McDonald's (MCD) informed some of its customers Monday that portions of personal information they submitted to its website or in promotions was improperly accessed by thieves. The security breach may have included customers' names, cell phone numbers, and email addresses, according to the report. A third-party marketing services company that McDonald's hired reportedly subcontracted the email marketing work to another organization, which apparently suffered the security breach.
Change Your Password
And over the weekend, Gawker Media, which operates a number of sites from tech gadget site Gizmodo to Lifehacker.com, says it was hit with a security breach that may have resulted in hackers gaining access to registered users' log-ins and passwords. As a result, folks who use the same password for their Twitter account as they do for their Gawker account may have been among the victims who found spam postings sent out on their tweets.
Gawker advised users to immediately change their passwords and to do the same on any other accounts with the same passwords. The media company said it's taking several steps to reduce the potential for this security breach to happen again.
"We're bringing in an independent security firm to improve security across our entire infrastructure. Additionally, we will continue to work with independent auditors to ensure we maintain a reliable level of security, as well as the processes necessary to ensure we maintain a safe environment for our commenters," Gawker said in a statement.
However, folks should always be wary when redirected to dubious websites where they're asked to provide financial information, such as bank accounts or Social Security numbers.
During the holiday season, when traffic to online shopping sites spikes, cyber thieves consider it an opportune time to ramp up their efforts to steal credit card numbers and other useful financial and personal information, security experts say.
As a result, online holiday shoppers need to be more vigilant and think twice before clicking on a website link or downloading an attachment embedded in an email that appears to be sent from a friend, family member or business.