Data Breaches - W/E - 11/1/19

Bed, Bath & Beyond Probing Data Breach (10/30/2019)
In a filing to the Securities and Exchange Commission (SEC), the housewares company Bed, Bath &Beyond disclosed a data breach. According to the filing, it was "discovered that a third party acquired email and password information from a source outside of the Company's systems which was used to access less than 1% of the Company's online customer accounts." Notifications were sent to those customers affected by the breach, but no other details were released.

Exposed Database Leaks 7.5 Million Adobe Creative Cloud Records (10/29/2019)
Researcher Bob Diachenko and security company Comparitech uncovered an unsecured Elasticsearch database containing about 7.5 million Adobe Creative Cloud user records. Adobe was notified on October 19 and promptly secured the database, which contained email addresses, member IDs, and other information, although payment data and passwords were not affected. Adobe released a statement admitting that a misconfiguration was to blame for the breach.

Three Domain Name Registrars Breached and 22 Million Accounts Affected (10/30/2019)
A data compromise has impacted Web.com and its subsidiaries Network Solutions and Register.com, which are among the largest domain name registrars. The three companies issued similar statements, saying the breach occurred in August, targeted "a limited number" of computer systems, and was detected on October 16. Federal authorities have been made aware of the incident and a cybersecurity firm is conducting an investigation. Web.com told SecurityWeek that about 22 million accounts are affected but payment information is not.