The Month in Hacks: November 2018

Dell hits password reset. Marriott's data checks out. USPS slow to act. Dunkin Donuts customer information breach. It's all this and more in The Month in Hacks.

Dell Hits Reset for Customer Passwords

During late November, the well known computer technology company Dell shared information surrounding a “cybersecurity incident.” During said incident, Dell discovered unauthorized users in their network attempting to steal vital customer information such as names, passwords and email addresses.

Encouragingly, Dell mentioned “Credit card and other sensitive customer information were not targeted. The incident did not impact any Dell products or services.”

Marriott Hackers Stole Data On 500 Million Guests -- Passports And Credit Card Info Included

One of the year's biggest hacks has just been revealed. Hotel chain giant Marriott admitted 500 million guests had been hit by an attack that dates back at least four years.

The company said Friday the information was taken from the Starwood guest reservation database. It amounts to a goldmine of data for any would-be identity thief, or a government surveillance operative. Credit card numbers, passport info and a whole treasure trove of other customer data was stolen in the breach.

USPS Left User Data Exposed for Months

The United States Postal Service has recently patched a security vulnerability which exposed customer data for those who have an active USPS.com account. Specifically, up to 60 million accounts were exposed. Information such as email addresses, usernames, user IDs, account numbers, street addresses, phone numbers and mailing campaign data was exposed to potential hackers.The vulnerability was reported to USPS by an anonymous researcher. Allegedly, the information was ignored by USPS until only recently, when a journalist contacted the agency on behalf of the unnamed researcher.

Dunkin' Donuts Reports Cybersecurity Incident

Dunkin' Donuts has informed customers that some DD Perks accounts may have been hacked. DD Perks is a feature in which customers can add money to their account for Dunkin' purchases.

Dunkin' Donuts released a statement detailing the attack. Details included within the statement suggest customer names, email addresses, and account numbers were breached. Equipped with this private customer information, third party hackers then tried to break into other online accounts of Dunkin' Donuts customers.