"Staffing Firm Robert Half Says Hackers Targeted Over 1,000 Customer Accounts"

HR consulting firm Robert Half has recently revealed their customer's personal and financial information might have been compromised after hackers targeted their RobertHalf.com accounts.  During an investigation, it was found that threat actors targeted Robert Half between April 26 and May 16.  The incident, discovered on May 31, impacted 1,058 individuals.  Upon detection, the company required customers to reset their account passwords and took steps to strengthen authentication controls for the website.  The targeted accounts store information such as name, address, social security number, and wage and tax information.  The company noted that bank account numbers for direct deposits are stored in these accounts, but only the last four digits are visible.  The company stated they do not have evidence that this information was actually accessed or downloaded, but they wanted to inform their customers about this incident.  The company noted that the incident appears to involve credential stuffing, where attackers take usernames and passwords stolen in previous data breaches and attempt to use those credentials to access accounts on other online services where the victim may have used the same username and password combination.

SecurityWeek reports: "Staffing Firm Robert Half Says Hackers Targeted Over 1,000 Customer Accounts"