Monday, November 8, 2021

News - Diamond Comic Distributors Hit With Ransomware Attack - Robinhood Investing Gets Hacked, 7 Million Customers Exposed

Diamond Distributors were offline over the weekend, the victim of a ransomware attack.

From Bleeding Cool (linked above):

As many of you may know, we are currently experiencing systems issues affecting our order processes and communications. Our IT department and a team of third-party experts are working around the clock to address these issues and restore full operations.

We've determined that the systems issues we're experiencing are the result of a ransomware attack. These attacks have, unfortunately, become increasingly pervasive in recent months, impacting organizations around the world. We want to assure you that customer data and financial information is not stored on our network and as such we have no reason to believe it has been impacted by this attack.

In addition to the investigation underway by our team of third-party forensic experts, we've also notified law enforcement. While some of our systems remain down, rest assured we are continuing to ship product and fill orders to the greatest extent we can. Our retailer services portal is online and available for FOC this evening and tomorrow.

Thank you for your patience as we work to restore full operations as quickly as possible. We're grateful for your support and will share updates with you as we have them.

Robinhood Investing was hacked last week, exposing the data of 7 million customers.

From The Verge:

Trading platform Robinhood said Monday that personal information for more than 7 million customers was accessed during a data breach on November 3rd. The company said in a news release that it does not appear that Social Security numbers, bank account numbers, or debit card numbers were exposed, and no customers have had “financial loss” due to the incident.

An unauthorized third party “socially engineered a customer support employee by phone,” Robinhood said, and was able to access its customer support systems. The attacker was able to get a list of email addresses for approximately 5 million people and full names for a separate group of 2 million people. For a smaller group of about 310 people, additional personal information, including names, dates of birth, and zip codes, was exposed, and for about 10 customers, “more extensive account details” were revealed.

The company did not provide further information about what those “extensive” details were, but a spokesperson said in response to a query from The Verge that even for those 10 customers, “we believe that no Social Security numbers, bank account numbers, or debit card numbers were exposed.” The spokesperson declined to say whether any of the customers may have been specifically targeted in the hack, but the company said it was in the process of notifying those who had been affected. 

Coming soon to a hobby community near you...

 The Tavern is supported by readers like you. The easiest way to support The Tavern is to shop via our affiliate links. DTRPGAmazon, and Humble Bundle are affiliate programs that support The Tavern. 

You can catch the daily Tavern Chat podcast on AnchorYouTubeor wherever you listen to your podcast collection. - Tenkar  

1 comment:

  1. "An unauthorized third party 'socially engineered a customer support employee by phone.'” What does that even mean? They talked a CSR into transmitting a database to them?!


Tenkar's Tavern is supported by various affiliate programs, including Amazon, RPGNow,
and Humble Bundle as well as Patreon. Your patronage is appreciated and helps keep the
lights on and the taps flowing. Your Humble Bartender, Tenkar

Blogs of Inspiration & Erudition