""The data breach involved unauthorized access to the information of numerous independent contractors, including their names, dates of birth, contact information, SSNs, and driver's license numbers.""
""To the Company's knowledge, the unauthorized actor has not publicly disseminated the data. None of our customer information or financial systems were accessed.""
""IDOR vulnerabilities allow an attacker to access data simply by changing a value in a web link or request, leading to unauthorized access to private information.""
RCI Hospitality Holdings disclosed a cybersecurity incident that exposed sensitive personal information of independent contractors. An IDOR vulnerability in an IIS web server allowed unauthorized access to names, dates of birth, contact information, SSNs, and driver's license numbers. The breach began on March 19, and an investigation confirmed the incident. RCI stated that customer information and financial systems were not accessed, and business operations remained unaffected. The extent of individuals impacted is unclear, and no cybercrime group has claimed responsibility for the attack.
Read at SecurityWeek
Unable to calculate read time
Collection
[
|
...
]