September Cyber Scam Update Is Now LIVE
The September edition of our Cyber Scam Update is now available for sharing.
Names, Email Addresses and Partial Credit Card Information Are Among The Details Stolen In April - Affected Customers Were Not Told
A breach at UK car insurance company, the AA, has exposed information on more than 100,000 customers, including names, email addresses and partial credit card details, according to security researchers.
The company said a 'server misconfiguration' was responsible for the information being openly available on the web for a few days in April of this year.
The AA have been criticized for its handling of the incident: After claiming no sensitive information was included in the exposed cache, the company was called to task when security researcher Troy Hunt said he found 117,000 unique email addresses, names and partial credit card info among the details.
The company never notified its affected customers, he added.
AA president Edmund King said the contractor which the company uses to run its website identified the vulnerability and resolved the issue in two days. He also said that the information was accessed “a few times,” but that AA made the determination that no sensitive information was revealed after doing random sampling - hence no customer notification.
As a precaution, it is recommended that AA customers consider the following;