[ad_1]
Seemingly, tens of thousands of customer accounts were targeted by a series of "brute force attacks" in 2015. About 20,000 accounts were compromised over a five-day period, but their numbers may be a lot higher since the attack lasted for months. . Attackers have penetrated into the 'Dunkin' profiles & # 39; customers with registered DD cards – refillable cards used to make purchases – using account names and passwords disclosed on the Internet by other security breaches. They then sold victims' DD cards online or used them to buy items, stealing "tens of thousands of dollars" from victims.
James said the company did nothing, even though the third-party application developer working for Dunkin has informed him of the breach and provided him with the list of compromised accounts. The announcement of the trial by the Attorney General explains:
"… Dunkin's took no action to protect these nearly 20,000 customers – or potentially thousands of others they did not know about – by notifying them of any unauthorized access, by resetting the passwords of their account to prevent further unauthorized access or by freezing Dunkin 'also did not investigate or analyze the attacks to determine how many accounts receivable had been compromised, what client information had been acquired, and whether client funds had been stolen. "
Nor has the company implemented precautionary measures to prevent a re-occurrence of a security breach. In 2018, 300,000 customer accounts were compromised again. Although Dunkin had informed the customers at that time, she had only told them that a third party had tried to break into their account – she apparently would not have admitted that their account had been compromised. The Attorney General of New York asks that the company is penalized and that the customers are compensated.
[ad_2]
Source link