Identity protection firm Aura said this week an unauthorized party accessed nearly 900,000 marketing and customer records, including names and email addresses, after a voice phishing attack.
KEY FACTS
- Incident Unauthorized access to marketing and customer records
- Cause Voice phishing targeting an employee
- Records exposed Nearly 900,000 marketing contacts including names and emails
- Sensitive data not exposed Social Security numbers, account passwords, and financial information
- Notification Personalized notices to affected individuals planned
The disclosure identifies the data as originating from a marketing tool inherited in a 2021 acquisition. The marketing database contained about 900,000 contacts while 35,000 were current customers.
Compromised fields include full names, email addresses, home addresses, and phone numbers. The disclosure emphasizes that Social Security numbers, account passwords, and financial information were not included.
Files appeared on a ShinyHunters extortion site with roughly 12 GB of data and a public leak of files. The company did not provide further comment on the group’s claims or on an alleged Okta single sign-on compromise.
The Have I Been Pwned entry lists 901,000 affected accounts and indicates customer service comments and IP addresses were also exposed, with 90 percent of the email addresses already in its database.
The company is conducting an internal review with external cybersecurity experts and has informed law enforcement. Personalized notifications will be sent to affected individuals.
WHY IT MATTERS
The exposure of a large marketing contact list raises the risk of targeted phishing and spam for affected addresses. Firms inheriting legacy marketing data may face similar risks if access controls are not updated after acquisitions.