2023 Begins With A Bang For Data Breaches

In late January a hacker posted an offer on the dark web to sell the names, store addresses, and transaction information for more than 800,000 Target customers. The hacker says that the database includes information on customer purchases from pharmacies and information on Target’s RedCards, which offer customers discounts and benefits. Target denies that the information is current, and claims it was not taken directly from the company’s systems. January was a banner month for data breaches, affecting DuoLingo, Hilton Hotels, Samsung, PayPal, Nissan and others. A report from the Identity Theft Resource Center says that 1,802 U.S. companies reported a data compromise in 2022 after 1,862, about the same number as 2021. More than one thousand of last year’s breaches included people’s full Social Security numbers. A spokesperson notes that the figures are estimates since data breach notices are “increasingly issued with less information.”