jcpenny.com

Medium Impact

18 July 2017

•

1,542,090 records affected

•

BreachAware

Search on Google

Description

A database with over 1.5 million names and email addresses from the department store JC Penny was found exposed online. The organisation has had a number of reported breaches in 2008, 2010 and 2017. Spam is commonly used for phishing attacks and the first step towards credential stuffing.

What to do if you're affected

1.Change your password immediately if you have an account with this service
2.Enable two-factor authentication (2FA) wherever possible
3.Check if your email appears in the breach using Have I Been Pwned
4.Monitor your accounts for suspicious activity
5.Consider using a password manager to generate unique passwords

Learn More About Data Breaches

Have I Been Pwned

Check if your data has been compromised

ENISA

EU Agency for Cybersecurity