Technologies

More Than 4.4 Million Exposed in Credit Bureau TransUnion Breach: What to Know

The breach appears related to a wave of attacks on companies’ Salesforce databases.

Sensitive personal information belonging to 4.4 million customers, including their names and Social Security numbers, was exposed in a data breach on credit bureau TransUnion, in what is believed to be the latest in a string of attacks targeting companies’ Salesforce databases.

The data breach, which occurred on July 28, was identified and contained within hours, a TransUnion spokesperson told CNET. TransUnion is one of three credit bureaus — along with Equifax and Experian — that compile your financial activity into credit reports that are then used to create your credit scores. The credit bureau said it’s notifying people who may have been affected and sharing the actions the company is taking.

Don’t miss any of our unbiased tech content and lab-based reviews. Add CNET as a preferred Google source on Chrome.

Two separate state filings shed more details on the situation. A court filing in Maine shows that TransUnion acknowledged unauthorized access from a third-party application that stored personal customer data. While the notice to consumers says that no credit information was accessed, «limited personal information» was exposed. However, another filing from Texas states that names of individuals, Social Security numbers and birthdates were exposed in the breach.

The TransUnion spokesperson further clarified that the breach involved a third-party application serving its US consumer support operations but did not include its core credit database or credit reports. The bureau has engaged third-party cybersecurity experts for an independent forensics review.

The breach came after Google reported in June that hackers were using a modified version of a Salesforce-related app to steal vast stores of data, infiltrate other cloud systems and extort compromised companies. The same report named the cybercriminal hacking group ShinyHunters, which it said was linked to extortion demands to employees of the victim organizations.

Several global organizations have already been caught in a wave of Salesforce-linked attacks, according to BleepingComputer, including Google, Farmers Insurance, Allianz Life, Workday, Pandora, Cisco, Chanel and Qantas. Salesforce said social engineering, and not its platform, were to blame for the attacks.

«The Salesforce platform has not been compromised, and this issue is not due to any known vulnerability in our technology,» Salesforce said in a statement in August, adding that customers can mitigate the risk by enabling multi-factor authentication and closley managing connected applications.

Consumer rights law firm Wolf Haldenstein issued an alert on the breach and encouraged those who have received a notice and spot unusual activity on their credit report to reach out.

If you’re not sure if your private data was leaked or you haven’t received any communication from TransUnion, you can check by calling its Fraud Victim Assistance Department at 800-680-7289.

Even if you haven’t received a notice, if you’ve experienced unusual activity on your credit report, you can always freeze your credit for free, enable two-factor authentication or add a security key to your accounts.

Technologies

Today’s NYT Mini Crossword Answers for Wednesday, April 8

Here are the answers for The New York Times Mini Crossword for April 8.

Looking for the most recent Mini Crossword answer? Click here for today’s Mini Crossword hints, as well as our daily answers and hints for The New York Times Wordle, Strands, Connections and Connections: Sports Edition puzzles.

Need some help with today’s Mini Crossword? Hint: It uses a lot of the letter Z for some reason. Read on for all the answers. And if you could use some hints and guidance for daily solving, check out our Mini Crossword tips.

If you’re looking for today’s Wordle, Connections, Connections: Sports Edition and Strands answers, you can visit CNET’s NYT puzzle hints page.

Read more: Tips and Tricks for Solving The New York Times Mini Crossword

Let’s get to those Mini Crossword clues and answers.

Mini across clues and answers

1A clue: ___-Carlton (hotel chain)
Answer: RITZ

5A clue: Span of the alphabet
Answer: ATOZ

6A clue: Cable channel with an out-of-this-world name
Answer: STARZ

7A clue: Takes care of, as a squeaky wheel
Answer: OILS

8A clue: Toy on a string
Answer: YOYO

Mini down clues and answers

1D clue: When a post receives far more negative comments than likes, in social media slang
Answer: RATIO

2D clue: World’s leading wine producer
Answer: ITALY

3D clue: Middle of the human body
Answer: TORSO

4D clue: Sleeping sound
Answer: ZZZ

6D clue: Tofu base
Answer: SOY

Technologies

Today’s NYT Connections: Sports Edition Hints and Answers for April 8, #562

Here are hints and the answers for the NYT Connections: Sports Edition puzzle for April 8 No. 562.

Looking for the most recent regular Connections answers? Click here for today’s Connections hints, as well as our daily answers and hints for The New York Times Mini Crossword, Wordle and Strands puzzles.

Today’s Connections: Sports Edition is a tough one. If you’re struggling with today’s puzzle but still want to solve it, read on for hints and the answers.

Connections: Sports Edition is published by The Athletic, the subscription-based sports journalism site owned by The Times. It doesn’t appear in the NYT Games app, but it does in The Athletic’s own app. Or you can play it for free online.

Read more: NYT Connections: Sports Edition Puzzle Comes Out of Beta

Hints for today’s Connections: Sports Edition groups

Here are four hints for the groupings in today’s Connections: Sports Edition puzzle, ranked from the easiest yellow group to the tough (and sometimes bizarre) purple group.

Yellow group hint: Working out.

Green group hint: Cover your face.

Blue group hint: NFL players.

Purple group hint: Leap.

Answers for today’s Connections: Sports Edition groups

Yellow group: Exercises in singular form.

Green group: Sporting jobs that require masks.

Blue group: Hall of Fame defensive ends.

Purple group: ____ jump.

Read more: Wordle Cheat Sheet: Here Are the Most Popular Letters Used in English Words

What are today’s Connections: Sports Edition answers?

The yellow words in today’s Connections

The theme is exercises in singular form. The four answers are crunch, plank, situp and squat.

The green words in today’s Connections

The theme is sporting jobs that require masks. The four answers are catcher, fencer, football player and goaltender.

The blue words in today’s Connections

The theme is Hall of Fame defensive ends. The four answers are Dent, Peppers, Strahan and Youngblood.

The purple words in today’s Connections

The theme is ____ jump. The four answers are broad, high, long and triple.

Technologies

The $135M Google Data Settlement Site Is Live — See If You’re Eligible

Use the settlement website to select your preferred payment method, and you may end up $100 richer.

You can now file a claim in the $135 million Google data settlement. The case centers on claims that Android devices transmitted user data without consent. Specifically, the class action lawsuit Taylor v. Google LLC contends that Google’s Android devices passively transferred cellular data to Google without user permission, even when the devices were idle. While not admitting fault, Google reached a preliminary settlement in January, agreeing to pay $135 million to about 100 million US Android phone users.

The official settlement website for the lawsuit is now live. The final approval hearing won’t occur until June 23, when the court will consider whether Google’s settlement is fair and listen to objections. After that, the court will decide whether to approve the $135 million settlement.

In the meantime, if you qualify and want to be paid as part of the settlement, you can select your preferred payment method on the official website. There, you can find information on speaking at the June 23 court hearing and on how to exclude yourself or write to the court to object by May 29.

As part of the settlement, Google will update its Google Play terms of service to clarify that certain data transfers do occur passively even when you’re not using your Android device, and that cellular data may be relied upon when not connected to Wi-Fi. This can’t always be disabled, but users will be asked to consent to it when setting up their device.

Google will also fully stop collecting data when its «allow background data usage» option is toggled off.

Who can be part of the settlement?

In order to join the Taylor v. Google LLC settlement, you must meet four qualifications:

Be a living, individual human being in the US.
Have used an Android mobile device with a cellular data plan.
Have used the aforementioned device at any time from Nov. 12, 2017, to the date when the settlement receives final approval.
You’re not a class member in the Csupo v. Google LLC lawsuit, which is similar but specifically for California residents.

The final approval hearing is on June 23, so you can add your payment method until then. The hearing’s date and time may change, and any updates will be posted on the settlement website.

If you choose to do nothing, you will still be issued a settlement payment, but you may not receive it if you don’t select a payment method.

How much will I get paid?

It’s not currently known exactly how much each settlement class member will receive, but the cap is $100. Payments will be distributed after final court approval and after any appeals are resolved.

After all administrative, tax and attorney costs are paid, the settlement administrator will attempt to pay each member an equal amount. If any funds remain after payments are sent, and it’s economically feasible, they will be redistributed to members who were previously and successfully paid. If it’s not economically feasible, the funds will go to an organization approved by the court.