Subj : Thousands of victims hit in attack on chocolate maker Hershey
To   : All
From : TechnologyDaily
Date : Tue Dec 05 2023 20:45:05

Thousands of victims hit in attack on chocolate maker Hershey

Date:
Tue, 05 Dec 2023 20:42:33 +0000

Description:
Important information, including payment data, was accessed for more than 
2,000 Hershey customers.

FULL STORY
======================================================================

The Hershey Company suffered a major data breach in which peoples payment 
data and personally identifiable information (PII) were both taken. 

The famous chocolate maker has filed a notification with the Maine Attorney 
Generals office, stating that in early September, some of its employees fell 
prey to a phishing attack. 

The attack resulted in the theft of sensitive data, including Financial 
Account Numbers or Credit/Debit Card Numbers (in combination with security 
codes, access codes, passwords, or PINs for the account). In total, 2,214 
people were affected by the incident. Identity theft 

According to The Register , Hershey subsequently conducted its investigation 
and then notified affected individuals of its results. In the letter, it said 
that the attackers "may have had access to certain personal information," but 
stressed that there was "no evidence that any information was acquired or 
misused." 

As per the notification letter, the hackers accessed peoples first and last 
names, health and medical information, health insurance information, digital 
signatures, dates of birth, addresses and contact information, driver's 
license numbers, credit card numbers with passcodes or security codes, and 
credentials for online accounts and financial accounts including routing 
numbers. 

Thats more than enough for phishing attacks, identity theft , or wire fraud. 
Hersheys customers should be extra wary of any incoming email or SMS messages 
claiming to be from the company. 

"Upon learning of the incident, Hershey worked to block the unauthorized 
user's access and confirm that the affected Hershey accounts were no longer 
in use by the unauthorized user," it was added in the letter. To strengthen 
its systems and prevent future similar occurrences, the company forced all 
users to change their passwords. It introduced additional detection 
safeguards to our corporate email environment, the company concluded. 

Despite finding no evidence of data misuse, Hershey still offered two years 
of free identity protection services to affected individuals via Experian 
IdentityWorks. More from TechRadar Pro One of the most worrying WordPress 
malware threats is making a comeback Here's a list of the best firewalls 
today These are the best endpoint protection software right now



======================================================================
Link to news story:
https://www.techradar.com/pro/security/thousands-of-victims-hit-in-attack-on-c
hocolate-maker-hershey


--- Mystic BBS v1.12 A47 (Linux/64)
 * Origin: tqwNet Technology News (1337:1/100)

.