Back to Radar
ZA

Zacks

High

Zacks' 2020 breach exposed nearly 9M users' data, including inadequately hashed passwords.

Records exposed
8,929,503 records
Breach date
Breach May 10, 2020
Last update
Updated Jun 10, 2023
Source

What data was exposed?

Fields reported as compromised in this breach record.

Email addressesNamesPasswordsPhone numbersPhysical addressesUsernames

Why does this breach matter?

In-depth analysis of the breach and its implications.

In May 2020, the investment research firm Zacks experienced a significant data breach encompassing nearly 9 million user records. The compromised data, which later surfaced on forums, included sensitive PII such as names, emails, usernames, physical addresses, phone numbers, and inadequately hashed passwords. While the initial breach announcement reflected a smaller estimated impact, the discovery of the larger dataset highlights the importance of immediate and transparent disclosure practices.

Impact Analysis

Understanding the scope and consequences of this breach.

User Impact
Users may face phishing attacks using their exposed contact details and hashed passwords.
Business Impact
Zacks faced reputational damage and potential client trust erosion.
Affected Sectors
  • Investment Research
  • Finance
Geographic Impact
  • Global

What You Should Do

Recommended actions to take in response to this breach.

If You Were Affected

  • Reset your Zacks account password immediately.
  • Monitor for suspicious account activity.
  • Be cautious of phishing emails referencing Zacks.

Preventive Measures

  • Use unique, strong passwords for all services.
  • Enable multi-factor authentication where available.
  • Regularly monitor accounts for unusual activity.

Frequently Asked Questions

Common questions about this breach and what it means for you.

Personal identifiers including your name, email, physical address, phone number, username, and hashed passwords were breached.