Real story
A US-based credit ratings agency that collects and stores data regarding 800 million people and 88 million businesses worldwide was the subject of a cyber intrusion that affected an estimated 190 million people in the US, UK, and Canada. Hackers were able to access sensitive personal data, as well as credit card numbers stored by the agency. According to an investigation involving external cybersecurity experts, the hackers exploited a software vulnerability that the agency had failed to patch; additionally, there were flaws in its network, inadequate encryption of data, and insufficient cybersecurity surveillance processes. The agency’s shares dropped after the breach was made public, and numerous lawsuits were filed against it. Reportedly this attack was preceded by a smaller-scale test attack two months prior.