Recent Cyber Security Breaches: TOMS, Lumin PDF, EA Sports and More

Keeping your technology safe should be top priority. Cyber security breaches can happen to anyone or any type of business. As an outsourced IT solution provider we want to make sure to stay in know about the latest cyber security attacks. Every few weeks we like to share our findings with you here on our blog. Please take a peek below to learn more about some of the most recent hacks affecting small to large businesses.

TOMS

Designer and producer of shoes, eyewear, coffee, apparel, and handbags

The Hack: Unauthorized database access

Analysis from Kevin Lancaster: “In an unusual cybersecurity incident, a hacker hijacked the mailing list for TOMS and sent a message encouraging customers to log off their devices and enjoy the outdoors. The message was not malicious in nature, but the hacker admitted that he accessed the platform for a significant time period before sending the email. The hacker also ridiculed bad actors, describing their actions in obscene language sent to TOMS customers. Fortunately, the hacker didn’t disrupt any other elements of TOMS’ IT infrastructure, but his actions highlight the company’s weak cybersecurity standards, which could negatively impact the company on many fronts.”

 

EA Sports (United Kingdom)

Developer and publisher of sports video games

The Hack: Accidental sharing

Analysis from Kevin Lancaster:  “EA Sports inadvertently leaked the personal data of 1,600 gamers who participated in a competition on the company’s website. The breach is related to the company’s FIFA 20 Global Series competition. Aside from becoming a PR nightmare for EA Sports on social media, the leak occurred just hours after the company’s announcement of new security features and promotional events related to the UK’s National Cyber Security Month. The web form was removed after thirty minutes, and the competition was temporarily cancelled.”

 

Lumin PDF

Cloud-based service PDF service provider. You may recognize them when you use Google Drive, they are a 3rd party option to help view PDF files.

The Hack: Unauthorized database access

Analysis from Kevin Lancaster:  “Hackers obtained and published a spreadsheet containing the personal information of every Lumin PDF user. The information was acquired from a database in April 2019, and it was published after repeated attempts to contact the company. Since then, the data was accessed by an additional hacking group, which left a ransom note for the company before deleting the data. The company’s slow response, given that they did not acknowledge the breach until September 17, reflects a general malaise about data security that most consumers would find completely unacceptable in 2019.

 

The National Basketball Association (Canada)

Men’s professional basketball league in North America

The Hack: Unauthorized database access

Analysis from Kevin Lancaster:  “An unauthorized user accessed a server managed by the NBA for its Canadian business efforts. The league quickly identified the intrusion and took the server offline, began an investigation, and hired cybersecurity experts to make further recommendations. However, these measures can’t retroactively restore users’ data integrity, nor will it negate the reputational damage that always accompanies a privacy breach.”

 

Restaurant Depot

Commercial food service wholesaler.

The Hack: Spear phishing attack

Analysis from Kevin Lancaster:  “Restaurant Depot’s customers are receiving phishing emails requesting payment for invoices, purportedly from the company. In response, customers began lashing out on social media, and the company was forced to issue a statement on its website discrediting the email content. The emails are personalized so cybercriminals likely purchased company data from a Dark Web marketplace, which could suggest the possibility of an even more expansive data breach at Restaurant Depot.”

 

Carle Foundation Hospital

Regional, not-for-profit healthcare provider

The Hack: Phishing attack

Analysis from Kevin Lancaster:  “Three company employees fell victim to a phishing scam that gave hackers access to their email accounts containing patient data. Although the hospital immediately secured the accounts, the easily preventable incident will expose Carle Foundation Hospital to intense regulatory scrutiny and cascading costs related to the breach.”

To learn more about how to keep your company safe and secure, click here to explore our IT services & security plans that are offered by SDTEK.

Why Cybersecurity and Business IT Support Are Crucial for Fort Wayne Businesses

April 9, 2025
In today’s digital-first world, cybersecurity isn’t just a luxury—it’s a necessity. Whether you run a small startup or a growing enterprise in Fort Wayne , protecting your business’s data, systems, and clients is essential for long-term success. From ransomware attacks to phishing scams, cyber threats are evolving every day, and the best way to stay ahead of them is by partnering with a reliable IT services provider that understands the unique needs of local businesses. Here’s why investing in professional business IT support is one of the smartest decisions Fort Wayne businesses can make—and how working with SDTEK helps protect your operations, your data, and your reputation.

Understanding IT Security Compliance Requirements for Businesses

February 5, 2025
Protecting sensitive data is more critical than ever before. As cyber threats continue to rise, governments and regulatory bodies have introduced compliance frameworks to ensure businesses take appropriate measures to safeguard data. However, understanding these requirements can be overwhelming, especially since they vary by industry and location. We'll discuss some of the most common IT security compliance frameworks—such as HIPAA, CMMC, and CCPA—and explain their relevance to different industries. Whether you work in healthcare, manufacturing, or serving California residents, this guide will help you navigate the complex world of IT security compliance.