Data Breach - Aura Exposes 900,000 Marketing Contacts
Basically, a hacker accessed Aura's customer data through a phone scam.
Aura confirmed a data breach exposing 900,000 customer records. Names and emails were compromised, raising identity theft concerns. Aura is notifying affected individuals and working with experts.
What Happened
Aura, a company specializing in identity protection, recently confirmed a significant data breach. An unauthorized party accessed nearly 900,000 customer records due to a voice phishing attack targeting one of its employees. This breach has raised alarms about the security of personal data in the digital age.
The attack exposed sensitive information of 20,000 current and 15,000 former customers. The compromised data originated from a marketing tool used by a company that Aura acquired in 2021. During this acquisition, Aura inherited a database that contained limited customer information, which has now become a focal point of concern.
Who's Affected
The breach has impacted a large number of individuals, with nearly 900,000 records being compromised. This includes full names, email addresses, home addresses, and phone numbers. However, Aura has confirmed that more sensitive information, such as Social Security Numbers (SSNs), account passwords, and financial details, were not part of the breach.
Interestingly, the Have I Been Pwned (HIBP) service analyzed the leaked data and found that 90% of the email addresses were already in their database from previous incidents. This suggests that many affected individuals may have already been exposed in other breaches, raising concerns about the cumulative risk of data exposure.
What Data Was Exposed
The data breach involved the exposure of various types of personal information. While the most concerning elements like SSNs and financial data were safeguarded, the leaked records still pose a significant risk. Affected individuals may face potential phishing attempts and other identity theft risks due to the availability of their names and contact information.
Aura has stated that they are conducting an internal review in collaboration with external cybersecurity experts. They are also in contact with law enforcement to ensure that the situation is handled appropriately. Affected individuals will soon receive personalized notifications regarding the breach and the data exposed.
What You Should Do
If you believe you are among those affected by the Aura data breach, it is crucial to take immediate action. Here are some recommended steps:
- Monitor your accounts for any suspicious activity. Check bank statements and credit reports regularly.
- Change passwords for any accounts that may be linked to the exposed email addresses.
- Consider enrolling in identity theft protection services to safeguard against potential misuse of your information.
- Stay informed about the situation by keeping an eye on official communications from Aura and cybersecurity news outlets.
While Aura has assured that they are taking the necessary steps to address the breach, it's essential for individuals to remain vigilant and proactive in protecting their personal information.