USAA Data Breach: What & How It Happened?
Twingate Team
•
Jun 20, 2024
From December 2022 to May 2023, USAA, a financial services company, experienced a data breach that exposed personal information of some members. The company has notified those affected and is offering them a membership to an identity protection program to help address potential identity theft concerns.
How many accounts were compromised?
The breach impacted data related to approximately 19,000 individuals.
What data was leaked?
The data exposed in the breach included names, addresses, phone numbers, email addresses, dates of birth, driver's license numbers, last four digits of Social Security numbers, bank account numbers, and personal identification numbers used for authentication.
How was USAA hacked?
Unauthorized individuals gained access to USAA customer data when a limited number of call center representatives from a third-party service provider improperly shared their access credentials. Upon discovering the breach, the third-party service took steps to block unauthorized access and notified USAA, which is now monitoring affected accounts for suspicious activity and enhancing security measures.
USAA's solution
In response to the hacking incident, USAA has taken measures to enhance security and protect its customers against potential future breaches. While specific actions such as removal of malware or collaboration with cybersecurity experts remain unclear, USAA is actively monitoring affected accounts for suspicious activity and has begun notifying affected customers. Additionally, they are offering a two-year membership to Experian's IdentityWorks program to help mitigate and resolve identity theft issues.
How do I know if I was affected?
USAA has notified customers believed to be affected by the breach. If you're a USAA customer and haven't received a notification, you may visit HaveIBeenPwned to check your credentials.
What should affected users do?
In general, affected users should:
Change Your Passwords: Immediately update your passwords for all affected accounts. Make sure the new passwords are strong and unique, not previously used on any other platform.
Reset Passwords for Other Accounts: If you've used the same or similar passwords for other online accounts, reset those as well. This is crucial as attackers often try using stolen passwords on multiple sites.
Enable Two-Factor Authentication (2FA): Activate 2FA on all affected accounts. Consider enabling this additional security feature on all other important online accounts to significantly reduce the risk of unauthorized access.
For more specific help and instructions related to USAA's data breach, please contact USAA Support directly.
Where can I go to learn more?
If you want to find more information on the USAA data breach, check out the following news articles:
Rapidly implement a modern Zero Trust network that is more secure and maintainable than VPNs.
USAA Data Breach: What & How It Happened?
Twingate Team
•
Jun 20, 2024
From December 2022 to May 2023, USAA, a financial services company, experienced a data breach that exposed personal information of some members. The company has notified those affected and is offering them a membership to an identity protection program to help address potential identity theft concerns.
How many accounts were compromised?
The breach impacted data related to approximately 19,000 individuals.
What data was leaked?
The data exposed in the breach included names, addresses, phone numbers, email addresses, dates of birth, driver's license numbers, last four digits of Social Security numbers, bank account numbers, and personal identification numbers used for authentication.
How was USAA hacked?
Unauthorized individuals gained access to USAA customer data when a limited number of call center representatives from a third-party service provider improperly shared their access credentials. Upon discovering the breach, the third-party service took steps to block unauthorized access and notified USAA, which is now monitoring affected accounts for suspicious activity and enhancing security measures.
USAA's solution
In response to the hacking incident, USAA has taken measures to enhance security and protect its customers against potential future breaches. While specific actions such as removal of malware or collaboration with cybersecurity experts remain unclear, USAA is actively monitoring affected accounts for suspicious activity and has begun notifying affected customers. Additionally, they are offering a two-year membership to Experian's IdentityWorks program to help mitigate and resolve identity theft issues.
How do I know if I was affected?
USAA has notified customers believed to be affected by the breach. If you're a USAA customer and haven't received a notification, you may visit HaveIBeenPwned to check your credentials.
What should affected users do?
In general, affected users should:
Change Your Passwords: Immediately update your passwords for all affected accounts. Make sure the new passwords are strong and unique, not previously used on any other platform.
Reset Passwords for Other Accounts: If you've used the same or similar passwords for other online accounts, reset those as well. This is crucial as attackers often try using stolen passwords on multiple sites.
Enable Two-Factor Authentication (2FA): Activate 2FA on all affected accounts. Consider enabling this additional security feature on all other important online accounts to significantly reduce the risk of unauthorized access.
For more specific help and instructions related to USAA's data breach, please contact USAA Support directly.
Where can I go to learn more?
If you want to find more information on the USAA data breach, check out the following news articles:
Rapidly implement a modern Zero Trust network that is more secure and maintainable than VPNs.
USAA Data Breach: What & How It Happened?
Twingate Team
•
Jun 20, 2024
From December 2022 to May 2023, USAA, a financial services company, experienced a data breach that exposed personal information of some members. The company has notified those affected and is offering them a membership to an identity protection program to help address potential identity theft concerns.
How many accounts were compromised?
The breach impacted data related to approximately 19,000 individuals.
What data was leaked?
The data exposed in the breach included names, addresses, phone numbers, email addresses, dates of birth, driver's license numbers, last four digits of Social Security numbers, bank account numbers, and personal identification numbers used for authentication.
How was USAA hacked?
Unauthorized individuals gained access to USAA customer data when a limited number of call center representatives from a third-party service provider improperly shared their access credentials. Upon discovering the breach, the third-party service took steps to block unauthorized access and notified USAA, which is now monitoring affected accounts for suspicious activity and enhancing security measures.
USAA's solution
In response to the hacking incident, USAA has taken measures to enhance security and protect its customers against potential future breaches. While specific actions such as removal of malware or collaboration with cybersecurity experts remain unclear, USAA is actively monitoring affected accounts for suspicious activity and has begun notifying affected customers. Additionally, they are offering a two-year membership to Experian's IdentityWorks program to help mitigate and resolve identity theft issues.
How do I know if I was affected?
USAA has notified customers believed to be affected by the breach. If you're a USAA customer and haven't received a notification, you may visit HaveIBeenPwned to check your credentials.
What should affected users do?
In general, affected users should:
Change Your Passwords: Immediately update your passwords for all affected accounts. Make sure the new passwords are strong and unique, not previously used on any other platform.
Reset Passwords for Other Accounts: If you've used the same or similar passwords for other online accounts, reset those as well. This is crucial as attackers often try using stolen passwords on multiple sites.
Enable Two-Factor Authentication (2FA): Activate 2FA on all affected accounts. Consider enabling this additional security feature on all other important online accounts to significantly reduce the risk of unauthorized access.
For more specific help and instructions related to USAA's data breach, please contact USAA Support directly.
Where can I go to learn more?
If you want to find more information on the USAA data breach, check out the following news articles:
Solutions
Solutions
The VPN replacement your workforce will love.
Solutions