Aura, a major U.S. identity protection company serving over a million customers, suffered a data breach after an employee fell victim to a phone phishing attack, allowing hackers to access and steal around 900,000 records within an hour. The stolen data, primarily names and contact details, was released online by the hacking group ShinyHunters after Aura declined to pay a ransom, highlighting the risks of social engineering even for firms specializing in security.
https://gizmodo.com/the-company-paid-to-protect-your-identity-just-got-hacked-2000735410

