The cloud-based HR compliance company, ComplyRight, has recently announced that they were the victim of a security breach that may have compromised sensitive customer data such as addresses (physical and email), phone numbers, names, and social security numbers from company tax forms submitted by clients.
ComplyRight had begun issuing breach notifications to affected clients late last week, however, the clients stated that the notifications were extremely vague about the cause and scope of the breach. In a public notice issued yesterday, the company stated that only a fraction (10%) of individuals who had prepared their tax forms on the ComplyRight web platform were affected by the breach. The company has also offered 12 months of free credit monitoring and identity theft protection services to the affected individuals.
Speaking about the breach, Jeannie Warner, Security Manager at WhiteHat Security said, “Despite the fact that web applications often house sensitive consumer data, they are often forgotten when it comes to implementing security measures--making them an easy target for hackers, who can exploit them and gain access to back-end corporate databases. According to WhiteHat Security research, an alarming number of web applications remain ‘always vulnerable’ and susceptible to attack every single day of the year.”
Read more here.
Join us in Madrid from the 13th to the 16th of November for the Property Portal Watch Conference.