BleepingComputer reports that U.S. subscription-based background check services TruthFinder and Instant Checkmate had their systems impacted by a data breach, resulting in the exposure of data from 20.22 million customers who used the services until April 16, 2019, in a hacking forum.
Attackers were able to steal two 2.9 GB CSV files containing data from more than 11.9 million Instant Checkmate users, more than 8.2 million TruthFinder users, and 4,625 TruthFinder International users, with the exposed data including first and last names, email addresses, phone numbers, and hashed passwords. Moreover, the data was noted by Breached forum owner Pompompurin to be exfiltrated from an exposed database backup.
"We learned recently that a list, including name, email, telephone number in some instances, as well as securely encrypted passwords and expired and inactive password reset tokens, of TruthFinder subscribers was being discussed and made available in an online forum. We have confirmed that the list was created several years ago and appears to include all customer accounts created between 2011 and 2019. The published list originated inside our company," said PeopleConnect, the parent company of both compromised firms.
Infiltration of TfL's internal systems on September 1 resulted in the exfiltration of some customers' names and contact information, as well as refund data belonging to nearly 5,000 Oyster cardholders.
Major cybersecurity firm Fortinet has disclosed having information from fewer than 0.3% of its customers compromised following a cyberattack against its Microsoft Azure SharePoint server by the threat actor Fortibitch, which claimed to have stolen and exposed 440 GB of data.
After initially publishing data purportedly from Kadokawa in late June — which the firm confirmed to include internal corporate information and business partner details — BlackSuit was discovered by cybersecurity researcher HackManac to have updated its darknet site with additional stolen data on Tuesday.
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news