details, social security number, date of birth, and even your health information are now in the hands of cybercriminals. This nightmare scenario recently became a reality for thousands of people when a major U.S. company fell victim to a data breach.

CBIZ: A Cybersecurity Wake-up Call

CBIZ Benefits & Insurance Services (CBIZ), one of the largest professional services companies in the United States, recently disclosed a significant data breach involving unauthorized access to client information stored in specific databases. This management consulting company, which provides financial and benefits and insurance services to various organizations and individual customers, reported that a threat actor exploited a vulnerability in one of its web pages and stole customer data between June 2 and June 21.

Upon discovering the intrusion on June 24, CBIZ launched an investigation with the help of cybersecurity professionals. They found that an unauthorized party was able to exploit a vulnerability associated with one of its web pages and acquire information from certain databases during the three-week period. To put things in perspective, CBIZ operates 120 offices across the country, employs 6,700 people, and recorded a revenue of $1.59 billion in 2023.

What Was Stolen?

Hackers managed to steal information belonging to nearly 36,000 individuals. The compromised data includes:

• Name
• Contact details
• Social Security number
• Date of birth/death
• Retiree health information
• Welfare plan information

Protecting Yourself and Your Data

CBIZ began sending personalized notifications to impacted clients on August 28, informing them of the breach. While the company has no evidence that the stolen data has been misused, they are offering guidance on how to enroll in a two-year credit monitoring and identity theft protection service to reduce potential risk. Additionally, impacted clients are advised to consider placing a credit/security freeze and adding a fraud alert to their credit report.

This incident serves as a stark reminder of the importance of cybersecurity and the need to protect our personal information. Cyberattacks are becoming more frequent and sophisticated, and businesses of all sizes must take the necessary precautions to safeguard their customers’ data. As individuals, we must also stay informed and vigilant to protect ourselves from the consequences of data breaches.

Don’t Be a Victim: Stay Informed and Take Action

Here at IT Services, our mission is to help you stay ahead of cyber threats. We provide the latest news, updates, and resources on cybersecurity to help you protect your digital footprint. Whether you’re a business owner or an individual user, knowledge is power when it comes to defending against cyberattacks. So don’t wait for a wake-up call like CBIZ – take action now to secure your digital life.

Stay informed and keep coming back to learn more. And remember, if you have any concerns or questions about cybersecurity, we’re here to help. Don’t hesitate to contact us for expert advice and support.

Last Wednesday, DICK’S Sporting Goods, the largest chain of sporting goods retail stores in the United States, discovered a cyberattack that exposed confidential information. With $12.98 billion in revenue in 2023 and over 857 stores across the country, this breach impacts a significant number of people.

Responding to the Cyberattack

In a filing with the U.S. Securities and Exchange Commission (SEC), DICK’S has hired outside cybersecurity experts to help contain the security breach and assess the impact. The company stated, “On August 21, 2024, the Company discovered unauthorized third-party access to its information systems, including portions of its systems containing certain confidential information.”

As soon as the incident was detected, DICK’S activated its cybersecurity response plan and engaged external cybersecurity experts to investigate, isolate, and contain the threat.

Keeping Information Under Wraps

According to an anonymous source, the company has been tight-lipped about the breach and has instructed employees not to discuss it publicly or put any information in writing. The same source revealed that email systems had been shut down, likely to isolate the attack, and all employees were locked out of their accounts. IT staff is now manually validating employees’ identities on camera before granting access to internal systems.

In an internal memo, DICK’S informed employees that most of them no longer have access to their systems due to a “planned activity” and that team leaders will contact them via personal email or text for further instructions.

Business Operations Unaffected

Phone lines at local stores are currently down due to the incident, but the company has reported no disruption to their business operations to date. In their SEC filing, DICK’S stated, “The Company has also notified federal law enforcement. The Company has no knowledge that this incident has disrupted business operations. The Company’s investigation of the incident remains ongoing.”

Although the company believes the incident is not material at this point, the investigation is still in progress, and the full impact remains to be seen.

What You Can Do

Cybersecurity is a critical concern for businesses and individuals alike. We at IT Services are committed to keeping you informed and protected. Stay tuned for updates on this situation, and don’t hesitate to reach out to us for advice and assistance in safeguarding your personal and professional information. Let’s work together to stay one step ahead of cyber threats.