The hacker reportedly used a single compromised employee password to log into a “Maintenance Access” function, forgoing the use of malware or sophisticated attack methods.
Most of the increase was fueled by a breach involving more than three billion email addresses from older breaches, which were primarily from Russia, the U.S., and China, according to Surfshark.
"As soon as IMI became aware of the unauthorized access, the Company engaged external cyber security experts to investigate and contain the incident," said IMI in a notice to the London Stock Exchange.
The Dallas suburb noted in an online notice that the incident resulted in the compromise of names, addresses, Social Security numbers, credit card details, driver's license numbers, medical insurance data, and financial account details.
Information exposed by the incident included names, birthdates, email addresses, and employment history, said ICAO in an updated statement that emphasized the delivery of breach notices to impacted individuals.
Included in the records purportedly exfiltrated from Trump Hotel's guest reservation reminder/verification service were individuals' names, email addresses, communication dates, and other sampling details collected between January 2018 and January 2025.
Such a third-party breach not only led to the exposure of individuals' names, phone numbers, and email addresses, but also the exfiltration of some customers' partial credit card details and legacy systems' hashed credentials, said Grubhub in a statement.
