Residence › Cybercrime

Staffing Agency Robert Half Says Hackers Focused Over 1,000 Buyer Accounts

By Eduard Kovacs on June 17, 2022

Tweet

HR consulting agency Robert Half has began informing clients that their private and monetary data may need been compromised after hackers focused their RobertHalf.com accounts.

Data offered by the corporate to the Maine Legal professional Common reveals that risk actors focused Robert Half between April 26 and Might 16. The incident, found on Might 31, impacts 1,058 people.

“We just lately recognized suspicious login exercise in your RobertHalf.com account that occurred in late April/early Might 2022. Upon detection, we required you to reset your account password, and we took steps to strengthen authentication controls for the web site,” the corporate stated in a cybersecurity incident discover despatched to impacted people.

The focused accounts retailer data reminiscent of identify, tackle, and social safety quantity, in addition to wage and tax data. The corporate famous that checking account numbers for direct deposits are saved in these accounts, however solely the final 4 digits are seen.

“Whereas we shouldn’t have proof that this data was truly accessed or downloaded, within the curiosity of transparency we needed to tell you about this incident and give you the data on this letter,” Robert Half stated.

The corporate has not shared any extra data, however primarily based on its transient description the incident seems to contain credential stuffing, the place attackers take usernames and passwords stolen in earlier information breaches and try to make use of these credentials to entry accounts on different on-line companies the place the sufferer could have used the identical username and password mixture.

Robert Half’s buyer notification additionally advises recipients to vary their passwords on different accounts the place the identical credentials have been used. As well as, it contains different password administration suggestions, which additionally counsel this was a credential stuffing assault.

SecurityWeek has reached out to Robert Half for clarifications, however the firm has not responded so it’s unclear if the incident additionally concerned an precise breach of its programs.

The staffing agency is providing impacted people two years of free id monitoring companies by Experian.

It’s not unusual for main firms to be focused in credential stuffing assaults. One latest sufferer is carmaker GM, which knowledgeable clients in Might that cybercriminals had tried to entry their accounts in an effort to redeem reward factors for present playing cards.

Associated: LastPass Automated Warnings Linked to ‘Credential Stuffing’ Assault

Associated: NY AG: Credential Stuffing Impacts 1.1 Million Customers at 17 Firms

Associated: FBI: Larger Training Credentials Bought on Cybercrime Boards

Get the Each day Briefing

• Most Latest
• Most Learn

• Staffing Agency Robert Half Says Hackers Focused Over 1,000 Buyer Accounts
• Now On Demand: SecurityWeek Cloud Safety Summit, Introduced by Palo Alto Networks
• Hybrid Networks Require an Built-in On-prem and Cloud Safety Technique
• Regulation Enforcement Dismantle Infrastructure of Russian ‘RSOCKS’ Botnet
• Particulars of Twice-Patched Home windows RDP Vulnerability Disclosed
• Exploited Vulnerability Patched in WordPress Plugin With Over 1 Million Installations
• Cybersecurity M&A Offers Surge in First Half of June 2022
• Costa Rica Chaos a Warning That Ransomware Menace Stays
• ‘MaliBot’ Android Malware Steals Monetary, Private Data
• Volexity Blames ‘DriftingCloud’ APT For Sophos Firewall Zero-Day

On the lookout for Malware in All of the Unsuitable Locations?

First Step For The Web’s subsequent 25 years: Including Safety to the DNS

Tattle Story: What Your Laptop Says About You

Be in a Place to Act By way of Cyber Situational Consciousness

Report Exhibits Closely Regulated Industries Letting Social Networking Apps Run Rampant

2010, A Nice 12 months To Be a Scammer.

Do not Let DNS be Your Single Level of Failure

Methods to Establish Malware in a Blink

Defining and Debating Cyber Warfare

The 5 A’s that Make Cybercrime so Enticing

Methods to Defend In opposition to DDoS Assaults

Safety Budgets Not in Line with Threats

Anycast – Three Causes Why Your DNS Community Ought to Use It

The Evolution of the Prolonged Enterprise: Safety Methods for Ahead Pondering Organizations

Utilizing DNS Throughout the Prolonged Enterprise: It’s Dangerous Enterprise

Orbit Brain

https://orbitbrain.com/

Orbit Brain is the senior science writer and technology expert. Our aim provides the best information about technology and web development designing SEO graphics designing video animation tutorials and how to use software easy ways
and much more. Like Best Service Latest Technology, Information Technology, Personal Tech Blogs, Technology Blog Topics, Technology Blogs For Students, Futurism Blog.