#customerdata

3 days ago

ELECQ EV Charger Firm Hit By Ransomware
Read More: buff.ly/OpuHuZq

#RansomwareAttack #EVsecurity #CloudBreach #CustomerData #CyberIncident #IoTSecurity #DataProtection #Infosec

1 0 0 0

5 days ago

📖 Do you understand your customers as well as you should?

Get the book:: buff.ly/9wy0s1K

#CDP #customerdata

0 0 0 0

5 days ago

HungerRush Breach Exposes 28M Users
Read More: buff.ly/uUSxhAx

#HungerRush #POSsecurity #CustomerData #DataLeak #RestaurantTech #CybercrimeForum #MassDataExposure #InfosecAlert

0 0 0 0

1 week ago

📖 Do you understand your customers as well as you should?

Get the book:: buff.ly/yB0Vnrw

#CDP #customerdata

0 0 0 0

1 week ago

📖 Do you understand your customers as well as you should? Get the book:: https://amzn.to/4df48pH #CDP #customerdata

📖 Do you understand your customers as well as you should?

Get the book:: buff.ly/sUIq7Cb

#CDP #customerdata

0 0 0 0

SPARK Matrix™: Analytics Customer Data Platform, Q2 2024 Over the years, organizations have invested in several marketing and data warehouse systems. However...

1 week ago

Canadian Tire Breach Hits 38M Accounts
Read More: buff.ly/OPK6b3a

#CanadianTire #DataBreach #EcommerceSecurity #CustomerData #RetailCyber #MassDataExposure #BreachDisclosure #InfosecNews

0 0 0 0

@ramdanav.bsky.social

1 week ago

Analytics Customer Data Platform: Transforming Real-Time Customer Intelligence

qksgroup.com/market-resea...

#AnalyticsCustomerDataPlatform #CustomerDataPlatform #AnalyticsCDP #CustomerData #IdentityResolution #CustomerSegmentation #BehavioralAnalytics

0 0 0 0

2 weeks ago

ManoMano Breach Hits 38M Customers
Read More: buff.ly/jLuNhHA

#ManoMano #DataBreach #ThirdPartyRisk #CustomerData #MassDataExposure #BreachDisclosure #CyberIncident #Infosec

0 0 0 0

2 weeks ago

PayPal Reveals Extended Data Leak
Read More: buff.ly/8CUu17H

#PayPal #DataLeak #FinTechSecurity #CustomerData #PIIExposure #BreachDisclosure #CyberIncident #InfosecNews

0 0 0 0

Luigi's Box

@luigisbox.com

3 weeks ago

🤝 New strategic partner: Custobar
We’re excited to announce a new strategic partnership with Custobar, a leading Customer Data Platform and marketing automation solution for B2C and D2C brands.

#StrategicPartnership #ProductDiscovery #AI #CustomerData #Ecommerce

2 0 1 0

@cysecuritynews.bsky.social

1 month ago

Odido Announces Data Breach
Read More: buff.ly/cc0KoxZ

#Odido #NetherlandsCyber #TelecomBreach #CustomerData #DataExposure #BreachDisclosure #CyberIncident #InfosecNews

0 0 0 0

CySecurity News

1 month ago

Malicious Outlook Add-In Hijack Steals 4,000 Microsoft Credentials A breach transformed the AgreeTo plug-in for Microsoft Outlook - once meant for organizing meetings - into a weapon that harvested over four thousand login details. Though built by a third-party developer and offered through the official Office Add-in Store starting in late 2022, it turned against its intended purpose. Instead of simplifying calendars, it funneled user data to attackers. What began as a practical tool ended up exploited, quietly capturing credentials under false trust. Not every tool inside Office apps runs locally - some pull data straight from web addresses. For AgreeTo, its feature lived online through a link managed via Vercel. That address stopped receiving updates when the creator walked away, even though people kept using it. With no one fixing issues, the software faded into silence. Yet Microsoft still displayed it as available for download. Later, someone with harmful intent took control of the unused webpage. From there, they served malicious material under the app’s trusted name. A login screen mimicking Microsoft’s design appeared where the real one should have been, according to analysts at Koi Security. Instead of authentic access points, users faced a counterfeit form built to harvest credentials. Hidden scripts ran alongside, silently sending captured data elsewhere. After approval in Microsoft’s marketplace, the add-in escaped further checks. The company examines just the manifest when apps are submitted - nothing beyond that gets verified later. Interface components and features load externally, pulled from servers run by developers themselves. Since AgreeTo passed initial review, its updated files came straight from machines now under malicious control. Oversight ended once publication was complete. From inside the attacker’s data pipeline, Koi Security found over 4,000 Microsoft login details already taken. Alongside these, information such as credit card records and responses to bank verification questions had also been collected. While analyzing activity, experts noticed live attempts using the breached logins unfolding in real time. Opening the harmful AgreeTo add-on in Outlook displayed a counterfeit Microsoft login screen within the sidebar rather than the expected calendar tool. Resembling an authentic authentication portal, this imitation proved hard to recognize as fraudulent. Once victims submitted their details, those credentials got sent through a Telegram bot interface. Following that transfer, individuals saw the genuine Microsoft sign-in page appear - helping mask what had just occurred. Despite keeping ReadWriteItem access, which enables viewing and editing messages, there's no proof the tool tampered with any emails. Behind the campaign, investigators spotted a single actor running several phishing setups aimed at financial services, online connectivity firms, and email systems. Notable because it lives inside Microsoft’s official store, AgreeTo stands apart from past threats that spread via spam, phishing, or malvertising. This marks the first time a verified piece of malware has appeared on the Microsoft Marketplace, according to Oren Yomtov at Koi. He also notes it is the initial harmful Outlook extension spotted actively used outside test environments. A removal of AgreeTo from the store was carried out by Microsoft. Anyone keeping the add-in should uninstall it without delay, followed by a password change. Attempts to reach Microsoft for input have been made; no reply came so far.

Malicious Outlook Add-In Hijack Steals 4,000 Microsoft Credentials #CustomerData #CyberAttacks #CyberPhishing

0 0 0 0

@ramdanav.bsky.social

1 month ago

SPARK Matrix™: Customer Data Platform

qksgroup.com/market-resea...

#CustomerDataPlatform #CDP #CustomerData #DataDrivenMarketing #Customer360 #FirstPartyData #AudienceSegmentation #MarketingTechnology #Personalization

0 0 0 0

1 month ago

Loxam Reports Data Breach Incident
Read More: buff.ly/n2YLhkU

#Loxam #SupplyChainRisk #ThirdPartyBreach #CustomerData #DataProtection #CyberIncident #BreachNotification #EnterpriseRisk

0 0 0 0

1 month ago

Substack Data Breach Leaks User Contact Info
Read More: buff.ly/qHoqOYk

#Substack #DataBreach #UserPrivacy #CustomerData #BreachDisclosure #PlatformSecurity #CyberIncident #InfosecNews

0 0 0 0

1 month ago

Data Breach At Betterment Exposes Accounts
Read More: buff.ly/RR3h2cM

#Betterment #DataBreach #FinTechSecurity #CustomerData #CryptoScams #IdentityRisk #BreachNotification #CyberIncident

0 0 0 0

1 month ago

Coinbase Confirms Insider Data Breach
Read More: buff.ly/Y5jAlGm

#InsiderThreat #CryptoSecurity #CustomerData #ThirdPartyRisk #IdentityProtection #BreachDisclosure #FinTechSecurity #CyberRisk

1 0 0 0

1 month ago

Canada Computers Data Breach Leaks Info
Read More: buff.ly/9gOiZ3Z

#DataBreach #RetailCyber #CanadaCyber #CustomerData #PaymentSecurity #BreachDisclosure #CyberIncident #TrustAndTransparency

0 0 0 0

1 month ago

📖 Do you understand your customers as well as you should?

Get the book:: buff.ly/xWG0Alb

#CDP #customerdata

0 0 0 0

1 month ago

📖 Do you understand your customers as well as you should?

Get the book:: buff.ly/2gCmjDr

#CDP #customerdata

0 0 0 0

@cysecuritynews.bsky.social

1 month ago

📖 Do you understand your customers as well as you should? Get the book:: https://amzn.to/4df48pH #CDP #customerdata

📖 Do you understand your customers as well as you should?

Get the book:: buff.ly/WByzKmz

#CDP #customerdata

0 0 0 0

CySecurity News

1 month ago

Ledger Customer Data Exposed After Global-e Payment Processor Cloud Incident A fresh leak of customer details emerged, linked not to Ledger’s systems but to Global-e - an outside firm handling payments for Ledger.com. News broke when affected users received an alert email from Global-e. That message later appeared online, posted by ZachXBT, a known blockchain tracker using a fake name, via the platform X. Unexpectedly, a breach exposed some customer records belonging to Ledger, hosted within Global-e’s online storage system. Personal details, including names and email addresses made up the compromised data, one report confirmed. What remains unclear is the number of people impacted by this event. At no point has Global-e shared specifics about when the intrusion took place. Unexpected behavior triggered alerts at Global-e, prompting immediate steps to secure systems while probes began. Investigation followed swiftly after safeguards were applied, verifying unauthorized entry had occurred. Outside experts joined later to examine how the breach unfolded and assess potential data exposure. Findings showed certain personal details - names among them - were viewed without permission. Contact records also appeared in the set of compromised material. What emerged from analysis pointed clearly to limited but sensitive information being reached. Following an event involving customer data, Ledger confirmed details in a statement provided to CoinDesk. The issue originated not in Ledger's infrastructure but inside Global-e’s operational environment. Because Global-e functions as the Merchant of Record for certain transactions, it holds responsibility for managing related personal data. That role explains why Global-e sent alerts directly to impacted individuals. Information exposed includes records tied to purchases made on Ledger.com when buyers used Global-e’s payment handling system. While limited to specific order-related fields, access was unauthorized and stemmed from weaknesses at Global-e. Though separate entities, their integration during checkout links them in how transactional information flows. Customers involved completed orders between defined dates under these service conditions. Security updates followed after discovery, coordinated across both organizations. Notification timing depended on forensic review completion by third-party experts. Each step aimed at clarity without premature disclosure before full analysis. Still, the firm pointed out its own infrastructure - platform, hardware, software - was untouched by the incident. Security around those systems remains intact, according to their statement. What's more, since users keep control of their wallets directly, third parties like Global-e cannot reach seed phrases or asset details. Access to such private keys never existed for external entities. Payment records, meanwhile, stayed outside the scope of what appeared in the leak. Few details emerged at first, yet Ledger confirmed working alongside Global-e to deliver clear information to those involved. That setup used by several retailers turned out to be vulnerable, pointing beyond a single company. Updates began flowing after detection, though the impact spread wider than expected across shared infrastructure. Coming to light now, this revelation follows earlier security problems connected to Ledger. Back in 2020, a flaw at Shopify - the online store platform they used - led to a leak affecting 270,000 customers’ details. Then, in 2023, another event hit, causing financial damage close to half a million dollars and touching multiple DeFi platforms. Though different in both scale and source, the newest issue highlights how reliance on outside vendors can still pose serious threats when handling purchases and private user information. Still, Ledger’s online platforms showed no signs of a live breach on their end, yet warnings about vigilance persist. Though nothing points to internal failures, alerts remind customers to stay alert regardless. Even now, with silence across official posts, guidance leans toward caution just the same.

Ledger Customer Data Exposed After Global-e Payment Processor Cloud Incident #CustomerData #customerdataleak #customerdataprivacy

0 0 0 0

BrainXchange

@brainxchange.bsky.social

1 month ago

The #Metaverse Isn’t Dead. It’s Turning Into A #CustomerData Powerhouse www.forbes.com/sites/cortne...

0 0 0 0

@florianberger81.bsky.social

1 month ago

Grubhub Confirms New Data Breach Incident
Read More: buff.ly/EErhdHk

#DataBreach #Grubhub #ShinyHunters #ThirdPartyRisk #Zendesk #CustomerData #CyberCrime #BreachAlert #Infosec

0 0 0 0

Florian Berger

1 month ago

Customer-Data-Platform (CDP) Eine Customer-Data-Platform (CDP) ist eine zentrale Software-Schicht, die Kundendaten aus verschiedenen Quellen sammelt, vereinheitlicht und in nutzbare Profile überführt – damit Marketing, Vertrieb und Service mit derselben Datengrundlage arbeiten können. Im Kern löst eine CDP ein ganz konkretes Problem: Deine Kundendaten liegen oft verteilt in Webtracking, Shop, Newsletter, CRM, App und Support. Eine CDP bringt […]

Deine Kundendaten verstreut und unübersichtlich? Mit einer Customer-Data-Platform verbindest du alle Kanäle und schaffst ein starkes Marketingfundament für dein Startup. Bereit für den nächsten Schritt #CustomerData #StartupGrowth #MarketingTool #Innovation

0 0 0 0

CySecurity News

@cysecuritynews.bsky.social

2 months ago

California Privacy Regulator Fines Datamasters for Selling Sensitive Consumer Data Without Registration The California Privacy Protection Agency (CalPrivacy) has taken enforcement action against Datamasters, a marketing firm operated by Rickenbacher Data LLC, for unlawfully selling sensitive personal and health-related data without registering as a data broker. The Texas-based company was found to have bought and resold information belonging to millions of individuals, including Californians, in violation of the California Delete Act. Under the Delete Act, companies engaged in buying or selling consumer data are required to register annually as data brokers by January 31. Beginning in 2026, the law will also enable consumers to use a centralized online tool known as the Delete Request and Opt-out Platform (DROP), which allows individuals to request the deletion of their personal information from all registered data brokers at once. CalPrivacy imposed a $45,000 fine on Datamasters for failing to register within the required timeframe. Due to the seriousness and continued nature of the violations, the agency also prohibited the company from selling personal information related to Californians. According to the regulator’s final order, Datamasters continued operating as an unregistered data broker despite repeated efforts by the agency to bring it into compliance. The investigation found that Datamasters purchased and resold data linked to people with specific medical conditions, including Alzheimer’s disease, drug addiction, and bladder incontinence, primarily for targeted advertising purposes. In addition to health data, the company traded consumer lists categorized by age and perceived race, marketing products such as “Senior Lists” and “Hispanic Lists.” The datasets also included information tied to political views, grocery shopping behavior, banking activity, and health-related purchases. The scope of the data involved was extensive, reportedly consisting of hundreds of millions of records containing names, email addresses, physical addresses, and phone numbers. CalPrivacy identified the nature and scale of the data processing as a significant risk to consumer privacy, particularly given the sensitive characteristics associated with many of the records. An aggravating factor in the case was Datamasters’ response to regulatory scrutiny. The company initially claimed it did not conduct business in California or handle data belonging to Californians. When confronted with evidence to the contrary, it later acknowledged processing such data and asserted that it manually screened datasets, a claim regulators found unconvincing. The agency noted that Datamasters resisted compliance efforts while continuing its data brokerage activities. As part of the enforcement order, signed on December 12, Datamasters was instructed to delete all previously acquired personal information related to Californians by the end of December. The company must also delete any California-related data it may receive in the future within 24 hours. Additionally, Datamasters is required to maintain compliance safeguards for five years and submit a report detailing its privacy practices after one year. In a separate action, CalPrivacy fined S&P Global Inc. $62,600 for failing to register as a data broker for 2024 by the January 31, 2025 deadline. The agency noted that the lapse, which lasted 313 days, was due to an administrative error and that the company acted promptly to correct the issue once identified.

California Privacy Regulator Fines Datamasters for Selling Sensitive Consumer Data Without Registration #California #CustomerData #DataBreach

0 0 0 0

WPSCRM

@wpscrm.bsky.social

2 months ago

Empower your business with WPSCRM a smart CRM solution designed to manage leads, customer data, and sales workflows with secure cloud-based access for seamless business growth.
Visit: wpscrm.com
Contact us:022-697-10063
#WPSCRM #SmartCRM #BusinessGrowth #SalesAutomation #LeadManagement #CustomerData

0 0 0 0