AP Stylebook Data Breach Compromises Customer Personal Information



Spear Phishing Campaign TargetsThe Associated Press (AP) has disclosed a data breach affecting the legacy AP Stylebook website that led to phishing attacks against impacted customers, BleepingComputer reports.

“On July 20, 2023, Stylebooks.com notified us that AP Stylebook customers had received phishing emails directing them to a fake website that imitated AP Stylebook to provide updated credit card information,” the AP said. “APS immediately engaged a cyber forensics firm to investigate the incident. The firm reported that personal information of customers whose information was stored on the old AP Stylebook website had been accessed by an unauthorized third party between July 16 and July 22, 2023, and that the phishing emails had been sent to those customers.”

The AP said in a letter to the impacted customers, “Our investigation determined that the personal information affected included your name, email address, street address, city, state, zip code, phone number, and User ID. AP Stylebook had also requested Tax Exempt IDs, where applicable, when customers made a purchase, and our records show that you submitted a 9-digit number. Because we cannot rule out that the 9-digit number you provided in response to that request is a Social Security Number or a Taxpayer ID, we have decided to proactively let you know that your Social Security Number or Taxpayer ID may have been accessed and acquired by third parties as a result of this incident.”

BleepingComputer notes, “While this was not a significant data breach, with only 224 customers impacted, the login credentials for journalists and media companies are highly sought after by cybercriminals. Gaining access to the network of a media company could lead to a wide variety of attacks, including extortion and ransomware attacks, data theft, and cyber espionage.”

New-school security awareness training can enable your employees to thwart targeted phishing attacks by teaching them how to recognize social engineering tactics.

BleepingComputer has the story.


Free Phishing Security Test

Would your users fall for convincing phishing attacks? Take the first step now and find out before bad actors do. Plus, see how you stack up against your peers with phishing Industry Benchmarks. The Phish-prone percentage is usually higher than you expect and is great ammo to get budget.

PST ResultsHere's how it works:

  • Immediately start your test for up to 100 users (no need to talk to anyone)
  • Select from 20+ languages and customize the phishing test template based on your environment
  • Choose the landing page your users see after they click
  • Show users which red flags they missed, or a 404 page
  • Get a PDF emailed to you in 24 hours with your Phish-prone % and charts to share with management
  • See how your organization compares to others in your industry

Go Phishing Now!

PS: Don't like to click on redirected buttons? Cut & Paste this link in your browser:

https://www.knowbe4.com/phishing-security-test-offer



Subscribe To Our Blog


Comprehensive Anti-Phishing Guide




Get the latest about social engineering

Subscribe to CyberheistNews