• Menu
  • Skip to main content
  • Skip to primary sidebar

The Cyber Security News

Latest Cyber Security News

Header Right

  • Latest News
  • Vulnerabilities
  • Cloud Services
Cyber Security News

Five Guys Discloses Data Breach Affecting Employee PII

You are here: Home / General Cyber Security News / Five Guys Discloses Data Breach Affecting Employee PII
January 5, 2023

American rapid food stuff restaurant chain 5 Fellas has introduced a information breach in a the latest letter to clients from COO Sam Chamberlain.

According to the letter, the security incident occurred in September 2022 and exposed sensitive customer facts by an unauthorized party who accessed a file server.

Stolen details would include employee individually identifiable data (PII) such as names, social security numbers and driver’s license figures.

✔ Approved Seller From Our Partners
Mullvad VPN Discount

Protect your privacy by Mullvad VPN. Mullvad VPN is one of the famous brands in the security and privacy world. With Mullvad VPN you will not even be asked for your email address. No log policy, no data from you will be saved. Get your license key now from the official distributor of Mullvad with discount: SerialCart® (Limited Offer).

➤ Get Mullvad VPN with 12% Discount


“This is nonetheless yet another incident exactly where attackers have managed to breach an organization’s network, and the victims whose data was stolen had been not educated right until months afterwards, giving attackers ample time to use that information to commit credit history and id fraud,” said Julia O’Toole, CEO of MyCena Security Solutions.

More, in accordance to Casey Ellis, founder and CTO at Bugcrowd, what was breached was very likely Five Guys’ recruiting process, where candidates add their resumes.

“Having these kinds of systems accessible to the internet can make feeling when you look at the recruiting and task application method, but if a thing is much more available to a public person, it is really also more obtainable to a likely attacker,” Ellis advised Infosecurity.

“Frequent web coding flaws like Oblique Object References (IDOR), authentication flaws, and even injection flaws can help this sort of attacker end result with no the want for lateral movement.”

John Bambenek, principal threat hunter at Netenrich, included that the most rapid use of this information is to comprehend there are a handful of people today on the lower stop of the financial scale who are wanting for careers.

“I envision there will be frauds and mule recruitment lures despatched to individuals men and women in the close to long term,” Bambenek extra. “Thinking about the field, I are not able to see a viable attack path to Five Men alone except if some of those people resumes stand for ‘back office’ variety staff members.”

In the letter, the enterprise said it has arranged for afflicted shoppers to get cost-free credit history checking and identity security services by way of IDX as payment.

“These identification security solutions contain a person year of credit and CyberScan checking, a $1,000,000 insurance policy reimbursement plan, and entirely managed identification theft restoration solutions,” the company wrote.

The facts breach, however only disclosed now, took place weeks just before KFC and McDonald’s prospects were being specific by using phishing strategies throughout Saudi Arabia, UAE and Singapore previous Oct.


Some sections of this write-up are sourced from:
www.infosecurity-journal.com

Previous Post: «Cyber Security News Over 200 Million Twitter Users’ Details Leaked on Hacker Forum
Next Post: Hackers Leverage Compromised Fortinet Devices to Distribute Ransomware Cyber Security News»

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Primary Sidebar

Report This Article

Recent Posts

  • WhatsApp Unveils Proxy Support to Tackle Internet Censorship
  • Hackers Using CAPTCHA Bypass Tactics in Freejacking Campaign on GitHub
  • Blind Eagle Hacking Group Targets South America With New Tools
  • US Family Planning Non-Profit MFHS Confirms Ransomware Attack
  • Microsoft Reveals Tactics Used by 4 Ransomware Families Targeting macOS
  • Dridex Malware Now Attacking macOS Systems with Novel Infection Method
  • Cyber attacks on UK organisations surged 77% in 2022, new research finds
  • WhatsApp to combat internet blackouts with proxy server support
  • The IT Pro Podcast: Going passwordless
  • Podcast transcript: Going passwordless

Copyright © TheCyberSecurity.News, All Rights Reserved.