HQ/EMEAFind out how we can help your business
Last year, the investment research firm Zacks Investment Research discovered that its network had been breached by unidentified hackers, exposing the sensitive data of its over 820,000 customers. Initial investigations revealed that the hackers gained access to their networks from November 2021 until August 2022.
Zacks is a leading investment research firm focusing on stock research, analyses, and recommendations. By the end of last year, the company noticed that unknown infiltrators had illegally accessed some critical records belonging to hundreds and thousands of their customers.
The investment firm has yet to learn whether the exposed data were stolen during the breach.
Based on reports, Zacks’ investigations on the security breach have yet to uncover whether the exposed data of their customers were also stolen. Thus, this worries them as the exposed data were too critical, comprising of customers’ full names, residential addresses, contact numbers, email addresses, and user account credentials.
Stolen data from large companies are commonly utilised for numerous cyberattack campaigns, the majority being phishing attacks. The stolen information from Zacks’ clients could be used for fraudulent operations, such as scams and identity theft, which could endanger people’s privacy or lead to financial loss.
In a breach notification sent to customers, the investment research firm clarified that the hackers specifically hit Zacks’ Elite product members that joined from November 1999 to February 2005. The company, however, assured the affected members that there was no evidence that their banking information was included in the exposed database.
A company-wide password reset procedure was immediately implemented upon the investment firm learning about the incident. This procedure will force all customers to reset their user account passwords the next time they log in.
External cybersecurity experts were contacted to help the company resolve the data breach issues and apply more effective security systems in their infrastructure.
Meanwhile, all customers of the investment firm are advised to be alert against threats of attacks using their compromised information and immediately report if it occurs.
