- Pandora Data Breach
What You Need to Know
Pandora recently confirmed a data breach impacting about 30,000 customers, exposing names, emails, phone numbers, addresses, and birth dates. While no financial data or passwords were stolen, this information can still be exploited for phishing, identity theft, and targeted scams. The breach didn’t stem from a direct hack of Pandora or Salesforce but from a social engineering attack, where employees were tricked into granting cybercriminals—specifically the ransomware group ShinyHunters—access to Pandora’s Salesforce account. This type of attack highlights how even without advanced hacking tools, criminals can use psychological manipulation to bypass security protocols.
What You Should Do
Affected individuals—and consumers in general—should take steps to minimize the risk of identity theft. Freeze your credit with Equifax, TransUnion, and Experian to block unauthorized loans or large purchases. Monitor your credit reports weekly for suspicious activity using the official AnnualCreditReport.com site. Limit the personal information you provide to companies, especially Social Security numbers unless absolutely necessary.
Be cautious of unsolicited calls or emails claiming to be related to the breach, and never click links or download attachments unless you’re certain they’re legitimate. Staying proactive with security habits can significantly reduce the impact of breaches like this.
Think you are being scammed? Call our scam hotline or email us for help:
(801)-724-6211
scamwatch@invisus.com
