Breach
June 9, 2025
Tax resolution firm Optima Tax Relief hit by ransomware, data leaked Full Text
Abstract
Optima Tax Relief, a prominent U.S.-based tax resolution firm, has been targeted in a ransomware attack by the Chaos ransomware gang. The attackers employed a double-extortion strategy, encrypting servers and exfiltrating sensitive data.Bleeping Computer
June 7, 2025
Sensata notifies victims of ransomware data breach that compromised SSNs, financial and medical info Full Text
Abstract
Sensata Technologies, a U.S.-based industrial tech firm, has disclosed a ransomware attack that compromised sensitive personal data, including Social Security numbers, financial account details, and medical information.CompariTech
June 3, 2025
North Carolina clinics notify 23K people of data breach; SSNs, financial and medical info leaked Full Text
Abstract
Compassion Health Care (CHC), a healthcare provider in North Carolina, has disclosed a ransomware attack that compromised the personal and medical data of 23,282 individuals.CompariTech
June 2, 2025
Next Step Healthcare data breach leaks patients’ SSNs, medical records, and credit cards Full Text
Abstract
Next Step Healthcare, a provider of nursing and rehabilitation services in Massachusetts, experienced a ransomware attack in June 2024 that compromised sensitive patient data.CompariTech
May 30, 2025
Threat Actor Claims TikTok Breach, Puts 428 Million Records Up for Sale Full Text
Abstract
A newly emerged threat actor, “Often9,” has claimed to possess a dataset containing 428 million unique TikTok user records. The data is allegedly being sold on a prominent cybercrime forum and includes sensitive, non-public user information.HackRead
May 29, 2025
ConnectWise Confirms Hack, “Very Small Number” of Customers Affected Full Text
Abstract
ConnectWise has confirmed a cyberattack on its ScreenConnect remote access platform, attributed to a sophisticated nation-state threat actor. The breach affected a limited number of customersInfosecurity Magazine
May 28, 2025
Data broker giant LexisNexis says breach exposed personal information of over 364,000 people Full Text
Abstract
LexisNexis Risk Solutions has disclosed a significant data breach that compromised the personal information of over 364,000 individuals. The breach involved unauthorized access to a third-party software development platform used by the company.Tech Crunch
May 23, 2025
Coca-Cola, Bottling Partner Named in Separate Ransomware and Data Breach Claims Full Text
Abstract
Everest has listed Coca-Cola as a victim on its dark web leak site, releasing samples of internal HR documents affecting 959 employees. These include scans of passports and visas, salary data, and other personally identifiable information (PII).HackRead
May 23, 2025
Decentralized crypto platform Cetus hit with $223 million hack Full Text
Abstract
Cetus, a decentralized cryptocurrency exchange operating on the Sui blockchain, suffered a significant cyberattack on Thursday, 22nd May, resulting in the theft of approximately $223 million.The Record
May 20, 2025
Cocospy stalkerware apps go offline after data breach | TechCrunch Full Text
Abstract
Cocospy, Spyic, and Spyzie—three near-identical stalkerware apps—have gone offline following a significant data breach. These apps were previously caught spying on millions of phones earlier in 2025.Tech Crunch
May 19, 2025
How the Signal Knockoff App TeleMessage Got Hacked in 20 Minutes Full Text
Abstract
A critical breach of the TeleMessage Signal clone (TM SGNL) exposed sensitive data due to severe misconfigurations. Exploited in under 20 minutes, the breach compromised credentials, unencrypted chat logs, and encryption keys of users.Wired
May 16, 2025
Telecom SaaS firm Communications Data Group notifies 42K people of data breach on behalf of Duo Broadband Full Text
Abstract
Communications Data Group (CDG), a SaaS billing vendor for Duo Broadband, has notified 42,518 individuals of a data breach that occurred in February 2025. The breach, attributed to the ransomware group Qilin, exposed sensitive personal data.Cyware
May 16, 2025
Broadcom data stolen in payroll provider ransomware raid Full Text
Abstract
A ransomware attack on Business Systems House (BSH) in September 2024 resulted in the theft of Broadcom employee data. At the time, Broadcom was transitioning to a new payroll provider, which may have contributed to the exposure.Cyware
May 15, 2025
Nova Scotia Power says customer banking details may have been stolen by hackers Full Text
Abstract
On April 25, 2025, Nova Scotia Power discovered a cyberattack that compromised sensitive customer data. The breach, which occurred over a month earlier, has prompted the utility to isolate affected systems.The Record
May 15, 2025
Idaho hospital notifies 34K people of data breach that compromised SSNs, health info Full Text
Abstract
Weiser Memorial Hospital in Idaho has notified 34,249 individuals of a data breach that occurred in September 2024. The breach, attributed to the Embargo ransomware group, compromised sensitive personal and medical information.Comparitech
May 14, 2025
PowerSchool data breach leads to school extortion attempts Full Text
Abstract
A major data breach at PowerSchool, a platform serving over 60 million students and 18,000 educational institutions, has led to extortion attempts targeting public schools. Threat actors are leveraging data stolen in the December 28, 2024 breach.K12 Dive
May 14, 2025
PrepHero-Linked Database Exposed Data of 3M Students and Coaches Full Text
Abstract
A massive data exposure incident involving PrepHero, a college recruiting platform operated by EXACT Sports, has compromised the personal information of over 3 million student-athletes, their parents, and coaches.HackRead
May 9, 2025
Supply chain attack hits npm package with 45,000 weekly downloads Full Text
Abstract
A supply chain attack has compromised the npm package rand-user-agent, which averaged 45,000 weekly downloads. Although deprecated, the package remained popular, making it an attractive target for attackers.Bleeping Computer
April 26, 2025
Interlock ransomware gang started leaking data allegedly stolen from leading kidney dialysis firm DaVita Full Text
Abstract
The group claimed the theft of 1510 GB of sensitive data, including patient records, insurance, and financial information. Interlock leaked DaVita’s alleged stolen files on their data leak site.Security Affairs
April 26, 2025
Data breach at Connecticut’s Yale New Haven Health affects over 5 million Full Text
Abstract
A data breach at Connecticut’s largest healthcare system Yale New Haven Health affects more than 5.5 million people, according to a legally required notice with the U.S. government’s health department.Tech Crunch
April 26, 2025
Baltimore City Public Schools data breach affects over 31,000 people Full Text
Abstract
Baltimore City Public Schools notified tens of thousands of employees and students of a data breach following an incident in February when unknown attackers hacked into its network.Bleeping Computer
April 23, 2025
Blue Shield of California leaked health data of 4.7 million members to Google Full Text
Abstract
Blue Shield of California disclosed it suffered a data breach after exposing protected health information of 4.7 million members to Google's analytics and advertisement platforms.Bleeping Computer
April 23, 2025
SK Telecom warns customer USIM data exposed in malware attack Full Text
Abstract
SK Telecom, South Korea’s largest mobile network operator, has disclosed a malware attack that compromised sensitive USIM-related customer data. The malware enabled access to USIM data, which typically includes IMSI, MSISDN, etc.Bleeping Computer
April 17, 2025
Proton66 Part 2: Compromised WordPress Pages and Malware Campaigns Full Text
Abstract
A recent surge in malicious activity has been observed originating from the Proton66 ASN. This activity includes mass scanning, credential brute forcing, and exploitation attempts. The observed activity is targeting organizations worldwide.Trust Wave
April 17, 2025
Harvest Ransomware Attack: Stolen Data Now Publicly Disclosed Full Text
Abstract
French fintech leader Harvest SAS has become the latest high-profile victim of a sophisticated ransomware attack, culminating this week in the public release of a trove of sensitive stolen data.GBHackers
April 15, 2025
Ransomware gang says it hacked the Oregon Department of Environmental Quality Full Text
Abstract
The Oregon DEQ said it was investigating a cyber attack on its enterprise information services that forced the department to shut down its email system, computer workstations, help desk, and vehicle inspection stations.CompariTech
April 15, 2025
Hertz disclosed a data breach following 2024 Cleo zero-day attack Full Text
Abstract
Car rental giant Hertz Corporation disclosed a data breach that impacted its Hertz, Thrifty, and Dollar brands. Threat actors gained access to customer data via Cleo zero-day exploits in late 2024.Security Affairs
April 11, 2025
US lab testing provider exposed health data of 1.6 million people Full Text
Abstract
Laboratory Services Cooperative (LSC) has released a statement informing it suffered a data breach where hackers stole sensitive information of roughly 1.6 million people from its systems.Bleeping Computer
April 5, 2025
State Bar of Texas Confirms Data Breach, Begins Notifying Affected Consumers Full Text
Abstract
According to an official notice, the breach occurred between January 28, 2025, and February 9, 2025, during which an unauthorized actor gained access to sensitive information stored on the organization’s systems.GBHackers
April 5, 2025
Update: Port of Seattle Says 90,000 People Impacted in 2024 Ransomware Attack Full Text
Abstract
The Port of Seattle, which runs Seattle-Tacoma International Airport, several parks, container terminals, and other services, is sending breach notification letters to those affected, including about 71,000 people in Washington state.The Record
April 4, 2025
Australian Pension Funds Hacked Full Text
Abstract
Several major Australian pension funds have confirmed they were targeted in a coordinated hacking campaign that compromised thousands of customer accounts. REST Super revealed that about 20,000 people were affected.Security Online
March 28, 2025
150,000 Sites Compromised by JavaScript Injection Promoting Chinese Gambling Platforms Full Text
Abstract
The redirections have been found to occur via JavaScript hosted on five different domains (e.g., "zuizhongyj[.]com") that, in turn, serve the main payload responsible for performing the redirects.The Hacker News
March 25, 2025
Inside Hunters International Group: How a Retailer Became the Latest Ransomware Victim Full Text
Abstract
In February 2025, Hunters International exploited CVE-2024-55591 in FortiOS to breach a retailer. They used VPN access, deceptive accounts, Rclone, and WinSCP for data exfiltration before deploying Rust-based ransomware and disabling recovery.Security Online
March 24, 2025
Update: Coinbase was the Primary Target of Recent Github Actions Breaches Full Text
Abstract
Researchers have determined that Coinbase was the primary target in a recent GitHub Actions cascading supply chain attack that compromised secrets in hundreds of repositories.Bleeping Computer
March 15, 2025
Lazarus Breaches IIS Servers With Web Shells and Evolving C2 Tactics Full Text
Abstract
The notorious North Korean threat actor Lazarus Group has been identified breaching Windows web servers to establish command-and-control (C2) infrastructure, leveraging compromised machines as proxy servers for further attacks.Security Online
March 13, 2025
Chinese Hackers Breach Juniper Networks Routers With Custom Backdoors and Rootkits Full Text
Abstract
The latest activity, spotted in mid-2024, involves the use of implants that are based on TinyShell, a C-based backdoor that has been put to use by various Chinese hacking groups like Liminal Panda and Velvet Ant in the past.The Hacker News
March 8, 2025
Qilin Ransomware Gang Claims the Hack of the Ministry of Foreign Affairs of Ukraine Full Text
Abstract
The group stated that it stole sensitive data such as private correspondence, personal information, and official decrees. The ransomware group declared that they had already sold some of the alleged stolen information to third parties.Security Affairs
March 8, 2025
Over 1,000 WordPress Sites Infected with JavaScript Backdoors Enabling Persistent Attacker Access Full Text
Abstract
The malicious JavaScript code has been found to be served via cdn.csyndication[.]com. As of writing, as many as 908 websites contain references to the domain in question.The Hacker News
February 26, 2025
Have I Been Pwned Adds 284M Accounts Stolen by Infostealer Malware Full Text
Abstract
HIBP founder Troy Hunt found 284,132,969 compromised accounts while analyzing 1.5TB of stealer logs likely collected from numerous sources and shared on a Telegram channel known as “ALIEN TXTBASE.”Bleeping Computer
February 21, 2025
Over 330 Million Credentials Compromised by Infostealers Full Text
Abstract
Infostealers became one of the “most significant initial access vectors” in the threat landscape last year, with one threat intelligence company claiming to find over 330 million compromised credentials linked to the malware.Infosecurity Magazine
February 15, 2025
Valve Removed the Game PirateFi From the Steam Platform After Discovery of Hidden Malware Full Text
Abstract
Valve removed the game PirateFi from the Steam video game platform because it contained malicious code designed to steal browser cookies and hijack accounts. The company also advised affected users to reformat their operating systems for mitigation.Security Affairs
February 13, 2025
zkLend Loses $9.5M in Crypto Heist, Asks Hacker to Return 90% Full Text
Abstract
Decentralized money lender zkLend suffered a breach where threat actors exploited a smart contract vulnerability to steal 3,600 Ethereum (ETH), worth $9.5 million at the time.Bleeping Computer
February 8, 2025
Basket of Bank Trojans Defraud Citizens of East India Full Text
Abstract
Victims receive WhatsApp messages containing malicious Android Package Kit (APK) files. Once downloaded, these APKs appear as fake apps of major banks like HDFC Bank and ICICI Bank.Dark Reading
February 5, 2025
New Russian Threat Group Hacks Into U.S. Oil and Gas Facilities Full Text
Abstract
Sector 16 claimed sole responsibility for hacking into the control systems of a U.S. oil and gas production facility, and released a video “purportedly demonstrating their access to the facility’s operational data and systems,” Cyble said.The Cyber Express
February 1, 2025
Lazarus Group’s Latest Heist Hits Hundreds of Victims Globally Full Text
Abstract
North Korea's Lazarus Group compromised hundreds of victims across the globe in a massive secret-stealing supply chain attack that was ongoing as of earlier this month, according to security researchers.The Register
January 31, 2025
Solana Pump.fun Tool DogWifTool Compromised to Drain Crypto Wallets Full Text
Abstract
Hackers have compromised the Windows version of the DogWifTools software for promoting meme coins on the Solana blockchain in a supply-chain attack that drained users' wallets.Bleeping Computer
January 14, 2025
Stolen Path of Exile 2 admin account used to hack player accounts Full Text
Abstract
Path of Exile 2 developers confirmed that a hacked admin account allowed a threat actor to change the password and access at least 66 accounts, finally explaining how PoE 2 accounts have been breached since November.Bleeping Computer
January 11, 2025
Hackers Claim to Breach Russian State Agency Managing Property, Land Records Full Text
Abstract
A group of hackers with unknown ties has claimed responsibility for breaching a Russian government agency, Rosreestr, which is responsible for managing property and land records.The Record
January 9, 2025
Russian ISP Confirms Ukrainian Hackers “Destroyed” its Network Full Text
Abstract
?Ukrainian hacktivists, part of the Ukrainian Cyber Alliance group, announced on Tuesday they had breached Russian internet service provider Nodex's network and wiped hacked systems after stealing sensitive documents.Bleeping Computer
January 8, 2025
Washington sues T-Mobile over 2021 data breach that spilled 79 million customer records Full Text
Abstract
The state of Washington has sued T-Mobile over allegations that the phone giant failed to secure the personal data of millions of state residents prior to an August 2021 data breach that affected over 79 million customers across the U.S.Tech Crunch
December 30, 2024
16 Chrome Extensions Hacked, Exposing Over 600,000 Users to Data Theft Full Text
Abstract
A new attack campaign has targeted known Chrome browser extensions, leading to at least 16 extensions being compromised and exposing over 600,000 users to data exposure and credential theft.Cyware
December 21, 2024
Supply Chain Attack on Rspack npm Packages Injects Cryptojacking Malware Full Text
Abstract
Rspack, a popular high performance JavaScript bundler written in Rust, has been hit with a supply chain attack, affecting two of its npm packages, including @rspack/core and @rspack/cli. Versions 1.1.7 of both packages are affected.Socket
December 11, 2024
Operation Digital Eye: Chinese APT Compromises Critical Digital Infrastructure via Visual Studio Code Tunnels Full Text
Abstract
The threat actors used a lateral movement capability indicative of the presence of a shared vendor or digital quartermaster maintaining and provisioning tooling within the Chinese APT ecosystem.Sentinel One
December 4, 2024
Solana Web3.js Library Compromised in Targeted Supply Chain Attack Full Text
Abstract
Malicious code was injected into versions 1.95.6 and 1.95.7 of the library, which is downloaded over 350,000 times weekly from the npm registry. This code was designed to exfiltrate private keys, leading to cryptocurrency theft.Security Online
December 3, 2024
The Shocking Speed of AWS Key Exploitation Full Text
Abstract
Researchers revealed that attackers tend to find and exploit (within a few minutes) AWS access keys leaked on GitHub and DockerHub, and within several hours those exposed on PyPI, Pastebin, and the Postman Community.Help Net Security
November 23, 2024
Hackers breach US firm over Wi-Fi from Russia in ‘Nearest Neighbor Attack’ Full Text
Abstract
Russian state hackers APT28 breached a U.S. company through its enterprise WiFi network while being thousands of miles away, by leveraging a novel technique called "nearest neighbor attack.Bleeping Computer
November 16, 2024
Microsoft Power Pages Misconfiguration Leads to Data Exposure Full Text
Abstract
Misconfigurations in Microsoft Power Pages are exposing sensitive data. Excessive access permissions allow unauthorized users to access personal information like employee details and internal files.Infosecurity Magazine
November 13, 2024
Microchip Technology Reports $21.4M Expense From August Cyberattack Full Text
Abstract
Microchip Technology revealed a $21.4 million cost incurred from a cyberattack in August 2024 in its quarterly report. SVP and CFO Eric Bjornholt stated that most of the expenses were due to the underutilization of factories caused by the incident.Cybersecurity Dive
November 1, 2024
Attackers Gain Domain Access via Microsoft SharePoint Server Exploit Full Text
Abstract
A recent report by Rapid7 detailed a significant compromise of a Microsoft SharePoint server, resulting in complete domain access for an attacker who utilized various sophisticated techniques.Security Online
November 1, 2024
Abstract Security Raises $15M in Series A Funding Full Text
Abstract
The Series A round was led by Munich Re Ventures, with participation from existing investors Crosslink Capital and Rally Ventures. The company intends to use the funds to continue its growth trajectory and expand its reach in the industry.Finsmes
October 15, 2024
Banking Trojan TrickMo Compromised 13,000 Devices, Now Steals Device Unlock Patterns and PINs Full Text
Abstract
Malware analyst Aazim Yaswant from Zimperium has unveiled new advanced features in the latest TrickMo samples, a banking trojan initially disclosed by Cleafy. The variant uses evasion techniques like obfuscation and zip file manipulation.Security Online
September 28, 2024
China-linked APT group Salt Typhoon compromised some US ISPs Full Text
Abstract
Experts are investigating whether the hackers gained access to Cisco Systems routers, a key component of ISP infrastructures, but Cisco has not found any indication of router involvement.Security Affair
September 23, 2024
AT&T Pays $13 Million FCC Settlement Over 2023 Data Breach Full Text
Abstract
The breach occurred when threat actors gained access to customer data of about 9 million AT&T wireless accounts stored by a vendor. This exposed sensitive customer information like account numbers, phone numbers, and email addresses.Bleeping Computer
September 17, 2024
23andMe Pledges $30 Million to the 6.4 Million People Affected by Data Breach Full Text
Abstract
23andMe has pledged $30 million to compensate the 6.4 million people affected by a data breach in October 2023. The breach occurred when a hacker used stolen credentials to access a significant amount of account information, including health data.The Record
August 31, 2024
FBI: RansomHub Ransomware Breached 210 Victims Since February 2024 Full Text
Abstract
The ransomware operation focuses on data theft extortion rather than encrypting files, with victims facing the threat of stolen data being leaked or sold if negotiations fail.Bleeping Computer
August 29, 2024
Hundreds of LLM Servers Expose Corporate, Health & Other Online Data Full Text
Abstract
Flowise, a popular low-code tool backed by Y Combinator, was particularly at risk due to an authentication bypass vulnerability that allowed access to sensitive information such as GitHub tokens and API keys in plaintext.Dark Reading
August 19, 2024
Crypto Firm Says Hacker Locked All Employees Out of Google Products for Four Days Full Text
Abstract
A cryptocurrency company reported to the SEC that a hacker breached its systems on August 9, 2024, locking all employees out of Google products for four days by changing the passwords on their G-Suite accounts.The Record
August 19, 2024
Thousands of Oracle NetSuite E-Commerce Sites Expose Sensitive Customer Data Full Text
Abstract
Thousands of Oracle NetSuite E-Commerce Sites are at Risk of Exposing Sensitive Customer Data due to a widespread misconfiguration in the SuiteCommerce enterprise resource planning (ERP) platform.Dark Reading
August 16, 2024
Biotech Company Hacked in 2023 Pays States $4.5 Million Over Breached Data Full Text
Abstract
The state attorneys general of New York, New Jersey, and Connecticut reached an agreement with Enzo Biochem, which revealed the incident to the federal government in May 2023.The Record
August 15, 2024
South Korea Says DPRK Hackers Stole Spy Plane Technical Data Full Text
Abstract
South Korea's ruling party, the People Power Party (PPP), has reported that hackers from North Korea have stolen important technical data related to the country's main battle tank, the K2, as well as its spy planes known as "Baekdu" and "Geumgang."Bleeping Computer
August 15, 2024
FBI Says it is Investigating Purported Trump Campaign Hack Full Text
Abstract
The FBI is investigating a suspected hack of the Trump campaign, following accusations of Iranian involvement. The Trump campaign blames foreign sources and cited a Microsoft report linking Iranian hackers to covert efforts to influence the election.The Record
August 14, 2024
Phishing Campaign Poses as Ukraine’s Security Service to Spread ANONVNC Malware Full Text
Abstract
Cybercriminals impersonated the Security Service of Ukraine (SSU) using malicious spam emails to target and infect the systems of Ukrainian government agencies. The attackers successfully distributed AnonVNC malware to over 100 computers.Dark Reading
August 10, 2024
Russian Spies Hacked UK Government Systems Earlier This Year, Stole Data and Emails Full Text
Abstract
Russian spies hacked UK government systems earlier this year, stealing data and emails in a nation-state attack. The breach targeted the Home Office's systems, which had not been previously reported.The Record
August 7, 2024
NHS Software Supplier Advanced Faces $7.6 Million Fine Over Ransomware Attack Failings Full Text
Abstract
NHS software supplier Advanced faces a hefty fine of over £6 million (~$7.6 Million) for failing to protect personal information during a ransomware attack that impacted the National Health Service in the UK.The Record
August 6, 2024
Cyberattack Cost More Than $17 Million, Key Tronic Tells Regulators Full Text
Abstract
Key Tronic revealed to regulators that a cyberattack in May 2024 cost the company over $17 million. The attack led to a shutdown of operations in Mexico and the U.S. for two weeks.The Record
August 5, 2024
Israeli Hacktivist Group Claims it Took Down Iran’s Internet Full Text
Abstract
WeRedEvils announced their intention to target Iranian systems on Telegram, claiming their attack was successful in infiltrating Iran's computer systems, stealing data, and causing the outage.The Register
August 5, 2024
Evasive Panda Compromises ISP to Distribute Malicious Software Updates Full Text
Abstract
The group used DNS poisoning to redirect software update queries to attacker-controlled servers, infecting victims with malware. Volexity detected one attack in Hong Kong, which ceased when the ISP took action.Information Security Buzz
August 2, 2024
APT41 Likely Compromised Taiwanese Government-Affiliated Research Institute with ShadowPad and Cobalt Strike Full Text
Abstract
A government-affiliated research organization in Taiwan was attacked by APT41 hackers, a notorious Chinese hacking group known for targeting sensitive technologies. The breach, starting in July 2023, was identified by Cisco Talos researchers.Talos Intelligence
July 30, 2024
Change Healthcare Begins to Notify Millions Affected by Hack Full Text
Abstract
Change Healthcare has started the process of notifying millions of Americans affected by a massive cyberattack and data theft that occurred more than five months ago. The company is sending individual breach notification letters on a rolling basis.Bank Infosecurity
July 10, 2024 – Phishing
Regional Transport Office Themed Phishing Campaign Targets Android Users In India Full Text
Abstract
Phishing messages impersonating the Regional Transport Office have been circulating since 2024, claiming traffic violations and prompting users to download a malicious APK named "VAHAN PARIVAHAN.apk".Cyble As CISOs Grapple with the C-Suite, Job Satisfaction Takes a Hit Full Text
Abstract
Research shows that 75% of CISOs are considering a job change due to various challenges and pressures. CISOs often face accountability for cyber incidents and compliance failures, leading to discontent.Cybersecurity Dive
September 1, 2023
LogicMonitor Customers Hit by Hackers Due to Weak Default Passwords Full Text
Abstract
Some customers of the network security company LogicMonitor have been hacked due to the use of default passwords, TechCrunch has learned. A LogicMonitor spokesperson confirmed “a security incident” affecting some of the company’s customers.Cyware
September 1, 2023
Sourcegraph Discloses Data Breach Following Access Token Leak Full Text
Abstract
According to the platform, the admin access token used in the attack was leaked in a July 14 commit that passed internal code analysis tools. The token “had broad privileges to view and modify account information on Sourcegraph.com”.Cyware
August 31, 2023
Forever 21 Data Breach Leaks Personal Information of Over 539,000 Individuals Full Text
Abstract
Forever 21 experienced a data breach that compromised the personal information, including names and Social Security numbers, of over 539,000 individuals. The breach occurred between January 5, 2023, and March 21, 2023.Cyware
August 31, 2023
National Safety Council Data Leak Impacts Credentials of NASA, Tesla, DoJ, Verizon, and 2000 Other Firms Full Text
Abstract
The National Safety Council has leaked nearly 10,000 emails and passwords of their members, exposing 2000 companies, including governmental organizations and big corporations.Cyware
August 29, 2023
Japan’s Cybersecurity Agency Breached by Suspected Chinese Hackers: Report Full Text
Abstract
Suspected Chinese hackers breached Japan’s cybersecurity agency and potentially accessed sensitive data stored on its networks for nine months before being discovered, it was reported on Tuesday.Cyware
August 29, 2023
Compromised OpenCart Payment Module Steals Credit Card Information Full Text
Abstract
Attackers are increasingly using backend PHP infections, making it more challenging to detect Magecart infections without access to the compromised website's backend code.Cyware
August 28, 2023
Mom’s Meals discloses data breach impacting 1.2 million people Full Text
Abstract
PurFoods, which conducts business in the U.S. as 'Mom's Meals,' is warning of a data breach after the personal information of 1.2 million customers and employees was stolen in a ransomware attack.BleepingComputer
August 28, 2023
Hacking Group Kittensec Claims to ‘Pwn Anything We See’ to Expose Corruption Full Text
Abstract
On July 28, KittenSec claimed in a Telegram post to have hacked multiple Romanian government systems and posted a file containing roughly 36 gigabytes of data, including emails, documents, contracts, and healthcare-related data.Cyware
August 27, 2023
Rhysida claims ransomware attack on Prospect Medical, threatens to sell data Full Text
Abstract
The Rhysida ransomware gang has claimed responsibility for the massive cyberattack on Prospect Medical Holdings, claiming to have stolen 500,000 social security numbers, corporate documents, and patient records.BleepingComputer
August 26, 2023
Kroll Suffers Data Breach: Employee Falls Victim to SIM Swapping Attack Full Text
Abstract
Risk and financial advisory solutions provider Kroll on Friday disclosed that one of its employees fell victim to a "highly sophisticated" SIM swapping attack. The incident, which took place on August 19, 2023, targeted the employee's T-Mobile account, the company said. "Specifically, T-Mobile, without any authority from or contact with Kroll or its employee, transferred that employee's phone number to the threat actor's phone at their request," it said in an advisory. This enabled the unidentified actor to gain access to certain files containing personal information of bankruptcy claimants in the matters of BlockFi , FTX , and Genesis. SIM swapping (aka SIM splitting or simjacking), while generally a benign process, could be exploited by threat actors to fraudulently activate a SIM card under their control with a victim's phone number. This makes it possible to intercept SMS messages and voice calls and receive MFA-related messages that contThe Hacker News
August 26, 2023
Malwarebytes Announces Acquisition of Online Privacy Company Cyrus Full Text
Abstract
This strategic acquisition reinforces Malwarebytes' commitment to privacy by giving users more control over their information, no matter where or how they choose to browse and interact online.Cyware
August 26, 2023
Thousands of SSNs Leaked After Ransomware Attack on Ohio State Archive Organization Full Text
Abstract
One of the oldest historical societies in the state of Ohio was hit with a ransomware attack that leaked the sensitive information of thousands, according to a statement the organization released this week.Cyware
August 25, 2023
Bankrupt Crypto Platforms FTX and BlockFi Warn Customers of Data Breach Full Text
Abstract
FTX learned that Kroll, the claims agent in the bankruptcy, experienced a cybersecurity incident that compromised non-sensitive customer data of certain claimants in the pending bankruptcy case.Cyware
August 25, 2023
Nearly 1,000 Organizations, 60 Million Individuals Impacted by MOVEit Hack Full Text
Abstract
On August 14 and 15, the cybercriminals leaked nearly 1 Tb of information allegedly stolen from 16 of the victims, Resecurity said. These victims include UCLA, Siemens Energy, Cognizant, and cybersecurity firms Norton LifeLock and Netscout.Cyware
August 25, 2023
Title Lender TMX Now Says Payment Card Data Stolen in Breach Full Text
Abstract
A revised data breach notification is being sent to victims stating that attackers may have also stolen their credit/debit card number, beyond the raft of personal information.Cyware
August 23, 2023
University of Minnesota Investigates Alleged Data Breach Involving Seven Million Alumni Full Text
Abstract
The University of Minnesota has contacted law enforcement and launched an investigation into a data breach that could impact millions of alumni. A hacker claimed to have collected 7 million Social Security numbers in July.Cyware
August 22, 2023
Defense contractor Belcan leaks admin password with a list of flaws Full Text
Abstract
US Government and defense contractor Belcan left its super admin credentials open to the public, Cybernews research team reveals. Belcan is a government, defense, and aerospace contractor offering global design, software, manufacturing, supply chain,...Security Affairs
August 22, 2023
Two Data Breaches in Gadsden: Court System, EMS Report That Data May Have Been Stolen Full Text
Abstract
The 2nd Judicial Circuit announced Monday that law enforcement is investigating a data breach involving Gadsden County court records. In a news release, the circuit said that initial assessments show some of the records contained PII.Cyware
August 22, 2023
Snatch Gang Claims the Hack of South Africa’s Department of Defense Full Text
Abstract
The group claims to have stolen military contracts, internal call signs, and personal data, amounting to 1.6 TB. If the attack gets confirmed, the disclosure of confidential information poses a serious risk to organizations involved in the contracts.Cyware
August 22, 2023
Ukrainian Hackers Claim to Leak Emails of Russian Parliament Deputy Chief Full Text
Abstract
Ukrainian hackers claim to have broken into the email account of a senior Russian politician and exposed documents that allegedly prove his involvement in money laundering and sanction evasion schemes.Cyware
August 21, 2023
BlackCat ransomware group claims the hack of Seiko network Full Text
Abstract
The BlackCat/ALPHV ransomware group claims to have hacked the Japanese maker of watches Seiko and added the company to its data leak site. On August 10, 2023, the Japanese maker of watches Seiko disclosed a data breach following a cyber attack. "Seiko...Security Affairs
August 21, 2023
Tesla Discloses Data Breach Impacting 75,000 People’s Personal Information Full Text
Abstract
A notification letter sent to impacted people reveals that the data breach is related to a couple of former employees sending confidential information to German media outlet Handelsblatt.Cyware
August 19, 2023
Illinois Hospital Notifies Patients, Employees of Data Breach After Royal Gang Posting Full Text
Abstract
In late May, reports said the Royal ransomware gang had posted data from the organization on its leak site. As of May 23, the hospital had said it was still investigating the incident.Cyware
August 17, 2023
NYC Finance Department Sent Every Employee Their Colleagues’ Personal Info Full Text
Abstract
The New York City’s tax collection agency accidentally shared the home addresses, cell phone numbers, and personal email addresses of more than 1,700 workers with all those employees.Cyware
August 17, 2023
Ongoing Hijacking Campaign Targets LinkedIn Accounts Full Text
Abstract
Several LinkedIn users have reported difficulties in recovering their hacked or locked-out accounts through LinkedIn support. Some claimed to have faced ransom demands or account deletion threats. In the past few months, according to Google Trends, there’s been a 5000% increase in searches related ... Read MoreCyware
August 16, 2023
Approximately 2000 Citrix NetScaler servers were backdoored in a massive campaign Full Text
Abstract
A threat actor has compromised roughly 2,000 Citrix NetScaler servers exploiting a remote code execution tracked as CVE-2023-3519. In July Citrix warned customers of a critical vulnerability, tracked as CVE-2023-3519 (CVSS score: 9.8), in NetScaler...Security Affairs
August 16, 2023
Nearly 2,000 Citrix NetScaler Instances Hacked via Critical Vulnerability Full Text
Abstract
Nearly 2,000 Citrix NetScaler instances have been compromised with a backdoor by weaponizing a recently disclosed critical security vulnerability as part of a large-scale attack. "An adversary appears to have exploited CVE-2023-3519 in an automated fashion, placing web shells on vulnerable NetScalers to gain persistent access," NCC Group said in an advisory released Tuesday. "The adversary can execute arbitrary commands with this webshell, even when a NetScaler is patched and/or rebooted." CVE-2023-3519 refers to a critical code injection vulnerability impacting NetScaler ADC and Gateway servers that could lead to unauthenticated remote code execution. It was patched by Citrix last month. The development comes a week after the Shadowserver Foundation said it identified close to 7,000 vulnerable, unpatched NetScaler ADC and Gateway instances online and the flaw is being abused to drop PHP web shells on vulnerable servers for remote access. A follow-up analThe Hacker News
August 15, 2023
Georgia Healthcare System Notifies 180,000 People of Breach After Suffering Ransomware Attack Full Text
Abstract
The apparent Hive ransomware attack on the Tift Regional Health System involved hackers accessing and copying files containing patient information, including medical and banking account information.Cyware
August 15, 2023
UK: Norfolk and Suffolk Police Admit Breach Involving Personal Data of 1,230 People Full Text
Abstract
Two police forces in England have admitted mishandling the sensitive data of victims, witnesses, and suspects in cases including domestic abuse incidents, sexual offenses, assaults, thefts, and hate crime.Cyware
August 14, 2023
Colorado HCPF Department notifies 4 million individuals after IBM MOVEit breach Full Text
Abstract
The Colorado Department of Health Care Policy & Financing (HCPF) disclose a data breach after MOVEit attack on IBM. The Colorado Department of Health Care Policy & Financing (HCPF) disclosed a data breach that impacted more than four million...Security Affairs
August 12, 2023
UK: Cumbria Police Admit Huge Breach of Data of Officers and Staff Full Text
Abstract
Cumbria police have admitted accidentally publishing the names and salaries of every one of its more than 2,000 employees and have apologized. The data breach happened in March and has not previously been publicized.Cyware
August 12, 2023
UK govt contractor MPD FM leaks employee passport data Full Text
Abstract
UK govt contractor MPD FM left an open instance that exposed employee passports, visas, and other sensitive data MPD FM, a facility management and security company providing services to various UK government departments, left an open instance that...Security Affairs
August 10, 2023
Update: The MOVEit Spree is as Bad as — or Worse — Than You Think it is Full Text
Abstract
The mass exploit of a zero-day vulnerability in MOVEit has compromised more than 600 organizations and 40 million individuals to date, but the numbers mask a more disastrous outcome that’s still unfolding.Cyware
August 10, 2023
Data of all serving police officers Police Service of Northern Ireland (PSNI) mistakenly published online Full Text
Abstract
Police Service of Northern Ireland (PSNI) mistakenly shared sensitive data of all 10,000 serving police officers in response to a FOI request. The Police Service of Northern Ireland (PSNI) has mistakenly shared sensitive data of all 10,000 serving...Security Affairs
August 9, 2023
LockBit threatens to leak medical data of cancer patients stolen from Varian Medical Systems Full Text
Abstract
The LockBit ransomware group threatens to leak medical data of cancer patients stolen from Varian Medical Systems. The LockBit ransomware group claims to have hacked the healthcare company Varian Medical Systems and threatens to leak the medical data...Security Affairs
August 09, 2023
U.K. Electoral Commission Breach Exposes Voter Data of 40 Million Britons Full Text
Abstract
The U.K. Electoral Commission on Tuesday disclosed a "complex" cyber attack on its systems that went undetected for over a year, allowing the threat actors to access years worth of voter data belonging to 40 million people. "The incident was identified in October 2022 after suspicious activity was detected on our systems," the regulator said . "It became clear that hostile actors had first accessed the systems in August 2021." The intrusion enabled unauthorized access to the Commission's servers hosting email, control systems, and copies of the electoral registers it maintains for research purposes. The identity of the intruders are presently unknown. The registers included the name and address of anyone in the U.K. who registered to vote between 2014 and 2022, as well as the names of those registered as overseas voters. However, they did not contain information of those who qualified to register anonymously and addresses of overseas electors regiThe Hacker News
August 9, 2023
Lockbit Threatens to Leak Medical Data of Cancer Patients Stolen From Varian Medical Systems Full Text
Abstract
Lockbit has fixed the deadline for the ransom payment on August 17, 2023. If confirmed the incident could have a dramatic impact on the privacy of cancer patients. The company has yet to disclose the security incident.Cyware
August 8, 2023
UK Electoral Commission discloses a data breach Full Text
Abstract
The UK Electoral Commission suffered a data breach that exposed voters' personal information between 2014 and 2022. The UK Electoral Commission disclosed a data breach that exposed the personal information of voters in the United Kingdom between 2014...Security Affairs
August 7, 2023
North Korea compromised Russian missile engineering firm NPO Mashinostroyeniya Full Text
Abstract
Two North Korea-linked APT groups compromised the infrastructure of the major Russian missile engineering firm NPO Mashinostroyeniya. Cybersecurity firm SentinelOne linked the compromise of the major Russian missile engineering firm NPO Mashinostroyeniya...Security Affairs
August 6, 2023
Colorado Department of Higher Education (CDHE) discloses data breach after ransomware attack Full Text
Abstract
The Colorado Department of Higher Education (CDHE) finally disclosed a data breach impacting students, past students, and teachers after the June attack. In June a ransomware attack hit the Colorado Department of Higher Education (CDHE), now the organization...Security Affairs
August 5, 2023
Millions of people’s healthcare files accessed by Clop gang Full Text
Abstract
The new additions to the victims' list bring the headcount to 514 organizations and more than 36 million individuals, according to Emsisoft threat researchers. It may take months if not years for the full impact and costs to become clear.Cyware
August 4, 2023
Mondee Security Lapse Exposed Flight Itineraries and Unencrypted Credit Card Numbers Full Text
Abstract
The database, hosted on Oracle’s cloud and more than 1.7 terabytes in size at the time it was exposed, contained customer’s personal information, including names, gender, dates of birth, home addresses, flight information and passport numbers.Cyware
August 3, 2023
Canadian Healthcare Workers’ Private Information Subject to Data Breach Full Text
Abstract
Hackers had access to the HEABC system from May 9 to June 10 and the breach wasn’t detected until July 13, according to the association, after staff “identified a potential anomaly” but did not provide further explanation.Cyware
August 3, 2023
Pennsylvania County Says Data Breach May Have Exposed 690,000 People’s Personal Information Full Text
Abstract
The county says it, along with 22 million people worldwide, has been targeted by a global cyber security breach. The breach gave a group of cybercriminals access to personal information like driver's license numbers and Social Security numbers.Cyware
August 2, 2023
Hackers already installed web shells on 581 Citrix servers in CVE-2023-3519 attacks Full Text
Abstract
Researchers warn that hundreds of Citrix servers have been hacked in an ongoing campaign exploiting the RCE CVE-2023-3519. Security researchers from the non-profit organization Shadowserver Foundation reported that hundreds of Citrix Netscaler ADC and Gateway...Security Affairs
August 2, 2023
Burger King forgets to put a password on their systems, again Full Text
Abstract
The fast food giant Burger King put their systems and data at risk by exposing sensitive credentials to the public for a second time. Original post @https://cybernews.com/security/burger-king-data-leak/ Burger King is a renowned US-based international...Security Affairs
July 31, 2023
School Accreditation Organization Exposed Sensitive Information on Students, Parents, and Teachers Online Full Text
Abstract
An unprotected database belonging to the Southern Association of Independent Schools (SAIS) was found exposing sensitive data on students, parents, and teachers, including health records, social security numbers, and confidential security reports.Cyware
July 29, 2023
CoinsPaid Blames North Korea-Linked APT Lazarus for Theft of $37M Worth of Cryptocurrency Full Text
Abstract
“On July 22nd, CoinsPaid experienced a hacker attack, resulting in the theft of USD 37.3M,” reads the announcement published by the company. “We believe Lazarus expected the attack on CoinsPaid to be much more successful.”Cyware
July 27, 2023
DepositFiles exposed config file, jeopardizing user security Full Text
Abstract
DepositFiles, a popular web hosting service, left its environment configuration file accessible, revealing a trove of highly sensitive credentials. The recent tsunami of Cl0p-driven ransomware attacks via the MOVEit Transfer exploit is a painful...Security Affairs
July 27, 2023
Up to 11 Million People Hit by MOVEit Hack at Government Services Firm Maximus Full Text
Abstract
According to Maximus, the attackers stole files containing personal information and protected health information, including Social Security numbers, “of at least 8 to 11 million individuals”.Cyware
July 22, 2023
Global CDN Service ‘jsdelivr’ Exposed Users to Phishing Attacks Full Text
Abstract
The malicious NPM package, which masqueraded as a legitimate alternative to a popular package, downloaded a phishing HTML code from the jsdelivr CDN service to steal users' credentials.Cyware
July 22, 2023
DHL Investigating MOVEit Breach as Number of Victims Surpasses 20 Million Full Text
Abstract
The United Kingdom arm of shipping giant DHL said it is investigating a data breach sourced back to its use of the MOVEit software, which has been exploited by a Russia-based ransomware group for nearly two months.Cyware
July 21, 2023
Nice Suzuki, sport: shame dealer left your data up for grabs Full Text
Abstract
Cybernews research team discovered that two Suzuki-authorized dealer websites were leaking customers' sensitive information. Suzuki or otherwise, buying a new vehicle is an intense experience with complicated credit, insurance, documentation, and contracts....Security Affairs
July 20, 2023
Tampa General Hospital Says Hackers Exfiltrated the Data of 1.2 Million Patients Full Text
Abstract
A security breach was detected on May 31, 2023, when suspicious activity was identified within its network. The affected systems were immediately taken offline to prevent further unauthorized access.Cyware
July 20, 2023
Turla’s New DeliveryCheck Backdoor Breaches Ukrainian Defense Sector Full Text
Abstract
The defense sector in Ukraine and Eastern Europe has been targeted by a novel .NET-based backdoor called DeliveryCheck (aka CAPIBAR or GAMEDAY) that's capable of delivering next-stage payloads. The Microsoft threat intelligence team, in collaboration with the Computer Emergency Response Team of Ukraine (CERT-UA), attributed the attacks to a Russian nation-state actor known as Turla , which is also tracked under the names Iron Hunter, Secret Blizzard (formerly Krypton), Uroburos, Venomous Bear, and Waterbug. It's linked to Russia's Federal Security Service (FSB). "DeliveryCheck is distributed via email as documents with malicious macros," the company said in a series of tweets. "It persists via a scheduled task that downloads and launches it in memory. It also contacts a C2 server to retrieve tasks, which can include the launch of arbitrary payloads embedded in XSLT stylesheets." Successful initial access is also accompanied in some cases by tThe Hacker News
July 19, 2023
FIA World Endurance Championship driver passports leaked Full Text
Abstract
Le Mans Endurance Management, operating the FIA World Endurance Championship’s website, exposed the data of hundreds of drivers by leaking their IDs and drivers’ licenses, the Cybernews research team has discovered. On June 16th, our researchers...Security Affairs
July 18, 2023
Virustotal data leak exposed data of some registered customers, including intelligence members Full Text
Abstract
The online malware scanning service VirusTotal leaked data associated with some registered customers, German newspapers reported. German newspapers Der Spiegel and Der Standard reported that the online malware scanning service VirusTotal leaked...Security Affairs
July 18, 2023
Phoenician Medical Center Cyberattack Affects Up to 162,500 Patients Full Text
Abstract
The forensic investigation confirmed that there had been unauthorized access to files containing the protected health information of patients, some of which may have been obtained by the hackers.Cyware
July 18, 2023
‘Millions of emails’ for US military sent to .ml addresses Full Text
Abstract
For the past decade, millions of emails destined for .mil US military addresses were actually directed at .ml addresses, that being the top-level domain for the African nation of Mali, it's claimed.Cyware
July 18, 2023
JumpCloud Blames ‘Sophisticated Nation-State’ Actor for Security Breach Full Text
Abstract
A little over a week after JumpCloud reset API keys of customers impacted by a security incident, the company said the intrusion was the work of a sophisticated nation-state actor. The adversary "gained unauthorized access to our systems to target a small and specific set of our customers," Bob Phan, chief information security officer (CISO) at JumpCloud, said in a post-mortem report. "The attack vector used by the threat actor has been mitigated." The U.S. enterprise software firm said it identified anomalous activity on June 27, 2023, on an internal orchestration system, which it traced back to a spear-phishing campaign mounted by the attacker on June 22. While JumpCloud said it took security steps to shield its network by rotating credentials and rebuilding its systems, it wasn't until July 5 when it detected "unusual activity" in the commands framework for a small set of customers, prompting a forced-rotation of all admin API keys. The numThe Hacker News
July 18, 2023
Dating App That Claims 50 Million Users Suffered a Data Breach Full Text
Abstract
Cybersecurity researcher Jeremiah Fowler discovered a non-password-protected database containing approximately 2.3 million records associated with multiple dating applications.Cyware
July 17, 2023
Global Data Breach Could Impact 70,000 Residents, Vendor Employees With Hillsborough County Full Text
Abstract
Hillsborough County said they've mailed notification letters to 70,636 people who are clients of Healthcare services and vendors of aging services who they know were impacted.Cyware
July 15, 2023
Microsoft Bug Allowed Hackers to Breach Over Two Dozen Organizations via Forged Azure AD Tokens Full Text
Abstract
Microsoft on Friday said a validation error in its source code allowed for Azure Active Directory (Azure AD) tokens to be forged by a malicious actor known as Storm-0558 using a Microsoft account (MSA) consumer signing key to breach two dozen organizations. "Storm-0558 acquired an inactive MSA consumer signing key and used it to forge authentication tokens for Azure AD enterprise and MSA consumer to access OWA and Outlook.com," the tech giant said in a deeper analysis of the campaign. "The method by which the actor acquired the key is a matter of ongoing investigation." "Though the key was intended only for MSA accounts, a validation issue allowed this key to be trusted for signing Azure AD tokens. This issue has been corrected." It's not immediately clear if the token validation issue was exploited as a "zero-day vulnerability" or if Microsoft was already aware of the problem before it came under in-the-wild abuse. The attacks singlThe Hacker News
July 14, 2023
The source code of the BlackLotus UEFI Bootkit was leaked on GitHub Full Text
Abstract
The source code for the BlackLotus UEFI bootkit has been published on GitHub and experts warn of the risks of proliferation of custom versions. Researchers from ESET discovered in March a new stealthy Unified Extensible Firmware Interface (UEFI) bootkit,...Security Affairs
July 14, 2023
BlackLotus UEFI Bootkit Source Code Leaked on GitHub Full Text
Abstract
The BlackLotus source code that was published on GitHub on Wednesday has been stripped of the ‘Baton Drop’ exploit targeting CVE-2022-21894, and uses the bootlicker UEFI firmware rootkit, but contains the rest of the original code.Cyware
July 13, 2023
Chinese hackers compromised emails of U.S. Government agencies Full Text
Abstract
Chinese hackers have compromised the emails of an unnamed US Federal Civilian Executive Branch (FCEB) agency. In Mid-June a malicious email activity was reported by an unnamed US Federal Civilian Executive Branch (FCEB) agency. Microsoft experts who investigated...Security Affairs
July 13, 2023
U.S. Government Agencies’ Emails Compromised in China-Backed Cyber Attack Full Text
Abstract
An unnamed Federal Civilian Executive Branch (FCEB) agency in the U.S. detected anomalous email activity in mid-June 2023, leading to Microsoft's discovery of a new China-linked espionage campaign targeting two dozen organizations. The details come from a joint cybersecurity advisory released by the U.S. Cybersecurity and Infrastructure Security Agency (CISA) and Federal Bureau of Investigation (FBI) on July 12, 2023. "In June 2023, a Federal Civilian Executive Branch (FCEB) agency identified suspicious activity in their Microsoft 365 (M365) cloud environment," the authorities said . "Microsoft determined that advanced persistent threat (APT) actors accessed and exfiltrated unclassified Exchange Online Outlook data." While the name of the government agency was not revealed, CNN and the Washington Post reported it was the U.S. State Department, citing people familiar with the matter. Also targeted were the Commerce Department as well as the email accouThe Hacker News
July 11, 2023
HCA Healthcare data breach impacted 11 million patients Full Text
Abstract
HCA Healthcare disclosed a data breach that exposed the personal information of roughly 11 million patients. HCA Healthcare this week announced that the personal information of roughly 11 million patients was compromised in a data breach. The organization...Security Affairs
July 11, 2023
HCA Healthcare Reports Breach of 11 Million Patients’ Personal Data Full Text
Abstract
In a website notice, HCA confirmed that the data includes “information used for email messages, such as reminders that patients may wish to schedule an appointment and education on healthcare programs and services.”Cyware
July 10, 2023
A flaw in Revolut US payments resulted in the theft of $20 Million Full Text
Abstract
A zero-day vulnerability in the Revolut payment systems allowed threat actors to steal more than $20 million in early 2022. In early 2022, threat actors exploited a zero-day flaw in Revolut payment systems to steal more than $20 million, reported...Security Affairs
July 10, 2023
35 Million Indonesians’ Passport Data for Sale on Dark Web for $10K Full Text
Abstract
Indonesian security researcher Teguh Aprianto revealed on Twitter last week that a hacker had put up for sale Indonesian passport holders' details including their full names, birth dates, gender, passport numbers, and passport validity dates.Cyware
July 10, 2023
Razer investigates data breach claims, resets user sessions Full Text
Abstract
Gaming gear company Razer reacted to recent rumors of a massive data breach with a short statement on Twitter, letting users know that they started an investigation into the matter.BleepingComputer
July 8, 2023
Global Translation Service Exposed Highly Sensitive Records Online Full Text
Abstract
Website Planet‘s security researcher Jeremiah Fowler discovered a non-password-protected database that contained over 25,000 records, all publicly exposed, including ‘highly sensitive’ documents.Cyware
July 7, 2023
Bangladesh government website leaked data of millions of citizens Full Text
Abstract
A researcher recently discovered that a Bangladesh government website leaks the personal data of citizens. The researcher Viktor Markopoulos discovered a Bangladeshi government website that was leaking the personal information of millions of Bangladesh...Security Affairs
July 6, 2023
28,000 Employees Impacted by Data Breach at Pepsi Bottling Ventures Full Text
Abstract
Discovered on January 10, the data breach occurred between December 23, 2022, and January 19, 2023, and resulted in the personal, financial, and health information of the company’s employees being accessed by an unauthorized party.Cyware
July 6, 2023
Large Indian Tech Retailer Exposes Employee and Customer Data Full Text
Abstract
The tech retailer Poorvika had a non-password-protected data breach exposing sensitive employee and customer data. The breach included a vast number of records, including personal information, email addresses, tax invoices, and payment receipts.Cyware
July 4, 2023
MOVEit attack on Aon exposed data of the staff at the Dublin Airport Full Text
Abstract
Personal data of the personnel at the Dublin Airport was compromised due to a MOVEit attack on professional service provider Aon. Data of about 3000 employees of Dublin Airport (DDA) were compromised after professional service provider Aon fell victim...Security Affairs
July 4, 2023
Major Data Leaks on TikTok, Instagram, and Yahoo Full Text
Abstract
A SOCRadar dark web analyst recently discovered an alleged database leak for Instagram. The leaked data reportedly contains over 17 million records in JSON format. The nature of the data suggests that it may have been collected from open source.Cyware
July 3, 2023
Anonymous Sudan claims to have stolen 30 million Microsoft’s customer accounts Full Text
Abstract
Microsoft denied the data breach after the collective of hacktivists known as Anonymous Sudan claimed to have hacked the company. In early June, Microsoft suffered severe outages for some of its services, including Outlook email, OneDrive file-sharing...Security Affairs
July 3, 2023
Ireland: Dublin Airport staff pay data hit by criminals Full Text
Abstract
Pay and benefits details of Dublin Airport staff were compromised in a cyberattack on professional service provider Aon, highlighting the vulnerability of supply chain attacks.Cyware
July 3, 2023
HHS Says At Least 100,000 People’s Data Exposed After Hacks at Government Contractors Full Text
Abstract
While no HHS systems or networks were compromised, attackers gained access to HHS data by exploiting the vulnerability in the MOVEit software used by third-party vendors, the official said.Cyware
July 1, 2023
More than 16 million people and counting have had data exposed in MOVEit breaches Full Text
Abstract
Since June 1, experts have warned of the vulnerability affecting the popular file transfer software, and dozens of the biggest organizations in the U.S. and Europe have since come forward to reveal that they were affected by the situation.Cyware
July 1, 2023
Update: 1.1 Million NHS Patients’ Data Also Breached in the University of Manchester Attack Full Text
Abstract
The compromised NHS data includes records of major trauma patients across England and individuals treated after terror attacks, which the university collected for research purposes, according to media outlet The Independent on Thursday.Cyware
June 29, 2023
The phone monitoring app LetMeSpy disclosed a data breach Full Text
Abstract
Android app LetMeSpy disclosed a security breach, sensitive data associated with thousands of Android users were exposed. The phone monitoring app LetMeSpy disclosed a security breach, threat actors have stolen sensitive data associated with thousands...Security Affairs
June 29, 2023
Android Spy App LetMeSpy Suffers Major Data Breach, Exposing Users’ Personal Data Full Text
Abstract
Android-based phone monitoring app LetMeSpy has disclosed a security breach that allowed an unauthorized third-party to steal sensitive data associated with thousands of Android users. "As a result of the attack, the criminals gained access to email addresses, telephone numbers and the content of messages collected on accounts," LetMeSpy said in an announcement on its website, noting the incident took place on June 21, 2023. Following the discovery of the hack, LetMeSpy said it notified law enforcement and data protection authorities. It's also taking steps to suspend all account-related functions until further notice. The identity of the threat actor and their motives are currently unknown. The work of a Polish company named Radeal, LetMeSpy is offered as a monthly subscription ($6 for Standard or $12 for Pro), allowing its customers to snoop on others simply by installing the software on their devices. An Internet Archive snapshot from December 2013 shows that iThe Hacker News
June 29, 2023
US Patent and Trademark Office Notifies Filers of Years-Long Data Leak Full Text
Abstract
The U.S. Patent and Trademark Office (USPTO) said in a notice sent to affected trademark applicants that their private domicile address — often their home address — inadvertently appeared in public records between February 2020 and March 2023.Cyware
June 28, 2023
Victim Count in Ransomware Attack at Maryland Healthcare Provider Jumps Fivefold to 137,000 Full Text
Abstract
A Berlin, Maryland-based hospital recently told regulators that a ransomware breach discovered in January had compromised the sensitive information of nearly 137,000 patients, about five times the number of people originally estimated to be affected.Cyware
June 27, 2023
Siemens Energy confirms data breach after MOVEit data-theft attack Full Text
Abstract
Siemens Energy has confirmed that data was stolen during the recent Clop ransomware data-theft attacks using a zero-day vulnerability in the MOVEit Transfer platform.BleepingComputer
June 27, 2023
Schneider Electric and Siemens Energy Among the Latest Victims of MOVEit Zero-Day Attacks Full Text
Abstract
The Cl0p ransomware group added five new victims of MOVEit attacks to its dark web leak site, including the industrial control systems giants Schneider Electric and Siemens Energy.Cyware
June 26, 2023
MOVEit Breach Exposes Sensitive Data on New York City Public Schools Full Text
Abstract
A MOVEit cyberattack has exposed sensitive data on around 45 thousand New York City Public School students - as well as Department of Education staff and service providers.Cyware
June 23, 2023
2.5 million Genworth policyholders affected by MOVEit hack Full Text
Abstract
A third-party vendor lost the personal data of at least 2.5 million Genworth Financial policyholders, including Social Security numbers, to the Russian Cl0p ransomware gang, according to the Fortune 500 insurer.Cyware
June 22, 2023
Norton parent firm Gen Digital, was victim of a MOVEit ransomware attack too Full Text
Abstract
Norton parent firm, Gen Digital, was the victim of a ransomware attack that exploited the recently disclosed MOVEit zero-day vulnerability. Gen Digital Inc. (formerly Symantec Corporation and NortonLifeLock) is a multinational software company that...Security Affairs
June 20, 2023
3CX data exposed, third-party to blame Full Text
Abstract
A third-party vendor of 3CX, a popular Voice over Internet Protocol (VoIP) comms provider, left an open server and exposed sensitive 3CX data. The issue went under the company’s radar, even though it was recently targeted by North Korean hackers. While...Security Affairs
June 20, 2023
Over 100,000 Stolen ChatGPT Account Credentials Sold on Dark Web Marketplaces Full Text
Abstract
Over 101,100 compromised OpenAI ChatGPT account credentials have found their way on illicit dark web marketplaces between June 2022 and May 2023, with India alone accounting for 12,632 stolen credentials. The credentials were discovered within information stealer logs made available for sale on the cybercrime underground, Group-IB said in a report shared with The Hacker News. "The number of available logs containing compromised ChatGPT accounts reached a peak of 26,802 in May 2023," the Singapore-headquartered company said . "The Asia-Pacific region has experienced the highest concentration of ChatGPT credentials being offered for sale over the past year." Other countries with the most number of compromised ChatGPT credentials include Pakistan, Brazil, Vietnam, Egypt, the U.S., France, Morocco, Indonesia, and Bangladesh. A further analysis has revealed that the majority of logs containing ChatGPT accounts have been breached by the notorious Raccoon info stealThe Hacker News
June 16, 2023
Two Energy Department Entities Breached as Part of Massive MOVEit Transfer Compromise Full Text
Abstract
Multiple federal agencies, including two Department of Energy entities, were victims of a cyberattack that resulted from a widespread vulnerability in MOVEit file transfer software, federal officials said Thursday.Cyware
June 14, 2023
Over 181,000 Patients’ Records at Pennsylvania Cardiology Group Breached Full Text
Abstract
The breach of the cardiology group first occurred on Feb 2 in data maintained by Commonwealth Health Physician Network-Cardiology, aka Great Valley Cardiology (GVC). The breach wasn't discovered until April 13, the system said in a news release.Cyware
June 13, 2023
A database containing data of +8.9 million Zacks users was leaked online Full Text
Abstract
A database containing the personal information of more than 8.9 million Zacks Investment Research users was leaked on a cybercrime forum. A database containing personal information of 8,929,503 Zacks Investment Research users emerged on a popular...Security Affairs
June 13, 2023
UK communications regulator Ofcom hacked with a MOVEit file transfer zero-day Full Text
Abstract
UK communications regulator Ofcom suffered a data breach after a Clop ransomware attack exploiting the MOVEit file transfer zero-day. UK's communications regulator Ofcom disclosed a data breach after a Clop ransomware attack. The threat actors exploited...Security Affairs
June 12, 2023
Intellihartx data breach exposed the personal and health info of 490,000 individuals Full Text
Abstract
Intellihartx is notifying about 490,000 individuals that their personal information was compromised in the GoAnywhere zero-day attack in January. The Clop ransomware group has stolen stole personal and health information of 489,830 individuals as a result...Security Affairs
June 12, 2023
San Francisco 49ers agree to pay out victims of 2022 data breach Full Text
Abstract
According to The Athletic, three class action lawsuits related to the breach were combined into one case. The plaintiffs filed settlement papers in California federal court, the site reported, which they described as an “unopposed motion.”Cyware
June 12, 2023
Password Reset Hack Exposed in Honda’s E-Commerce Platform, Dealers Data at Risk Full Text
Abstract
Security vulnerabilities discovered in Honda's e-commerce platform could have been exploited to gain unrestricted access to sensitive dealer information. "Broken/missing access controls made it possible to access all data on the platform, even when logged in as a test account," security researcher Eaton Zveare said in a report published last week. The platform is designed for the sale of power equipment, marine, lawn and garden businesses. It does not impact the Japanese company's automobile division. The hack, in a nutshell, exploits a password reset mechanism on one of Honda's sites, Power Equipment Tech Express (PETE), to reset the password associated with any account and obtain full admin-level access. This is made possible due to the fact that the API allows any user to send a password reset request simply by just knowing the username or email address and without having to enter a password tied to that account. Armed with this capability, a malicioThe Hacker News
June 12, 2023
Xplain data breach also impacted the national Swiss railway FSS Full Text
Abstract
The Play ransomware attack suffered by the IT services provider Xplain also impacted the national railway company of Switzerland (FSS) and the canton of Aargau. The Play ransomware attack suffered by the IT services provider Xplain is worse than initially...Security Affairs
June 10, 2023
The University of Manchester suffered a cyber attack and suspects a data breach Full Text
Abstract
The University of Manchester suffered a cyberattack, attackers likely stole staff and students' data from its systems. The University of Manchester, one of the UK's largest educational institutions, suffered a cyberattack, The popular university suspects...Security Affairs
June 8, 2023
German recruiter Pflegia leaks sensitive job seeker info Full Text
Abstract
Pflegia, a German healthcare recruitment platform, has exposed hundreds of thousands of files with sensitive user data such as names, home addresses, and emails. Scouting for a new career can be stressful. Now imagine that, instead of a new role,...Security Affairs
June 8, 2023
German Recruiter Pflegia Leaks 360,000 Files Containing Sensitive Job Seeker Information Full Text
Abstract
The exposed AWS bucket held hundreds of thousands of files with sensitive information, including user-submitted resumes with details such as full names, dates of birth, and occupation history.Cyware
June 8, 2023
API Vulnerabilities in Honda eCommerce Platform Exposed Customer, Dealer Data Full Text
Abstract
A researcher has disclosed the details of serious vulnerabilities discovered in a Honda e-commerce platform used for equipment sales. Exploitation of the flaws could have allowed an attacker to gain access to customer and dealer information.Cyware
June 8, 2023
Ascension Seton Reports Data Breach of Two Websites Impacting User Information Full Text
Abstract
Ascension Seton said it did not have specific details about what information had been affected but that some users’ personal details, such as name, address, SSNs, credit card numbers, and insurance information may be at risk.Cyware
June 6, 2023
Hackers stole around $35 million in Atomic Wallet security breach Full Text
Abstract
Threat actors have stolen more than $35 million from the decentralized cryptocurrency wallet platform Atomic Wallet. Atomic Wallet is a multi-currency cryptocurrency wallet that allows users to securely store, manage, and exchange various digital...Security Affairs
June 6, 2023
British Airways, BBC and Boots were impacted the by Zellis data breach Full Text
Abstract
The BBC and British Airways were both impacted by the data breach suffered by the payroll provider Zellis. As a result of the cyber attack on the payroll provider Zellis, the personal data of employees at the BBC and British Airways has been compromised...Security Affairs
June 5, 2023
Scrubs & Beyond Leaks 400GB of User PII and Card Data in Plain Text Full Text
Abstract
The database was exposed on May 16, 2023. Researchers identified the exposure on May 25, 2023, and since then, the information has remained exposed. Currently, the server holds over 100,000 customer records, totaling 400 GB in size.Cyware
June 2, 2023
Iranian dissidents’ claim of presidential hack likely legitimate, experts say Full Text
Abstract
A trove of documents, images, and videos from the offices of Iranian President Ebrahim Raisi posted online Monday appear to be authentic, cybersecurity experts familiar with the matter told CyberScoop on Wednesday.Cyware
June 2, 2023
Point32Health ransomware attack exposed info of 2.5M people Full Text
Abstract
After the recent ransomware attack, Point32Health disclosed a data breach that impacted 2.5 million Harvard Pilgrim Health Care subscribers. In April, the non-profit health insurer Point32Health took systems offline in response to a ransomware attack...Security Affairs
June 2, 2023
Discord Admins Hacked by Malicious Bookmarks – Krebs on Security Full Text
Abstract
A number of Discord communities focused on cryptocurrency have been hacked this past month after their administrators were tricked into running malicious Javascript code disguised as a Web browser bookmark.Cyware
June 1, 2023
California-based workforce platform Prosperix leaks drivers licenses and medical records Full Text
Abstract
Prosperix leaked nearly 250,000 files. The breach exposed job seekers’ sensitive data, including home addresses and phone numbers. Prosperix, formally Crowdstaffing, calls itself a “workforce innovation” company that develops software solutions...Security Affairs
May 31, 2023
Swiss real estate agency Neho fails to put a password on its systems Full Text
Abstract
A misconfiguration of Swiss real estate agency Neho’s systems exposed sensitive credentials to the public. Neho, a Switzerland-based real estate agency, leaked credentials recently, potentially allowing threat actors to prey on sensitive data about...Security Affairs
May 30, 2023
A database containing 478,000 RaidForums members leaked online Full Text
Abstract
The database of the popular RaidForums hacking forum has been leaked on a new hacking forum, 478,000 members exposed. A database belonging to the now-defunct RaidForums cybercrime platform has been leaked on a new hacking forum called Exposed. The database...Security Affairs
May 29, 2023
Jimbos Protocol Hack Results in Loss of $7.5 Million Worth of Assets Full Text
Abstract
The latest victim of a protocol hack is Jimbos Protocol, a decentralized liquidity platform operating on the Arbitrum system. The attack resulted in a loss of 4,000 Ether (ETH), valued at around $7.5 million during the incident.Cyware
May 29, 2023
Lockbit ransomware attack on MCNA Dental impacts 8.9M individuals Full Text
Abstract
Managed Care of North America (MCNA) Dental disclosed a data breach that impacted more than 8.9 million individuals. Managed Care of North America (MCNA) Dental suffered a data breach that impacted 8,923,662 patients. MCNA Dental is one of the largest...Security Affairs
May 29, 2023
Data Breach at Dental Health Insurer MCNA Affects Nearly Nine Million Patients Full Text
Abstract
The Fort Lauderdale, Florida-based insurance company, said it detected unauthorized access to certain systems on March 6 and discovered that certain systems within the network were infected with malicious code.Cyware
May 28, 2023
Industrial automation giant ABB disclosed data breach after ransomware attack Full Text
Abstract
Swiss electrification and automation technology giant ABB confirmed it has suffered a data breach after a ransomware attack. ABB has more than 105,000 employees and has $29.4 billion in revenue for 2022. On May 7, 2023, the Swiss multinational company,...Security Affairs
May 27, 2023
Medical Specialty Practice Says Recent Hack Affects 224,500 Full Text
Abstract
An upstate New York medical specialty practice told regulators that hackers compromised the personal and protected health information of nearly 224,500 employees and patients in an incident discovered in March.Cyware
May 25, 2023
New PowerExchange Backdoor Used in Iranian Cyber Attack on UAE Government Full Text
Abstract
An unnamed government entity associated with the United Arab Emirates (U.A.E.) was targeted by a likely Iranian threat actor to breach the victim's Microsoft Exchange Server with a "simple yet effective" backdoor dubbed PowerExchange . According to a new report from Fortinet FortiGuard Labs, the intrusion relied on email phishing as an initial access pathway, leading to the execution of a .NET executable contained with a ZIP file attachment. The binary, which masquerades as a PDF document, functions as a dropper to execute the final payload, which then launches the backdoor. PowerExchange, written in PowerShell, employs text files attached to emails for command-and-control (C2) communication. It allows the threat actor to run arbitrary payloads and upload and download files from and to the system. The custom implant achieves this by making use of the Exchange Web Services ( EWS ) API to connect to the victim's Exchange Server and uses a mailbox on the server toThe Hacker News
May 25, 2023
Free VPN Service SuperVPN Exposes 360 Million User Records Full Text
Abstract
The exposed database contained a staggering 360,308,817 records, totaling 133 GB in size. These records included a wide range of sensitive information, including user email addresses, original IP addresses, geolocation data, and server usage records.Cyware
May 25, 2023
China’s Stealthy Hackers Infiltrate U.S. and Guam Critical Infrastructure Undetected Full Text
Abstract
A stealthy China-based group managed to establish a persistent foothold into critical infrastructure organizations in the U.S. and Guam without being detected, Microsoft and the "Five Eyes" nations said on Wednesday. The tech giant's threat intelligence team is tracking the activity, which includes post-compromise credential access and network system discovery, under the name Volt Typhoon . The state-sponsored actor is geared towards espionage and information gathering, with the cluster active since June 2021 and obscuring its intrusion footprint by taking advantage of tools already installed or built into infected machines. Some of the prominent sectors targeted include communications, manufacturing, utility, transportation, construction, maritime, government, information technology, and education. The company further assessed with moderate confidence that the campaign is "pursuing development of capabilities that could disrupt critical communications iThe Hacker News
May 24, 2023
Barracuda Email Security Gateway (ESG) hacked via zero-day bug Full Text
Abstract
Barracuda warned customers that some of its Email Security Gateway (ESG) appliances were breached exploiting a zero-day vulnerability. Network security solutions provider Barracuda warned customers that some of its Email Security Gateway (ESG) appliances...Security Affairs
May 24, 2023
Apria Sends IT Security Breach Notifications to Nearly Two Million People Full Text
Abstract
An "unauthorized third party" broke into "select Apria systems" containing personal information from April 5, 2019, to May 7, 2019, and then a second time from August 27, 2021, to October 10, 2021, according to the alert.Cyware
May 22, 2023
Dish Network says the February ransomware attack impacted +300,000 individuals Full Text
Abstract
Satellite TV giant Dish Network disclosed a data breach after the February ransomware attack and started notifying impacted individuals. The American satellite broadcast provider Dish Network went offline on February 24, 2023, the outage impacted...Security Affairs
May 22, 2023
Update: Dallas under pressure as Royal ransomware group threatens leak Full Text
Abstract
The ransomware attack against Dallas entered a new and all-too-common phase Friday as Royal, the threat actor behind the attack, listed the city on its leak site almost three weeks after the city was first made aware of the attack.Cyware
May 22, 2023
UK Councils Caught in Capita Unsecured AWS Bucket Data Leak Full Text
Abstract
The bad news train keeps rolling for Capita, with more local British councils surfacing to say their data was put on the line by an unsecured AWS bucket, and, separately, pension clients warning of possible data theft in March's mega breach.Cyware
May 19, 2023
Update: Food distributor Sysco says cyberattack potentially leaked 125,000 Social Security numbers Full Text
Abstract
A cyberattack on Sysco, one of the world’s largest food distributors, gave hackers access to the sensitive personal information of more than 125,000 current and former employees.Cyware
May 17, 2023
University admission platform Leverage EDU exposed student passports Full Text
Abstract
The popular university admission platform Leverage EDU leaked almost 240,000 sensitive files, including students’ passports, financial documents, certificates, and exam results. The Cybernews research team discovered that Leverage EDU leaked extremely...Security Affairs
May 15, 2023
PharMerica data breach impacts more than 5.8 million individuals Full Text
Abstract
National pharmacy network PharMerica discloses a data breach that impacted more than 5.8 million individuals. National pharmacy network PharMerica disclosed a data breach that exposed the personal information of 5,815,591 individuals. The incident...Security Affairs
May 15, 2023
Newly identified RA Group compromises companies in U.S. and South Korea with leaked Babuk source code Full Text
Abstract
The group is swiftly expanding its operations. To date, it has compromised three organizations in the U.S. and one in South Korea across several business verticals, including manufacturing, wealth management, insurance providers, and pharmaceuticals.Cyware
May 15, 2023
Illinois Data Breach Exposes Private Information of Medicaid, SNAP, and TANF Recipients Full Text
Abstract
The Illinois Department of Healthcare and Family Services (HFS) and Department of Human Services (IDHS) have disclosed a data breach within the State of Illinois Application for Benefits Eligibility (ABE) system’s Manage My Case (MMC) portal.Cyware
May 15, 2023
PharMerica Discloses Data Breach Impacting 5.8 Million Individuals Full Text
Abstract
PharMerica’s letter does not provide details on the type of cyberattack that it suffered, but it appears that the Money Message ransomware group is responsible for the incident the group started leaking PII and PHI allegedly stolen from PharMerica.Cyware
May 14, 2023
Capita warns customers to assume that their data was stolen Full Text
Abstract
UK outsourcing giant Capita is informing customers that their data may have been stolen in the cyberattack that hit the company in early April. In early April, the UK outsourcing giant Capita confirmed that its staff was locked out of their accounts...Security Affairs
May 13, 2023
Data of 237,000 US government employees breached Full Text
Abstract
The personal information of 237,000 current and former federal government employees has been exposed in a data breach at the U.S. Transportation Department (USDOT), sources briefed on the matter said on Friday.Cyware
May 13, 2023
Personal info of 90k hikers leaked by French tourism company La Malle Postale Full Text
Abstract
La Malle Postale, a transportation company serving hikers on popular hiking trails in France, leaked personal data and private messages of their clients. The Cybernews research team has discovered a data leak on La Malle Postale’s system that exposed...Security Affairs
May 13, 2023
Data of more than 2M Toyota customers exposed in ten years-long data breach Full Text
Abstract
A data breach disclosed by Toyota Motor Corporation exposed info of more than 2 million customers for ten years Toyota Motor Corporation disclosed a data breach that exposed the car-location information of 2,150,000 customers between November 6, 2013,...Security Affairs
May 13, 2023
Discord suffered a data after third-party support agent was hacked Full Text
Abstract
Discord disclosed a data breach, the security breach was caused by the compromise of a third-party support agent's account. Discord, the popular VoIP and instant messaging social platform, disclosed a data breach and is notifying the impacted users....Security Affairs
May 12, 2023
Amtel, LLC dba Connectivity Source Notifies 17,835 Current and Former Employees of Recent Data Breach Full Text
Abstract
On May 10, the firm filed a notice of data breach with the Maine Attorney General after learning that an unauthorized party had gained access to the company’s IT network and accessed sensitive information belonging to current and former employees.Cyware
May 10, 2023
Smashing Pumpkins frontman paid ransom to a hacker who threatened to leak the band’s songs Full Text
Abstract
The frontman of the alternative rock band Smashing Pumpkins, Billy Corgan, revealed that he paid a ransom after a hacker stole the band’s songs and threatened to leak them.Cyware
May 9, 2023
The global food distribution giant Sysco discloses a data breach Full Text
Abstract
Sysco, the global food distribution giant, disclosed a data breach, the compromised data includes customer and employee data. Sysco Corporation is an American multinational corporation involved in marketing and distributing food products, smallwares,...Security Affairs
May 9, 2023
LockBit 3.0 Leaks 600 GB of Data Stolen From Indian Lender Full Text
Abstract
The LockBit 3.0 ransomware group on Monday leaked 600 gigabytes of critical data stolen from Indian lender Fullerton India, two weeks after the group demanded a $3 million ransom from the company.Cyware
May 08, 2023
MSI Data Breach: Private Code Signing Keys Leaked on the Dark Web Full Text
Abstract
The threat actors behind the ransomware attack on Taiwanese PC maker MSI last month have leaked the company's private code signing keys on their dark website. "Confirmed, Intel OEM private key leaked, causing an impact on the entire ecosystem," Alex Matrosov, founder and CEO of firmware security firm Binarly, said in a tweet over the weekend. "It appears that Intel Boot Guard may not be effective on certain devices based on the 11th Tiger Lake, 12th Adler Lake, and 13th Raptor Lake." Present in the leaked data are firmware image signing keys associated with 57 PCs and private signing keys for Intel Boot Guard used on 116 MSI products. The Boot Guard keys from MSI are believed to impact several device vendors, including Intel, Lenovo and Supermicro. Intel Boot Guard is a hardware-based security technology that's designed to protect computers against executing tampered UEFI firmware. The development comes a month after MSI fell victim to a doubleThe Hacker News
May 8, 2023
NextGen Healthcare suffered a data breach that impacted +1 Million individuals Full Text
Abstract
NextGen Healthcare suffered a data breach, the security incident exposed the personal information of approximately 1 million individuals. Healthcare solutions provider NextGen Healthcare suffered a data breach that exposed the personal information...Security Affairs
May 8, 2023
Kenya: Kabarak University ICT Manager suspended as hackers table their demand Full Text
Abstract
Kabarak University's Facebook account was seized by hackers who have been using it to spread malicious and misleading images and content that contravenes the institution’s Christian values and have since tabled their demands.Cyware
May 08, 2023
Western Digital Confirms Customer Data Stolen by Hackers in March Breach Full Text
Abstract
Digital storage giant Western Digital confirmed that an "unauthorized third party" gained access to its systems and stole personal information belonging to the company's online store customers. "This information included customer names, billing and shipping addresses, email addresses and telephone numbers," the San Jose-based company said in a disclosure last week. "In addition, the database contained, in encrypted format, hashed and salted passwords and partial credit card numbers. We will communicate directly with impacted customers." The development comes a little over a month after Western Digital divulged a "network security incident" on March 26, 2023, prompting the company to take its cloud services offline. A subsequent report from TechCrunch last month revealed that the threat actors behind the attack were allegedly in possession of "around 10 terabytes of data," and were negotiating with Western Digital for a rThe Hacker News
May 8, 2023
Western Digital notifies customers of data breach after March cyberattack Full Text
Abstract
Western Digital is notifying its customers of a data breach that exposed their sensitive personal information, the incident took place in March. In March 2022, Western Digital was hit by a ransomware attack and in response to the incident, it shut...Security Affairs
May 8, 2023
One Million Impacted by Data Breach at NextGen Healthcare Full Text
Abstract
Headquartered in Atlanta, Georgia, the company makes and sells electronic health records software and provides doctors and medical professionals with practice management services.Cyware
May 7, 2023
San Bernardino County Sheriff’s Department paid a $1.1M ransom Full Text
Abstract
The San Bernardino County Sheriff’s Department confirmed that it has paid a $1.1-million ransom after the April ransomware attack. The San Bernardino County Sheriff’s Department opted to pay a $1.1-million ransom after a ransomware attack infected...Security Affairs
May 6, 2023
Twitter confirmed that a security incident publicly exposed Circle tweets Full Text
Abstract
A security problem caused the public sharing of private tweets sent to Twitter Circles to users outside of the Circle, the company admitted. Since August 2022, the Twitter Circle feature allows users to send tweets to a restricted circle of users,...Security Affairs
May 05, 2023
Packagist Repository Hacked: Over a Dozen PHP Packages with 500 Million Installs Compromised Full Text
Abstract
PHP software package repository Packagist revealed that an "attacker" gained access to four inactive accounts on the platform to hijack over a dozen packages with over 500 million installs to date. "The attacker forked each of the packages and replaced the package description in composer.json with their own message but did not otherwise make any malicious changes," Packagist's Nils Adermann said . "The package URLs were then changed to point to the forked repositories." The four user accounts are said to have had access to a total of 14 packages, including multiple Doctrine packages. The incident took place on May 1, 2023. The complete list of impacted packages is as follows - acmephp/acmephp acmephp/core acmephp/ssl doctrine/doctrine-cache-bundle doctrine/doctrine-module doctrine/doctrine-mongo-odm-module doctrine/doctrine-orm-module doctrine/instantiator growthbook/growthbook jdorn/file-system-cache jdorn/sql-formatter khanamiryan/The Hacker News
May 3, 2023
Promising Jobs at the U.S. Postal Service, ‘US Job Services’ Website Leaks Customer Data Full Text
Abstract
A sprawling online company based in Georgia that has made tens of millions of dollars purporting to sell access to jobs at the United States Postal Service (USPS) has exposed its internal IT operations and database of nearly 900,000 customers.Cyware
May 1, 2023
Update: UK pension funds warned to check on clients’ data after Capita breach Full Text
Abstract
Capita, the country’s largest outsourcing company, holds contracts to administer the payment systems for pension funds used by more than 4 million individuals in Britain.Cyware
May 1, 2023
T-Mobile suffered the second data breach in 2023 Full Text
Abstract
T-Mobile disclosed the second data breach of 2023, threat actors had access to the personal information of hundreds of customers since February. T-Mobile suffered the second data breach of 2023, threat actors had access to the personal information...Security Affairs
May 1, 2023
DeFi Protocol 0VIX Loses Nearly $2M in Flash-Loan Exploit Full Text
Abstract
A total of 1.45 million USDC, along with other tokens, was stolen before being bridged to the Ethereum mainnet on Stargate Finance, where it was eventually swapped for ether (ETH).Cyware
May 1, 2023
Court Records Expose Private Information for Thousands of Missouri Residents Full Text
Abstract
Documents containing Social Security numbers and other private information for thousands of Missourians are accessible to anyone using the Casenet website, the state’s judicial records system, the Post-Dispatch recently discovered.Cyware
May 1, 2023
Sensitive Data Leaked From Servers Running Salesforce Community Software Full Text
Abstract
Servers running software sold by Salesforce are leaking sensitive data managed by government agencies, banks, and other organizations, according to a post published Friday by KrebsOnSecurity.Cyware
April 29, 2023
Israel: Hackers leak thousands of personal details as Netanyahu’s Facebook account targeted Full Text
Abstract
The Facebook account of Israeli Prime Minister Benjamin Netanyahu was hacked into on Wednesday evening, and the identities and names of tens of thousands of Israelis were leaked, following another cyberattack targeting the country's Atid group.Cyware
April 29, 2023
Hackers are breaking into AT&T email accounts to steal cryptocurrency Full Text
Abstract
AT&T spokesperson Jim Kimberly said that the company “identified the unauthorized creation of secure mail keys, which can be used in some cases to access an email account without needing a password.”Cyware
April 25, 2023
Peugeot leaks access to user information in South America Full Text
Abstract
Peugeot, a French brand of automobiles owned by Stellantis, exposed its users in Peru, a South American country with a population of nearly 34 million. A brand, best known for its lion roaring for over a century, has leaked access to its user data...Security Affairs
April 22, 2023
At least 2 critical infrastructure orgs breached by North Korea-linked hackers behind 3CX attack Full Text
Abstract
North Korea-linked APT group behind the 3CX supply chain attack also broke into two critical infrastructure organizations in the energy sector. Symantec researchers reported that the campaign conducted by North Korea-linked threat actors that included...Security Affairs
April 20, 2023
Multinational ICICI Bank leaks passports and credit card numbers Full Text
Abstract
ICICI Bank leaked millions of records with sensitive data, including financial information and personal documents of the bank's clients. ICICI Bank, an Indian multinational valued at more than $76 billion, has more than 5,000 branches across India...Security Affairs
April 19, 2023
1.2 Million Records and 800 GB of Data From Philippine Police Impacted in Data Breach Full Text
Abstract
A database containing more than 1.2 million police records and 800 GB of information on people who work or applied for employment in law enforcement in the Philippines appears to have been breached, according to a cybersecurity researcher.Cyware
April 18, 2023
Hackers Publish Sensitive Employee Data Stolen During CommScope Ransomware Attack Full Text
Abstract
The North Carolina–based company, which designs and manufactures network infrastructure products for a range of customers, including hospitals, schools, and U.S. federal agencies, was listed on the data leak site of the Vice Society ransomware gang.Cyware
April 18, 2023
DeFi Protocol Hundred Finance Loses $7M in Latest Exploit Full Text
Abstract
Hundred Finance confirmed the exploit on April 15, noting that it had contacted the hacker for negotiations. The platform is also working with security teams to resolve the issue and has urged anyone with information on the incident to reach out.Cyware
April 15, 2023
iPhones Hacked to Drop QuaDream’s KingsPawn Spyware Full Text
Abstract
QuaDream, an Israeli company best known for its malware Reign, has launched the new commercial spyware KingsPawn (a Pegasus-like threat). To begin the attack, iCloud calendar invitations with backdated timestamps are sent to targeted iOS devices. Experts recommend following best practices, suc ... Read MoreCyware
April 15, 2023
Siemens Metaverse exposes sensitive corporate data Full Text
Abstract
Siemens Metaverse, a virtual space built to mirror real machines, factories, and other highly complex systems, has exposed sensitive data, including the company’s office plans and internet of things (IoT) devices. While metaverse is no longer a buzzword,...Security Affairs
April 15, 2023
Volvo retailer leaks sensitive files Full Text
Abstract
The Brazilian retail arm of car manufacturing giant Volvo leaked sensitive files, putting its clientele in the vast South American country in peril. Volvo’s retailer in Brazil, Dimas Volvo, leaked sensitive files through its website. The leaked...Security Affairs
April 14, 2023
Kodi Confirms Data Breach: 400K User Records and Private Messages Stolen Full Text
Abstract
Open source media player software provider Kodi has confirmed a data breach after threat actors stole the company's MyBB forum database containing user data and private messages. What's more, the unknown threat actors attempted to sell the data dump comprising 400,635 Kodi users on the now-defunct BreachForums cybercrime marketplace. "MyBB admin logs show the account of a trusted but currently inactive member of the forum admin team was used to access the web-based MyBB admin console twice: on 16 February and again on 21 February," Kodi said in an advisory. The threat actors then abused the account to create database backups that were then downloaded and deleted. Also downloaded were existing nightly full backups of the database. The account in question has now been disabled. The nightly backups contained all public forum posts, team forum posts, messages sent through the user-to-user messaging system, and user information such as forum username, email aThe Hacker News
April 14, 2023
Kodi discloses data breach after its forum was compromised Full Text
Abstract
Open-source media player software provider Kodi discloses a data breach after threat actors stole its MyBB forum database. Kodi has disclosed a data breach, threat actors have stolen the company's MyBB forum database that contained data for over 400K...Security Affairs
April 12, 2023
A leak of files could be America’s worst intelligence breach in a decade Full Text
Abstract
The leaked files, which include military assessments on the war in Ukraine and CIA reports on a range of global issues, came to widespread attention when some appeared on Telegram, a messaging app widely used in Russia.Cyware
April 12, 2023
Hyundai suffered a data breach that impacted customers in France and Italy Full Text
Abstract
Hyundai disclosed a data breach that impacted Italian and French car owners and clients who booked a test drive. Hyundai has suffered a data breach that impacted Italian and French car owners and customers who booked a test drive. Threat actors...Security Affairs
April 11, 2023
Yum! Brands, the owner of KFC, Taco Bell and Pizza Hut, discloses data breach Full Text
Abstract
Yum! Brands, the company that owns the KFC, Pizza Hut, and Taco Bell brands, disclosed a data breach after the January ransomware attack. On January 13, 2023, Yum! Brands suffered a cyberattack that forced the company to take its systems offline closing...Security Affairs
April 10, 2023
Samsung employees unwittingly leaked company secret data by using ChatGPT Full Text
Abstract
Samsung employees have unwittingly leaked top secret data by providing them to the popular chatbot service ChatGPT. Samsung employees have shared internal documents, including meeting notes and source code, with the popular chatbot service ChatGPT....Security Affairs
April 10, 2023
Data breach at Elmbrook School District exposes personal information about former and current employees Full Text
Abstract
Once it learned of the breach, the district investigated, with the help of cybersecurity professionals. The initial group of employees affected was informed in late September and October 2022, Chief Strategy Officer Chris Thompson said.Cyware
April 10, 2023
Samsung employees unwittingly leaked company’s secret data by using ChatGPT Full Text
Abstract
Samsung Electronics is warning its employees of the potential risks associated with the use of ChatGPT, explaining that there is no way to prevent the leak of the data provided to OpenAI’s chatbot service.Cyware
April 10, 2023
Mastodon Vulnerability Exposes Sensitive Information: Data Leak Alert Full Text
Abstract
The vulnerability has been labeled CVE-2023-28853, with a " high " risk assessment. Mastodon versions from 2.5.0 were affected, but the developers have since closed the security gaps in versions 4.1.2, 4.0.4, and 3.5.8.Cyware
April 7, 2023
MSI confirms security breach after Money Message ransomware attack Full Text
Abstract
Multinational IT corporation MSI (Micro-Star International) confirms security breach after Money Message ransomware gang claimed the hack. This week the ransomware gang Money Message announced to have hacked the Taiwanese multinational IT corporation...Security Affairs
April 7, 2023
Adobe Reset User Passwords as Precaution Against Data Breach Risks Full Text
Abstract
The email states that Adobe has reset the password for the account associated with the users’ Adobe ID, as it may have been compromised in data breaches from other online services.Cyware
April 7, 2023
Hackers leak info on 16,000 Aussie school kids Full Text
Abstract
Hackers have released 16,000 Tasmanian education department documents on the dark web including school children’s personal information, the state government has confirmed.Cyware
April 6, 2023
OCR Labs Exposes Sensitive Credentials Due to Misconfiguration of its Systems Full Text
Abstract
The data leak affected QBANK, Defence Bank, Bloom Money, Admiral Money, MA Money, and Reed. Using leaked data, threat actors could potentially breach banks’ backend infrastructure and consequently the infrastructure of their clients.Cyware
April 6, 2023
OCR Labs exposes its systems, jeopardizing major banking clients Full Text
Abstract
A digital identification tool provided by OCR Labs to major banks and government agencies leaked sensitive credentials, putting clients at severe risk. London-based OCR Labs is a major provider of digital ID verification tools. Its services are used...Security Affairs
April 5, 2023
Tax preparation and e-file service eFile.com compromised to serve malware Full Text
Abstract
The eFile.com online service, which is authorized by the US Internal Revenue Service (IRS), was spotted serving malicious malware to visitors. eFile.com, the personal online tax preparation and e-file service authorized by the US Internal Revenue...Security Affairs
April 5, 2023
Florida Hospital Begins Breach Notification Post-Attack Full Text
Abstract
Tallahassee Memorial HealthCare says its investigation into the February incident determined that an "unauthorized person" had gained access to its computer network and obtained certain files from its systems between January 26 and February 2.Cyware
April 5, 2023
Australia: TAFE data breach uncovered by SA Police Full Text
Abstract
TAFE South Australia has revealed a data breach that was discovered when SA Police seized “devices containing electronic scanned copies of TAFE SA student identification forms”.Cyware
April 3, 2023
Service NSW Breach Exposes Data of Thousands of Customers Full Text
Abstract
An update released to the “My services” dashboard on March 20 resulted in the data breach, Service NSW chief executive officer Greg Wells said in an email to affected customers shared with AAP on Monday.Cyware
April 03, 2023
Western Digital Hit by Network Security Breach - Critical Services Disrupted! Full Text
Abstract
Data storage devices maker Western Digital on Monday disclosed a "network security incident" that involved unauthorized access to its systems. The breach is said to have occurred on March 26, 2023, enabling an unnamed third party to gain access to a "number of the company's systems." Following the discovery of the hack, Western Digital said it has initiated incident response efforts and enlisted the help of cybersecurity and forensic experts to conduct an investigation. It also said it's coordinating with law enforcement agencies on the matter, adding the probe is in its initial stages. The company has taken several of its services offline, noting that the threat actor may have obtained "certain data from its systems" and that it's working on estimating the nature and scope of the data accessed. While Western Digital did not reveal the exact services that are impacted, the My Cloud status page shows that cloud, proxy, web, authenticThe Hacker News
April 1, 2023
LockBit leaks data stolen from the South Korean National Tax Service Full Text
Abstract
The LockBit ransomware gang announced the publishing of data stolen from the South Korean National Tax Service. On March 29, 2023, The Lock Bit ransomware gang announced the hack of the South Korean National Tax Service. The group added the South...Security Affairs
March 29, 2023
Hackers compromise 3CX desktop app in a supply chain attack Full Text
Abstract
A digitally signed and trojanized version of the 3CX Voice Over Internet Protocol (VOIP) desktop client is reportedly being used to target the company's customers in an ongoing supply chain attack.BleepingComputer
March 29, 2023
SafeMoon ‘burn’ bug abused to drain $8.9 million from liquidity pool Full Text
Abstract
The SafeMoon token liquidity pool lost $8.9 million after a hacker exploited a newly created 'burn' smart contract function that artificially inflated the price, allowing the actors to sell SafeMoon at a much higher price.BleepingComputer
March 29, 2023
Australia’s Casino Giant Crown Resorts disclosed data breach after Clop ransomware attack Full Text
Abstract
Australia's gambling and entertainment giant Crown Resorts, disclosed a data breach caused by the exploitation of recently discovered GoAnywhere zero-day. Australian casino giant Crown Resorts disclosed a data breach after the attack of the Cl0p ransomware...Security Affairs
March 28, 2023
Crown Resorts confirms ransom demand after GoAnywhere breach Full Text
Abstract
Crown Resorts, Australia's largest gambling and entertainment company, has confirmed that it suffered a data breach after its GoAnywhere secure file-sharing server was breached using a zero-day vulnerability.BleepingComputer
March 28, 2023
Latitude Financial data breach now impacts 14 million customers Full Text
Abstract
Australian loan giant Latitude Financial Services (Latitude) is warning customers that its data breach is much more significant than initially stated, taking the number of affected individuals from 328,000 to 14 million.BleepingComputer
March 28, 2023
Toyota Italy accidentally leaked sensitive data Full Text
Abstract
Toyota Italy accidentally leaked sensitive data for more than one-and-a-half years, until this March, CyberNews reported. A Japanese multinational accidentally leaked access to its marketing tools, enabling attackers to launch phishing campaigns against...Security Affairs
March 28, 2023
Latitude Data breach is worse than initially estimated. 14 million individuals impacted Full Text
Abstract
Australian loan giant Latitude Financial Services (Latitude) revealed that a data breach its has suffered impacted 14 million customers. The data breach suffered by Latitude Financial Services (Latitude) is much more serious than initially estimated....Security Affairs
March 28, 2023
Crown Resorts says ransomware group claims accessing some of its files Full Text
Abstract
"We were recently contacted by a ransomware group who claimed they have illegally obtained a limited number of Crown files," a spokesperson of the formerly listed firm said in a statement.Cyware
March 27, 2023
Twitter says source code was leaked on GitHub, now it’s trying to find the culprit Full Text
Abstract
Parts of Twitter’s source code were recently leaked online via GitHub, the New York Times reports, but were taken down after the social media platform filed a DMCA request.Cyware
March 26, 2023
OpenAI: A Redis bug caused a recent ChatGPT data exposure incident Full Text
Abstract
OpenAI revealed that a Redis bug was the root cause of the recent exposure of users' personal information and chat titles in ChatGPT service. On Friday, OpenAI revealed that the recent exposure of users' personal information and chat titles in its chatbot...Security Affairs
March 25, 2023
OpenAI Reveals Redis Bug Behind ChatGPT User Data Exposure Incident Full Text
Abstract
OpenAI on Friday disclosed that a bug in the Redis open source library was responsible for the exposure of other users' personal information and chat titles in the upstart's ChatGPT service earlier this week. The glitch , which came to light on March 20, 2023, enabled certain users to view brief descriptions of other users' conversations from the chat history sidebar, prompting the company to temporarily shut down the chatbot. "It's also possible that the first message of a newly-created conversation was visible in someone else's chat history if both users were active around the same time," the company said . The bug, it further added, originated in the redis-py library , leading to a scenario where canceled requests could cause connections to be corrupted and return unexpected data from the database cache, in this case, information belonging to an unrelated user. To make matters worse, the San Francisco-based AI research company said it introduceThe Hacker News
March 25, 2023
Kroger Postal Prescription Services Files Notice of Data Breach Impacting 82,466 Consumers Full Text
Abstract
Upon discovering that sensitive consumer data was made available to an unauthorized party, Kroger Postal Prescription Services began to review the affected files to determine what information was compromised and which consumers were impacted.Cyware
March 24, 2023
Malicious JavaScript Injection Campaign Infects 51,000 Websites Full Text
Abstract
Unit 42 researchers have been tracking a widespread malicious JavaScript (JS) injection campaign that redirects victims to malicious content such as adware and scam pages.Cyware
March 23, 2023
A million at risk from user data leak at Korean beauty platform PowderRoom Full Text
Abstract
South Korean beauty content platform, PowderRoom, has leaked the personal information of nearly one million people. Established in 2003, PowderRoom is a South Korean beauty content platform connecting 3.5 million members and thousands of beauty brands It...Security Affairs
March 23, 2023
Operation Soft Cell: Chinese Hackers Breach Middle East Telecom Providers Full Text
Abstract
Telecommunication providers in the Middle East are the subject of new cyber attacks that commenced in the first quarter of 2023. The intrusion set has been attributed to a Chinese cyber espionage actor associated with a long-running campaign dubbed Operation Soft Cell based on tooling overlaps. "The initial attack phase involves infiltrating Internet-facing Microsoft Exchange servers to deploy web shells used for command execution," researchers from SentinelOne and QGroup said in a new technical report shared with The Hacker News. "Once a foothold is established, the attackers conduct a variety of reconnaissance, credential theft, lateral movement, and data exfiltration activities." Operation Soft Cell, according to Cybereason , refers to malicious activities undertaken by China-affiliated actors targeting telecommunications providers since at least 2012. The Soft Cell threat actor, also tracked by Microsoft as Gallium , is known to target unpatched intThe Hacker News
March 23, 2023
Dole discloses data breach after February ransomware attack Full Text
Abstract
Dole Food Company confirmed that threat actors behind the recent ransomware attack had access to employees' data. Dole Food Company is an Irish agricultural multinational corporation, it is one of the world’s largest producers of...Security Affairs
March 22, 2023
Lionsgate streaming platform with 37m subscribers leaks user data Full Text
Abstract
Entertainment industry giant Lionsgate leaked users' IP addresses and information about what content they watch on its movie-streaming platform, according to research from Cybernews. Original post at https://cybernews.com/security/lionsgate-data-leak/ During...Security Affairs
March 22, 2023
NYC Special Needs Students’ Records Found Exposed on Web Full Text
Abstract
Tens of thousands of documents containing personal information of special education students within New York City's public school system were held in an unsecured database exposed to the internet.Cyware
March 22, 2023
Independent Living Systems data breach impacts more than 4M individuals Full Text
Abstract
US health services company Independent Living Systems (ILS) discloses a data breach that impacted more than 4 million individuals. US health services company Independent Living Systems (ILS) disclosed a data breach that exposed personal and medical...Security Affairs
March 21, 2023
Ferrari confirms data breach after receiving a ransom demand from an unnamed extortion group Full Text
Abstract
Ferrari disclosed a data breach after receiving a ransom demand from an unnamed extortion group that gained access to some of its IT systems. Ferrari disclosed a data breach after it received a ransom demand from an unnamed extortion group that breached...Security Affairs
March 21, 2023
GOP lawmakers want additional details on CMS subcontractor breach timeline Full Text
Abstract
Details of Medicare beneficiaries that were exposed during the incident included names, addresses, dates of birth, phone numbers, social security numbers, and Medicare Beneficiary Identifiers.Cyware
March 20, 2023
Mispadu Banking Trojan Targets Latin America: 90,000+ Credentials Stolen Full Text
Abstract
A banking trojan dubbed Mispadu has been linked to multiple spam campaigns targeting countries like Bolivia, Chile, Mexico, Peru, and Portugal with the goal of stealing credentials and delivering other payloads. The activity, which commenced in August 2022, is currently ongoing, Ocelot Team from Latin American cybersecurity firm Metabase Q said in a report shared with The Hacker News. Mispadu (aka URSA) was first documented by ESET in November 2019, describing its ability to perpetrate monetary and credential theft and act as a backdoor by taking screenshots and capturing keystrokes. "One of their main strategies is to compromise legitimate websites, searching for vulnerable versions of WordPress, to turn them into their command-and-control server to spread malware from there, filtering out countries they do not wish to infect, dropping different type of malware based on the country being infected," researchers Fernando García and Dan Regalado said. It's alsoThe Hacker News
March 20, 2023
After Data Breaches, Lawsuits Hit Two Arkansas Hospitals Full Text
Abstract
Since January, four lawsuits have been filed against both Howard Memorial Hospital of Nashville and against the Mena Hospital Commission, which operates as the Mena Regional Health System.Cyware
March 20, 2023
New Cyber Platform Lab 1 Decodes Dark Web Data to Uncover Hidden Supply Chain Breaches Full Text
Abstract
2022 was the year when inflation hit world economies, except in one corner of the global marketplace – stolen data. Ransomware payments fell by over 40% in 2022 compared to 2021. More organisations chose not to pay ransom demands, according to findings by blockchain firm Chainalysis. Nonetheless, stolen data has value beyond a price tag, and in risky ways you may not expect. Evaluating stolen records is what Lab 1, a new cyber monitoring platform , believes will make a big difference for long-term cybersecurity resilience. Think of data value this way: Stolen credentials can become future phishing attacks Logins for adult websites are potential extortion attempts Travel and location data are a risk to VIPs and senior leadership, And so on… Hackers could retaliate for non-payment by simply posting their loot to forums where the data will be available for further enrichment and exploitation. Shining a light on dark places Even though your company may not have suffered a diThe Hacker News
March 20, 2023
Orlando Family Physicians data breach class action settlement Full Text
Abstract
The settlement benefits consumers who received a data breach notification from Orlando Family Physicians informing them their personal information or protected health information may have been compromised in a data breach on April 15, 2021.Cyware
March 19, 2023
Lowe’s Market chain leaves client data up for grabs Full Text
Abstract
A misconfiguration on a website owned by the US-based Lowe’s Market grocery store chain could have allowed threat actors to gain control of its systems. On February 7, the Cybernews research team discovered a misconfiguration on the Lowe's Market...Security Affairs
March 19, 2023
NBA is warning fans of a data breach after a third-party newsletter service hack Full Text
Abstract
The NBA (National Basketball Association) disclosed a data breach after a third-party firm providing a newsletter service was breached. The NBA (National Basketball Association) is notifying followers of a data breach after a third-party company providing...Security Affairs
March 17, 2023
Hitachi Energy breached by Clop gang through GoAnywhere Zero-Day exploitation Full Text
Abstract
Hitachi Energy disclosed a data breach, the Clop ransomware gang stole the company data by exploiting the recent GoAnywhere zero-day flaw. Hitachi Energy disclosed a data breach, the company was hacked by the Clop ransomware gang that stole its data...Security Affairs
March 17, 2023
Data Breach at Tuscaloosa’s NorthStar Paramedic Services Could Impact 82,000 Patients Full Text
Abstract
On Tuesday, NorthStar Emergency Paramedic Services took to its website to report the problem and mailed physical letters to patients who may have been impacted by the breach. The company said they became aware of the potential intrusion in September.Cyware
March 15, 2023
Key Aerospace Player Safran Group Leaks Sensitive Data Full Text
Abstract
The Cybernews research team recently discovered that the French-based multinational aviation company, the eighth largest aerospace supplier worldwide, was leaking sensitive data due to a misconfiguration of its systems.Cyware
March 15, 2023
Security Firm Rubrik breached by Clop gang through GoAnywhere Zero-Day exploitation Full Text
Abstract
Data security firm Rubrik discloses a data breach, attackers exploited recent GoAnywhere zero-day to steal its data. Cybersecurity firm Rubrik disclosed a data breach, a ransomware group stolen compeny data by exploiting the recently disclosed zero-day...Security Affairs
March 15, 2023
Key aerospace player Safran Group leaks sensitive data Full Text
Abstract
Top aviation company Safran Group left itself vulnerable to cyberattacks, likely for well over a year, underlining how vulnerable big aviation firms are to threat actors, according to research by Cybernews. Original post at https://cybernews.com/security/key-aerospace-player-leaks-sensitive-data/ The...Security Affairs
March 14, 2023
GoBruteforcer: New Golang-Based Malware Breaches Web Servers Via Brute-Force Attacks Full Text
Abstract
A new Golang-based malware dubbed GoBruteforcer has been found targeting web servers running phpMyAdmin, MySQL, FTP, and Postgres to corral the devices into a botnet. "GoBruteforcer chose a Classless Inter-Domain Routing ( CIDR ) block for scanning the network during the attack, and it targeted all IP addresses within that CIDR range," Palo Alto Networks Unit 42 researchers said . "The threat actor chose CIDR block scanning as a way to get access to a wide range of target hosts on different IPs within a network instead of using a single IP address as a target." The malware is mainly designed to single out Unix-like platforms running x86, x64 and ARM architectures, with GoBruteforcer attempting to obtain access via a brute-force attack using a list of credentials hard-coded into the binary. If the attack proves to be successful, an internet relay chat ( IRC ) bot is deployed on the victim server to establish communications with an actor-controlled server.The Hacker News
March 13, 2023
Zoll Medical Discloses Data Breach Impacting One Million Individuals Full Text
Abstract
Medical technology developer Zoll Medical is notifying roughly one million individuals that their personal information might have been compromised in a recent data breach.Cyware
March 12, 2023
Acronis states that only one customer’s account has been compromised. Much ado about nothing Full Text
Abstract
Acronis downplays the severity of the recent security breach explaining that only a single customer’s account was compromised. The CISO of Acronis downplayed a recent intrusion, revealing that only one customer was impacted. This week a threat...Security Affairs
March 10, 2023
Vulnerability Revealed OpenSea NFT Market Users’ Identities Full Text
Abstract
The Imperva Red Team discovered a vulnerability affecting the world’s largest NFT marketplace, OpenSea. It is a cross-site search (XS-Search) vulnerability that can be exploited by an attacker to obtain a user’s identity.Cyware
March 10, 2023 <br {:=”” .fs-4=”” .fw-700=”” .lh-0=”” }=”” <p=”” style=”font-weight:500; margin:0px” markdown=”1”> AT&T is notifying millions of customers of data breach after a third-party vendor hack Full Text
Abstract
AT&T is warning some of its customers that some of their information was exposed after the hack of a third-party vendor's system. AT&T is notifying millions of customers that some of their information was exposed after a third-party vendor...Security Affairs
March 10, 2023 <br {:=”” .fs-4=”” .fw-700=”” .lh-0=”” }=”” <p=”” style=”font-weight:500; margin:0px” markdown=”1”> BMW exposes data of clients in Italy, experts warn Full Text
Abstract
If a malicious hacker were to discover the flaw, they could exploit it to access customer data, steal the company’s source code, and look for other vulnerabilities to exploit.Cyware
March 10, 2023
BMW exposes data of clients in Italy, experts warn Full Text
Abstract
Cybernews researchers discovered that BMW exposed sensitive files that were generated by a framework that BMW Italy relies on. Original post at: https://cybernews.com/security/bmw-exposes-italy-clients/ Hackers have been enjoying their fair share...Security Affairs
March 9, 2023
China-Linked UNC4540 Hackers Infect Unpatched SonicWall Appliances With Info-Stealer Full Text
Abstract
Suspected Chinese cybercriminals have zeroed in on unpatched SonicWall gateways and are infecting the devices with credential-stealing malware that persists through firmware upgrades, according to Mandiant.Cyware
March 8, 2023
Netherlands: Qilin Ransomware Breaches Elderly Care Facility and Leaks Confidential Data Online Full Text
Abstract
The attack occurred on February 17, causing technical difficulties for the facility. The care institution announced the breach via its website and attributed the problem to a group that had gained unauthorized access to its network.Cyware
March 7, 2023
Acer discloses a new data breach, 160 GB of sensitive data available for sale Full Text
Abstract
Taiwanese multinational hardware and electronics corporation Acer discloses a data breach after a threat actor claimed the hack of the company. Recently a threat actor announced the availability for sale of 160 GB of data allegedly stolen...Security Affairs
March 07, 2023
LastPass Hack: Engineer’s Failure to Update Plex Software Led to Massive Data Breach Full Text
Abstract
The massive breach at LastPass was the result of one of its engineers failing to update Plex on their home computer, in what's a sobering reminder of the dangers of failing to keep software up-to-date. The embattled password management service last week revealed how unidentified actors leveraged information stolen from an earlier incident that took place prior to August 12, 2022, along with details "available from a third-party data breach and a vulnerability in a third-party media software package to launch a coordinated second attack" between August and October 2022. The intrusion ultimately enabled the adversary to steal partially encrypted password vault data and customer information. The second attack specifically singled out one of the four DevOps engineers, targeting their home computer with a keylogger malware to obtain the credentials and breach the cloud storage environment. This, in turn, is said to have been made possible by exploiting a nearly three-yThe Hacker News
March 7, 2023
Hacker Claims to Sell 160GB Trove of Stolen Confidential Data From Acer Full Text
Abstract
The list of stolen data included confidential slides and presentations, technical manuals, Windows Imaging Format files, binaries of various types, backend infrastructure data, product model documentation, and information about various devices.Cyware
March 6, 2023
Hatch Bank data breach caused by the exploitation of the GoAnywhere MFT zero-day Full Text
Abstract
Fintech platform Hatch Bank disclosed a data breach, hackers exploited a recently discovered zero-day in Fortra GoAnywhere MFT secure file-sharing platform. Hatch Bank is a fintech firm that provides services to other fintech companies. The company...Security Affairs
March 5, 2023
Play Ransomware gang has begun to leak data stolen from City of Oakland Full Text
Abstract
The Play ransomware gang has finally begun to leak the data stolen from the City of Oakland in a recent attack. The Play ransomware gang has begun to leak data they have stolen from the City of Oakland (California) in a recent cyberattack. Oakland...Security Affairs
March 4, 2023
Thousands of Websites Hijacked Using Compromised FTP Credentials Full Text
Abstract
In many cases, the attackers managed to obtain highly secure auto-generated FTP credentials and used them to hijack the victim websites to redirect visitors to adult-themed content.Cyware
March 4, 2023
BidenCash leaks 2.1M stolen credit/debit cards Full Text
Abstract
The dark web carding site BidenCash recently leaked for free a collection of approximately 2 million stolen payment card numbers. An archive containing 2.1 million stolen payment card numbers is available for free to commemorate the anniversary of the dark...Security Affairs
March 3, 2023
Vice Society publishes data stolen during Vesuvius ransomware attack Full Text
Abstract
The Vice Society ransomware gang has published on the dark web files that it stole from Vesuvius, one month after the company announced that it had suffered a “cyber incident.”Cyware
March 3, 2023
Retailer WH Smith discloses data breach after a cyberattack Full Text
Abstract
Retailer WH Smith disclosed a data breach following a cyber attack, threat actors had access to access company data. Retailer WH Smith revealed that threat actors have breached its infrastructure and had access to the data of about 12,500 current...Security Affairs
March 3, 2023
Information of European Hotel Chain’s Customers Found on Unprotected Elasticsearch Server Full Text
Abstract
An analysis conducted by researcher Anurag Sen at CloudDefense.AI showed that the exposed Falkensteiner customer data was associated with Gustaffo, a company offering IT solutions for the hospitality industry.Cyware
March 2, 2023
BidenCash Market Leaks Two Million Credit Cards in Birthday Blitz Full Text
Abstract
The one-year-old leaked dataset contains card information from all over the world, with a significant number of them issued in the United States, China, Mexico, India, Canada, and the UK.Cyware
March 2, 2023
GunAuction site was hacked and data of 565k accounts were exposed Full Text
Abstract
Hackers compromised the website GunAuction.com, a website that allows people to buy and sell guns, and stole users' data. Hackers have compromised GunAuction.com, a website that allows people to buy and sell guns, TechCrunch reported. The attackers...Security Affairs
March 2, 2023
Canadian book giant says employee data was stolen during ransomware attack Full Text
Abstract
In an undated followup FAQ, Indigo now says employee data was involved in the attack. The Toronto-based company did not respond to requests for comment about how many people were affected.Cyware
March 1, 2023
Video Marketing Software Animker Leaking Trove of User Data Full Text
Abstract
A misconfigured database has exposed test and personal data belonging to over 700,000 users of the websites getshow.io (an all-in-one video marketing platform) and animaker.com (a DIY video animation software).Cyware
February 28, 2023
LastPass Reveals Second Attack Resulting in Breach of Encrypted Password Vaults Full Text
Abstract
LastPass, which in December 2022 disclosed a severe data breach that allowed threat actors to access encrypted password vaults, said it happened as a result of the same adversary launching a second attack on its systems. The company said one of its DevOps engineers had their personal home computer breached and infected with a keylogger as part of a sustained cyber attack that exfiltrated sensitive data from its Amazon AWS cloud storage servers. "The threat actor leveraged information stolen during the first incident, information available from a third-party data breach, and a vulnerability in a third-party media software package to launch a coordinated second attack," the password management service said . This intrusion targeted the company's infrastructure, resources, and one of its employees from August 12, 2022 to October 26, 2022. The original incident, on the other hand, ended on August 12, 2022. The August breach saw the intruders accessing source code andThe Hacker News
February 27, 2023
LastPass: hackers breached the computer of a DevOps engineer in a second attack Full Text
Abstract
Threat actors hacked the home computer of a DevOp engineer, they installed a keylogger as part of a sophisticated cyber attack. Password management software firm LastPass disclosed a “second attack,” a threat actor used data stolen from the August...Security Affairs
February 27, 2023
Threat actors leak Activision employee data on hacking forum Full Text
Abstract
Data allegedly stolen from the American gaming giant Activision in December security breach were leaked on a cybercrime forum. A threat actor leaked on the Breached hacking forum the data allegedly stolen from the gaming giant Activision in December...Security Affairs
February 27, 2023
Stanford University Discloses Data Breach - Ph.D. Admission Data Leaked Full Text
Abstract
This incident occurred due to the misconfiguration of the folder settings, which led to the availability of the 2022-23 application files for admission to the program on the department’s website.Cyware
February 27, 2023
News Corp says hackers first breached its systems between Feb 2020 and Jan 2022 Full Text
Abstract
The attackers compromised one of the company systems and had access to the emails and documents of some employees. Initial investigation into the hack revealed that the attack was carried out by a nation-state actor for cyber espionage purposes.Cyware
February 27, 2023
Pro-Ukraine hackers CH01 defaced tens of Russian websites on the invasion anniversary Full Text
Abstract
A group of hacktivists that goes online with the moniker CH01 defaced at least 32 Russian websites to mark a protest over the one-year anniversary of the Russian invasion. The news was also shared by the collective Anonymous through its accounts.Cyware
February 26, 2023
Pro-Ukraine hackers CH01 defaced tens of Russian websites on the invasion anniversary Full Text
Abstract
The group of hacktivists CH01 defaced at least 32 Russian websites to mark a protest over the one-year anniversary of the Russian invasion A group of hacktivists that goes online with the moniker CH01 defaced at least 32 Russian websites to mark a protest...Security Affairs
February 26, 2023
News Corp says hackers first breached its systems between Feb 2020 and Jan 2022 Full Text
Abstract
The investigation conducted by News Corporation (News Corp) revealed that attackers remained on its network for two years. In February 2022, the American media and publishing giant News Corp revealed it was the victim of a cyber attack from an advanced...Security Affairs
February 24, 2023
Australian Retailer’s Customer Data Compromised at Former Third-Party Supplier Full Text
Abstract
The Good Guys' customer data, including phone numbers and email addresses, have been compromised in a third-party breach that industry observers say is yet another reminder for businesses to scrutinize their suppliers' security practices.Cyware
February 24, 2023
Hutchinson Clinic issues alert concerning December data breach Full Text
Abstract
The clinic said a hacker they labeled “an unauthorized actor” had the ability to acquire information that included names, contact information, Social Security numbers, driver’s license numbers, health insurance information, and physician names.Cyware
February 23, 2023
Trove of L.A. Students’ Mental Health Records Posted to Dark Web After Cyber Hack Full Text
Abstract
The student psychological evaluations, published to a “dark web” leak site by the Russian-speaking ransomware gang Vice Society, offer a startling degree of personally identifiable information.Cyware
February 22, 2023
Hackers Ran Amok Across GoDaddy for Three Years Full Text
Abstract
Internet domain registrar GoDaddy revealed that it has been the victim of a three-year-long campaign that deployed malware on internal systems and pilfered source code. Experts detected that an unauthorized third party had gained access to the company's cPanel hosting servers and installed malware. ... Read MoreCyware
February 21, 2023
Hackers Scored Corporate Giants’ Logins for Asian Data Centers Full Text
Abstract
The information included credentials in varying numbers for some of the world’s biggest companies, including Alibaba Group, Amazon, Apple, BMW AG, Goldman Sachs Group, Huawei Technologies, Microsoft, and Walmart, according to Resecurity.Cyware
February 21, 2023
Coinbase Employee Falls for SMS Scam in Cyber Attack, Limited Data Exposed Full Text
Abstract
Popular cryptocurrency exchange platform Coinbase disclosed that it experienced a cybersecurity attack that targeted its employees. The company said its "cyber controls prevented the attacker from gaining direct system access and prevented any loss of funds or compromise of customer information." The incident, which took place on February 5, 2023, resulted in the exposure of a "limited amount of data" from its directory, including employee names, e-mail addresses, and some phone numbers. As part of the attack, several employees were targeted in an SMS phishing campaign urging them to sign in to their company accounts to read an important message. One employee is said to have fallen for the scam, who entered their username and password in a fake login page set up by the threat actors to harvest the credentials. "After 'logging in,' the employee is prompted to disregard the message and thanked for complying," the company said. "What hapThe Hacker News
February 20, 2023
Indian Ticketing Platform RailYatri Hacked – 31 Million Impacted Full Text
Abstract
The compromised data includes email addresses, full names, genders, phone numbers, and locations, which could put millions of users at risk of identity theft, phishing attacks, and other cybercrimes.Cyware
February 20, 2023
Data Breach Reported At Mount Pleasant Central School District Full Text
Abstract
The breach was announced by Mount Pleasant Central School District Superintendent Peter Giarrizzo on Friday, February 17, who said that several student email passwords may have been compromised by the incident.Cyware
February 20, 2023
QR Code Generator MyQRcode Leaks Users’ Login Data and Addresses Full Text
Abstract
At the time of writing, the total number of impacted customers was 65,000; however, at the time of publishing this article, the number had increased to 67,000, meaning the leak is ongoing.Cyware
February 20, 2023
Phishing scam cost small Ohio city $219,000, finance director his job Full Text
Abstract
The author of the phishing email pretended to be an existing vendor and persuaded the finance worker in the Columbus suburb of Hilliard, Ohio, to change bank-routing information for the vendor.Cyware
February 19, 2023
Hackers disclose Atlassian data after the theft of an employee’s credentials Full Text
Abstract
Atlassian discloses a data leak that was caused by the theft of employee credentials which was used to steal data from a third-party vendor. A group of hackers called SiegedSec recently published on its Telegram channel a JSON file containing data...Security Affairs
February 18, 2023
GoDaddy Discloses Multi-Year Security Breach Causing Malware Installations and Source Code Theft Full Text
Abstract
Web hosting services provider GoDaddy on Friday disclosed a multi-year security breach that enabled unknown threat actors to install malware and siphon source code related to some of its services. The company attributed the campaign to a "sophisticated and organized group targeting hosting services." GoDaddy said in December 2022, it received an unspecified number of customer complaints about their websites getting sporadically redirected to malicious sites, which it later found was due to the unauthorized third party gaining access to servers hosted in its cPanel environment . The threat actor "installed malware causing the intermittent redirection of customer websites," the company said . The ultimate objective of the intrusions, GoDaddy said, is to "infect websites and servers with malware for phishing campaigns, malware distribution, and other malicious activities." In a related 10-K filing with the U.S. Securities and Exchange Commission (SECThe Hacker News
February 18, 2023
WordPress sites backdoored with ad fraud plugin Full Text
Abstract
About 50 WordPress blogs have been backdoored with a plugin called fuser-master. This plugin is being triggered via popunder traffic from a large ad network. The WordPress sites are loaded on a separate page underneath and display a number of ads.Cyware
February 18, 2023
GoDaddy discloses a new data breach Full Text
Abstract
GoDaddy discloses a security breach, threat actors have stolen source code and installed malware on its servers in a long-runing attack. Web hosting company GoDaddy announced that attackers have stolen source code and installed malware on its servers....Security Affairs
February 17, 2023
Atlassian Says Leaked Data Stolen via Third-Party App Full Text
Abstract
A threat group called SiegedSec recently posted a cache of employee and operations information allegedly stolen from software workforce collaboration tool provider Atlassian.Cyware
February 16, 2023
Medibank class action launched after massive hack put private information of millions on dark web Full Text
Abstract
The law firm Baker McKenzie has launched a class action lawsuit against Medibank over the health insurer’s massive cyber attack last year that resulted in the personal details of up to 10 million customers being posted on the dark web.Cyware
February 15, 2023
Community Health Systems data breach caused by GoAnywhere MFT hack Full Text
Abstract
Community Health Systems (CHS) disclosed a data breach, attackers exploited the zero-day vulnerability in Fortra’s GoAnywhere MFT platform. Community Health Systems (CHS) is one of the nation’s leading healthcare providers. CHS operates 79 acute-care...Security Affairs
February 15, 2023
AdSense fraud campaign relies on 10,890 sites that were infected since September 2022 Full Text
Abstract
The threat actors behind a massive AdSense fraud campaign infected 10,890 WordPress sites since September 2022. In November 2022, researchers from security firm Sucuri reported to have tracked a surge in WordPress malware redirecting website visitors...Security Affairs
February 14, 2023
Massive AdSense Fraud Campaign Uncovered - 10,000+ WordPress Sites Infected Full Text
Abstract
The threat actors behind the black hat redirect malware campaign have scaled up their campaign to use more than 70 bogus domains mimicking URL shorteners and infected over 10,800 websites. "The main objective is still ad fraud by artificially increasing traffic to pages which contain the AdSense ID which contain Google ads for revenue generation," Sucuri researcher Ben Martin said in a report published last week. Details of the malicious activity were first exposed by the GoDaddy-owned company in November 2022. The campaign, which is said to have been active since September last year, is orchestrated to redirect visitors to compromised WordPress sites to fake Q&A portals. The goal, it appears, is to increase the authority of spammy sites in search engine results. "It's possible that these bad actors are simply trying to convince Google that real people from different IPs using different browsers are clicking on their search results," Sucuri noted aThe Hacker News
February 14, 2023
Update: BlackCat Leaks Data Belonging to Irish University Full Text
Abstract
The Sunday dump, which appears to include sensitive data including staff medical diagnoses and student bank account information, came days after the Irish High Court issued a temporary injunction prohibiting ransomware attackers from leaking data.Cyware
February 13, 2023
Enigma InfoStealer Steals Sensitive Data From Crypto Firms Full Text
Abstract
Trend Micro spotted an active campaign that leverages a fake employment bait against the cryptocurrency industry in Eastern Europe. Hackers are reportedly deploying Enigma Stealer which is a modified version of the Stealerium information stealer. The infection chain begins with a malicious RAR arch ... Read MoreCyware
February 13, 2023
Hacktivists hacked Iranian State TV during President’s speech on Revolution Day Full Text
Abstract
The Ali’s Justice (Edalat-e Ali) hacker group broke into the State TV broadcast during the President’s speech on Revolution Day. A collective of hackers that calls itself Ali’s Justice (Edalat-e Ali) disrupted the transmission of an Iranian...Security Affairs
February 13, 2023
Medical records for 4,000 Garrison Women’s Health patients lost Full Text
Abstract
Medical records of Garrison Women’s Health patients were recently "subject to unauthorized third-party activity," according to information released Friday evening by Wentworth-Douglass Hospital.Cyware
February 13, 2023
Play Ransomware Lists A10 Networks on Its Leak Site Full Text
Abstract
BetterCyber says that the leak site claims the ransomware group has "private and personal confidential data, a lot of technical documentation, agreements, employee and client documents."Cyware
February 11, 2023
Ransomware crooks steal 3m+ patients’ sensitive info Full Text
Abstract
Several California medical groups have sent security breach notification letters to more than three million patients alerting them that crooks may have stolen a ton of their sensitive health and personal information during a ransomware infection.Cyware
February 10, 2023
Reddit discloses security breach that exposed source code and internal docs Full Text
Abstract
Social news aggregation platform Reddit suffered a security breach, attackers gained unauthorized access to internal documents, code, and some business systems. Reddit announced it was hit by a sophisticated and highly-targeted attack that took place...Security Affairs
February 10, 2023
Reddit Suffers Security Breach Exposing Internal Documents and Source Code Full Text
Abstract
Popular social news aggregation platform Reddit has disclosed that it was the victim of a security incident that enabled unidentified threat actors to gain unauthorized access to internal documents, code, and some unspecified business systems. The company blamed it on a "sophisticated and highly-targeted phishing attack" that took place on February 5, 2023, aimed at its employees. The attack entailed sending out "plausible-sounding prompts" that redirected to a website masquerading as Reddit's intranet portal in an attempt to steal credentials and two-factor authentication (2FA) tokens. A single employee's credentials is said to have been phished in this manner, enabling the threat actor to access Reddit's internal systems. The affected employee self-reported the hack, it further added. The company, however, stressed that there is no evidence to suggest that its production systems were breached or that users' non-public data had been compromiseThe Hacker News
February 9, 2023
AmerisourceBergen Healthcare Company Has Been Breached Full Text
Abstract
The Lorenz gang chose to get inside organizations’ networks by leveraging critical flaws in Mitel telephony systems. After the initial access, the threat actor remains silent for months and then exfiltrates and encrypts files using a backdoor.Cyware
February 8, 2023
Russian e-commerce giant Elevel exposed buyers’ delivery addresses Full Text
Abstract
A leading electrical engineering company in Russia, Elevel, has exposed its customers' personally identifiable information (PII,) including full names and addresses. Original post at https://cybernews.com/privacy/russian-e-commerce-giant-data-leak/ Founded...Security Affairs
February 8, 2023
Researcher compromised the Toyota Supplier Management Network Full Text
Abstract
The infrastructure of Toyota was compromised again, this time its global supplier management network was hacked by a researcher. The security researcher Eaton Zveare has exploited a vulnerability in Toyota’s Global Supplier Preparation Information...Security Affairs
February 7, 2023
Sharp HealthCare Notifies Nearly 63,000 Patients of Data Breach Full Text
Abstract
Sharp HealthCare, San Diego’s largest health provider, announced Monday that it has begun notifying 62,777 of its patients that some of their personal information was compromised during an attack on the computers that run its website, sharp.com.Cyware
February 7, 2023
Anonymous leaked 128GB of data stolen from Russian ISP Convex revealing FSB’s warrantless surveillance Full Text
Abstract
The popular collective Anonymous has leaked 128 GB of data allegedly stolen from the Russian Internet Service Provider Convex. The collective Anonymous released last week 128 gigabytes of documents that were allegedly stolen from the Russian Internet...Security Affairs
February 6, 2023
Update: 110,000 more users affected in LG Uplus’ data breach Full Text
Abstract
On January 10, the nation's third-largest wireless carrier disclosed that the personal data of 180,000 customers, including their names, birth dates, and phone numbers, had been breached.Cyware
February 6, 2023
Mortgage Financial Technologies Company 8Twelve Exposed 717,814 Records Online Full Text
Abstract
Security researcher Jeremiah Fowler together with the Website Planet research team discovered an open and non-password-protected database that contained 717,814 records and the PII of thousands of Canadian citizens.Cyware
February 6, 2023
Truck Brokerage Company FR8 Exposed 140GB of Data Due to Misconfigured Server Full Text
Abstract
According to the IT security researcher Anurag Sen working with Italian cyber security firm FlashStart, the organization has exposed more than 140 gigabytes of data, which is available to the public without any password or security authentication.Cyware
February 5, 2023
Microsoft attributes Charlie Hebdo data leak to Iran-linked NEPTUNIUM APT Full Text
Abstract
Microsoft attributes a recent cyber attack against the satirical French magazine Charlie Hebdo to an Iran-linked NEPTUNIUM APT group. Microsoft’s Digital Threat Analysis Center (DTAC) attributes a recent cyberattacks against the satirical...Security Affairs
February 3, 2023
Update: Data breach at Vice Media involved SSNs, financial info Full Text
Abstract
A data breach involving Vice Media leaked the sensitive information and financial data of more than 1,700 individuals, according to filings with Maine’s Attorney General.Cyware
February 02, 2023
New Threat: Stealthy HeadCrab Malware Compromised Over 1,200 Redis Servers Full Text
Abstract
At least 1,200 Redis database servers worldwide have been corralled into a botnet using an "elusive and severe threat" dubbed HeadCrab since early September 2021. "This advanced threat actor utilizes a state-of-the-art, custom-made malware that is undetectable by agentless and traditional anti-virus solutions to compromise a large number of Redis servers," Aqua security researcher Asaf Eitani said in a Wednesday report. A significant concentration of infections has been recorded in China, Malaysia, India, Germany, the U.K., and the U.S. to date. The origins of the threat actor are presently unknown. The findings come two months after the cloud security firm shed light on a Go-based malware codenamed Redigo that has been found compromising Redis servers. The attack is designed to target Redis servers that are exposed to the internet, followed by issuing a SLAVEOF command from another Redis server that's already under the adversary's control. InThe Hacker News
February 1, 2023
Planet Ice Suffers Hack Resulting in Theft of 240,000 Customers’ Accounts Details Full Text
Abstract
The data from 240,488 customer accounts is now in the hands of hackers, including dates of birth, names, and genders of children having parties, email addresses, IP addresses, passwords, phone numbers, physical addresses, and purchases.Cyware
January 31, 2023
IT Army of Ukraine gained access to a 1.5GB archive from Gazprom Full Text
Abstract
IT Army of Ukraine claims to have breached the infrastructure of the Russian energy giant Gazprom and had access to a 1.5 GB archive. The collective IT Army of Ukraine announced it has gained access to a 1.5 GB archive belonging to the Russian energy...Security Affairs
January 31, 2023
GitHub to revoke stolen code signing certificates for GitHub Desktop and Atom Full Text
Abstract
GitHub confirmed that threat actors exfiltrated encrypted code signing certificates for some versions of GitHub Desktop for Mac and Atom apps. GitHub this week disclosed a security breach, threat actors exfiltrated encrypted code signing certificates...Security Affairs
January 31, 2023
Charter Communications says vendor breach exposed some customer data Full Text
Abstract
Telecommunications company Charter Communications said one of its third-party vendors suffered from a security breach after data from the company showed up on a hacking forum.Cyware
January 31, 2023
GitHub Breach: Hackers Stole Code-Signing Certificates for GitHub Desktop and Atom Full Text
Abstract
GitHub on Monday disclosed that unknown threat actors managed to exfiltrate encrypted code signing certificates pertaining to some versions of GitHub Desktop for Mac and Atom apps. As a result, the company is taking the step of revoking the exposed certificates out of abundance of caution. The following versions of GitHub Desktop for Mac have been invalidated: 3.0.2, 3.0.3, 3.0.4, 3.0.5, 3.0.6, 3.0.7, 3.0.8, 3.1.0, 3.1.1, and 3.1.2. Versions 1.63.0 and 1.63.1 of 1.63.0 of Atom are also expected to stop working as of February 2, 2023, requiring that users downgrade to a previous version (1.60.0) of the source code editor. Atom was officially discontinued in December 2022. GitHub Desktop for Windows is not affected. The Microsoft-owned subsidiary said it detected unauthorized access to a set of repositories, including those from deprecated GitHub-owned organizations, used in the planning and development of GitHub Desktop and Atom on December 7, 2022. The repositories are saidThe Hacker News
January 30, 2023
UK-Based JD Sports Details Data Breach Affecting 10 Million Customers Full Text
Abstract
The company says the breach stems from a system containing customer data "relating to some online orders placed between November 2018 and October 2020" and that customers are at risk from scammers.Cyware
January 30, 2023
JD Sports discloses a data breach impacting 10 million customers Full Text
Abstract
Sports fashion retail JD Sports discloses a data breach that explosed data of about 10M customers who placed orders between 2018 and 2020. UK sports fashion chain JD Sports disclosed a data breach that exposed customer data from orders placed between...Security Affairs
January 26,2023
U.S. Federal Agencies Fall Victim to Cyber Attack Utilizing Legitimate RMM Software Full Text
Abstract
At least two federal agencies in the U.S. fell victim to a "widespread cyber campaign" that involved the use of legitimate remote monitoring and management (RMM) software to perpetuate a phishing scam. "Specifically, cyber criminal actors sent phishing emails that led to the download of legitimate RMM software – ScreenConnect (now ConnectWise Control) and AnyDesk – which the actors used in a refund scam to steal money from victim bank accounts," U.S. cybersecurity authorities said . The joint advisory comes from the Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), and Multi-State Information Sharing and Analysis Center (MS-ISAC). The attacks, which took place in mid-June and mid-September 2022, have financial motivations, although threat actors could weaponize the unauthorized access for conducting a wide range of activities, including selling that access to other hacking crews. Usage of remote software by criminal grouThe Hacker News
January 25,2023
Over 4,500 WordPress Sites Hacked to Redirect Visitors to Sketchy Ad Pages Full Text
Abstract
A massive campaign has infected over 4,500 WordPress websites as part of a long-running operation that's been believed to be active since at least 2017. According to GoDaddy-owned Sucuri, the infections involve the injection of obfuscated JavaScript hosted on a malicious domain named "track[.]violetlovelines[.]com" that's designed to redirect visitors to unwanted sites. The latest operation is said to have been active since December 26, 2022, according to data from urlscan.io. A prior wave seen in early December 2022 impacted more than 3,600 sites, while another set of attacks recorded in September 2022 ensnared more than 7,000 sites. The rogue code is inserted in the WordPress index.php file, with Sucuri noting that it has removed such changes from more than 33,000 files on the compromised sites in the past 60 days. "In recent months, this malware campaign has gradually switched from the notorious fake CAPTCHA push notification scam pages to blackThe Hacker News
January 25, 2023
Zacks Investment Research data breach impacted hundreds of thousands of customers Full Text
Abstract
Zacks Investment Research (Zacks) disclosed a data breach, the security may have exposed the data of 820K customers. Zacks Investment Research (Zacks) disclosed a data breach, the security incident may have affected the personal information of its 820,000...Security Affairs
January 25,2023
LastPass Parent Company GoTo Suffers Data Breach, Customers’ Backups Compromised Full Text
Abstract
LastPass-owner GoTo (formerly LogMeIn) on Tuesday disclosed that unidentified threat actors were able to steal encrypted backups of some customers' data along with an encryption key for some of those backups in a November 2022 incident. The breach, which targeted a third-party cloud storage service, impacted Central, Pro, join.me, Hamachi, and RemotelyAnywhere products, the company said. "The affected information, which varies by product, may include account usernames, salted and hashed passwords, a portion of multi-factor Authentication (MFA) settings, as well as some product settings and licensing information," GoTo's Paddy Srinivasan said . Additionally, MFA settings pertaining to a subset of its Rescue and GoToMyPC customers were impacted, although there is no evidence that the encrypted databases associated with the two services were exfiltrated. The company did not disclose how many users were impacted, but said it's directly contacting the victims toThe Hacker News
January 25, 2023
French rugby club Stade Français leaks source code Full Text
Abstract
Prestigious club Stade Français potentially endangered its fans for over a year after leaking its website’s source code. Stade Français is a professional rugby union club based in Paris. Founded in 1883 and competing in France’s premier rugby...Security Affairs
January 25, 2023
DuoLingo Investigating Dark Web Post Offering Data From 2.6 Million Accounts Full Text
Abstract
A spokesperson for the company said they are aware of the post, which was created on Tuesday morning and offers emails, phone numbers, courses taken, and other information on how customers use the platform.Cyware
January 24, 2023
GoTo revealed that threat actors stole customers’ backups and encryption key for some of them Full Text
Abstract
GoTo is notifying customers that its development environment was breached in November 2022, attackers stole customers' backups and encryption key. GoTo, formerly LogMeIn Inc, is a flexible-work provider of software as a service (SaaS)...Security Affairs
January 23, 2023
Update: Companies Impacted by Recent Mailchimp Breach Start Notifying Customers Full Text
Abstract
Companies affected by the recent Mailchimp data breach have started notifying affected customers. The list includes WooCommerce, FanDuel, Yuga Labs, and the Solana Foundation.Cyware
January 23, 2023
Companies impacted by Mailchimp data breach warn their customers Full Text
Abstract
The recent Mailchimp data breach has impacted multiple organizations, some of them are already notifying their customers. The popular email marketing and newsletter platform Mailchimp recently disclosed a news data breach, the incident exposed the data...Security Affairs
January 23, 2023
Hacktivist Discovered U.S. No Fly List on Unsecured Airline Server Full Text
Abstract
A copy of the No Fly List from 2019 has leaked, uncovered by a Swiss cybersecurity researcher and hacktivist who claims to have discovered it on an unsecured internet server belonging to an airline.Cyware
January 20, 2023
T-Mobile suffered a new data breach, 37 million accounts have been compromised Full Text
Abstract
Bad news for T-Mobile, the company disclosed a new data breach that resulted in the theft of data belonging to 37 customer accounts. T-Mobile suffered a new data breach, threat actor stole the personal information of 37 million current postpaid and prepaid...Security Affairs
January 20, 2023
PayPal notifies 34942 users of data breach over credential stuffing attack Full Text
Abstract
PayPal is sending out data breach notifications to thousands of users because their accounts were compromised through credential stuffing attacks. PayPal announced that 34942 customers' accounts have been compromised between December 6 and December...Security Affairs
January 19, 2023
Mailchimp discloses a new security breach, the second one in 6 months Full Text
Abstract
Popular email marketing and newsletter platform Mailchimp was hacked and the data of dozens of customers were exposed. The popular email marketing and newsletter platform Mailchimp was hacked twice in the past six months. The news of a new security...Security Affairs
January 19,2023
Mailchimp Suffers Another Security Breach Compromising Some Customers’ Information Full Text
Abstract
Popular email marketing and newsletter service Mailchimp has disclosed yet another security breach that enabled threat actors to access an internal support and account admin tool to obtain information about 133 customers. "The unauthorized actor conducted a social engineering attack on Mailchimp employees and contractors, and obtained access to select Mailchimp accounts using employee credentials compromised in that attack," the Intuit-owned company said in a disclosure. The development was first reported by TechCrunch. Mailchimp said it identified the lapse on January 11, 2023, and noted that there is no evidence the unauthorized party breached Intuit systems or other customer information beyond the 133 accounts. It further said the primary contacts for all those affected accounts were notified within 24 hours, and that it has since assisted those users in regaining access to their accounts. The Atlanta-based company, however, did not reveal the duration for whichThe Hacker News
January 18, 2023
FTX says $415 million of crypto was hacked Full Text
Abstract
Bankrupt crypto firm FTX said on Tuesday that $415 million worth of crypto was hacked from the exchange’s accounts, representing a sizable portion of the identified assets the company is trying to recover.Cyware
January 18, 2023
Myrocket HR platform’s data leak turns into privacy nightmare for employees Full Text
Abstract
HR management platform myrocket.co has exposed the personal information of hundreds of thousands of employees and millions of job candidates. Original post at CyberNews On December 12, 2022, the Cybernews research team discovered a publicly accessible...Security Affairs
January 18, 2023
Data Leak at Myrocket HR Platform Turns Into Privacy Nightmare for 200K Employees, 9M Job Candidates Full Text
Abstract
Researchers found about 435,000 payslips, 300 tax filings, 3,800 insurance payment documents, and 21,000 salary sheets belonging to various companies using the HR platform’s services.Cyware
January 16, 2023
Medical Imaging Firm Faces 2 Class Actions in 2022 Breach Full Text
Abstract
Shields Health Care Group, a prominent Massachusetts-based medical imaging services provider, is facing proposed class action lawsuits in federal and state court stemming from a 2022 breach that affected 2 million individuals.Cyware
January 15, 2023
CircleCI says hackers stole encryption keys and customers’ secrets Full Text
Abstract
CircleCi, a software company whose products are popular with developers and software engineers, confirmed that some customers’ data was stolen in a data breach last month.Cyware
January 15, 2023
1.7 TB of data stolen from digital intelligence firm Cellebrite leaked online Full Text
Abstract
1.7 TB of data stolen from Cellebrite, a digital intelligence company that provides tools for law enforcement, were leaked online. The Israeli mobile forensics firm Cellebrite is one of the leading companies in the world in the field of digital...Security Affairs
January 13, 2023
NortonLifeLock: threat actors breached Norton Password Manager accounts Full Text
Abstract
Gen Digital, formerly Symantec Corporation and NortonLifeLock, warns that hackers breached Norton Password Manager accounts. Gen Digital, formerly Symantec Corporation and NortonLifeLock, informed its customers that threat actors have breached Norton...Security Affairs
January 12,2023
IcedID Malware Strikes Again: Active Directory Domain Compromised in Under 24 Hours Full Text
Abstract
A recent IcedID malware attack enabled the threat actor to compromise the Active Directory domain of an unnamed target less than 24 hours after gaining initial access. "Throughout the attack, the attacker followed a routine of recon commands, credential theft, lateral movement by abusing Windows protocols, and executing Cobalt Strike on the newly compromised host," Cybereason researchers said in a report published this week. IcedID , also known by the name BokBot, started its life as a banking trojan in 2017 before evolving into a dropper for other malware , joining the likes of Emotet , TrickBot , Qakbot , Bumblebee , and Raspberry Robin . Attacks involving the delivery of IcedID have leveraged a variety of methods , especially in the wake of Microsoft's decision to block macros from Office files downloaded from the web. The intrusion detailed by Cybereason is no different in that the infection chain begins with an ISO image file contained within a ZIP aThe Hacker News
January 12, 2023
Hundreds of SugarCRM servers infected with critical in-the-wild exploit Full Text
Abstract
For the past two weeks, hackers have been exploiting a critical vulnerability in the SugarCRM software to infect users with malware that gives them full control of their servers.Cyware
January 12, 2023
Twitter: 200M dataset was not obtained through the exploitation of flaws in its systems Full Text
Abstract
Twitter said that its investigation revealed that users' data offered for sale online was not obtained from its systems. Twitter provided an update on its investigation launched after data of 200 Million users were offered for sale online. The company...Security Affairs
January 12,2023
Twitter Denies Hacking Claims, Assures Leaked User Data Not from its System Full Text
Abstract
Twitter on Wednesday said that its investigation found "no evidence" that users' data sold online was obtained by exploiting any security vulnerabilities in its systems. "Based on information and intel analyzed to investigate the issue, there is no evidence that the data being sold online was obtained by exploiting a vulnerability of Twitter systems," the company said in a statement. "The data is likely a collection of data already publicly available online through different sources." The disclosure comes in the wake of multiple reports that Twitter data belonging to millions of users – 5.4 million in November 2022, 400 million in December 2022, and 200 million last week – have been made available for sale on online criminal forums. The social media giant further said the breach "could not be correlated with the previously reported incident, nor with any new incident," adding no passwords were exposed. The two datasets published inThe Hacker News
January 12, 2023
Social marketplace Trustanduse exposes nearly half a million users Full Text
Abstract
Security loopholes on social marketplace website trustanduse.com exposed data of around 439,000 users including many businesses for at least six months. Disclosing personal data on platforms providing digital services is always risky. The Cybernews...Security Affairs
January 12, 2023
Social Marketplace Trustanduse Exposes Nearly Half a Million Users Full Text
Abstract
The discovered database included sensitive data such as usernames, full personal names, Facebook IDs, phone numbers, and passwords hashed with the BCrypt algorithm, which is considered safe.Cyware
January 11, 2023
Data Leak Impacts Information of 10,000 French Social Security Beneficiaries Full Text
Abstract
More than 10,000 beneficiaries of a local branch of the French social security agency CAF, or Family Allowance Fund, saw their data exposed for about 18 months, after a file containing personal information was sent to a service provider.Cyware
January 10, 2023
Pro-Ukraine hackers leak Russian data in hopes someone will make sense of it Full Text
Abstract
American investigative reporter Emma Best, a founder of the whistleblower site Distributed Denial of Secrets (DDoSecrets), told The Record in July that hackers had leaked over 12 million Russian documents to the organization since February.Cyware
January 9, 2023
Airline company Air France-KLM discloses security breach Full Text
Abstract
Airline company Air France-KLM is notifying the customers of its loyalty program Flying Blue of a data breach. Airline company Air France-KLM announced it has suffered a data breach, data belonging to customers of its loyalty program Flying Blue were...Security Affairs
January 7, 2023
Hive Ransomware gang leaked 550 GB stolen from Consulate Health Care Full Text
Abstract
The Hive ransomware gang just leaked 550 GB of data stolen from the Consulate Health Care, including customer and employee PII data. Consulate Health Care is a leading provider of senior healthcare services, specializing in post-acute care. The Hive...Security Affairs
January 06,2023
Rackspace Confirms Play Ransomware Gang Responsible for Recent Breach Full Text
Abstract
Cloud services provider Rackspace on Thursday confirmed that the ransomware gang known as Play was responsible for last month's breach. The security incident, which took place on December 2, 2022, leveraged a previously unknown security exploit to gain initial access to the Rackspace Hosted Exchange email environment. "This zero-day exploit is associated with CVE-2022-41080 ," the Texas-based company said . "Microsoft disclosed CVE-2022-41080 as a privilege escalation vulnerability and did not include notes for being part of a remote code execution chain that was exploitable." Rackspace's forensic investigation found that the threat actor accessed the Personal Storage Table ( .PST ) of 27 customers out of a total of nearly 30,000 customers on the Hosted Exchange email environment. However, the company said there is no evidence the adversary viewed, misused, or distributed the customer's emails or data from those personal storage folders. It furtThe Hacker News
January 5, 2023
Burger Chain Five Guys Discloses Data Breach Impacting Job Applicants Full Text
Abstract
Five Guys appears to have started informing customers on December 29, when it also notified state authorities about the incident. The exposed information includes names, Social Security numbers, and driver’s license numbers.Cyware
January 5, 2023
Slack Says Hackers Stole Private Source Code Repositories Full Text
Abstract
Slack suffered a security incident over the holidays affecting some of its private GitHub repositories. The incident involves threat actors gaining access to its externally hosted GitHub repositories via a "limited" number of stolen employee tokens.Cyware
January 5, 2023
Data of 235 million Twitter users leaked online Full Text
Abstract
A database containing email addresses of 235,000,000 Twitter users has been offered on a popular hacker forum. A data leak containing email addresses for 235 million Twitter users has been published on a popular hacker forum. Many experts have immediately...Security Affairs
January 4, 2023
Database of the Cricketsocial.com platform left open online Full Text
Abstract
CyberNews reported that Cricketsocial.com, a social platform for the cricket community, exposed private customer data and admin credentials. Cricketsocial.com, is a social platform developed for the cricket community online. CyberNews discovered that...Security Affairs
January 4, 2023
Deezer Admits Third-Party Data Breach That Potentially Exposed Over 220 Million Users’ Information Full Text
Abstract
The compromised information included Deezer users’ dates of birth, email addresses, genders, geographic locations, IP addresses, names, spoken languages, and/or usernames.Cyware
January 4, 2023
Singapore-Based Cryptocurrency Firm BitKeep Lost Funds in Recent Hacking Incident Full Text
Abstract
The company, which has not been named in reports, was targeted by skilled cybercriminals who were able to breach the firm’s security systems and gain access to its digital wallets.Cyware
January 3, 2023
Data of 42 Million Americans on the Dark Web - Revealed Research Full Text
Abstract
A report by Jama Network stumbled across the medical information of approximately 42 million Americans being offered on underground marketplaces, since 2016. The study analyzed trends in ransomware attacks on U.S. healthcare institutions between 2016 and 2021. The number of attacks in that period h ... Read MoreCyware
January 2, 2023
PyTorch compromised to demonstrate dependency confusion attack on Python environments Full Text
Abstract
Threat actors compromised the PyTorch Machine Learning Framework by adding a malicious dependency. The maintainers of the PyTorch package warn of a supply chain attack. Users who have installed PyTorch-nightly on Linux via pip between December 25, 2022...Security Affairs
January 2, 2023
3Commas API Database Leaked by Anonymous Hacker Full Text
Abstract
The hack occurred in early December 2022, during which the hacker gained access to the trading service’s system via the Application Programming Interface (API). How they compromised and accessed the platform’s systems is still a mystery.Cyware
January 2, 2023
PyTorch Machine Learning Framework Compromised with Malicious Dependency Full Text
Abstract
The maintainers of the PyTorch package have warned users who have installed the nightly builds of the library between December 25, 2022, and December 30, 2022, to uninstall and download the latest versions following a dependency confusion attack . "PyTorch-nightly Linux packages installed via pip during that time installed a dependency, torchtriton , which was compromised on the Python Package Index (PyPI) code repository and ran a malicious binary," the PyTorch team said in an alert over the weekend. PyTorch, analogous to Keras and TensorFlow, is an open source Python-based machine learning framework that was originally developed by Meta Platforms. The PyTorch team said that it became aware of the malicious dependency on December 30, 4:40 p.m. GMT. The supply chain attack entailed uploading the malware-laced copy of a legitimate dependency named torchtriton to the Python Package Index (PyPI) code repository. Since package managers like pip check public code registrThe Hacker News
December 31, 2022
Personal health information of 42M Americans leaked between 2016 and 2021 Full Text
Abstract
Crooks have had access to the medical records of 42 million Americans since 2016 as the number of hacks on healthcare organizations doubled. Medical records of 42 million Americans are being sold on the dark web since 2016, this information comes...Security Affairs
December 28, 2022
Crypto wallet BitKeep lost over $9M over a cyber attack Full Text
Abstract
Decentralized multi-chain crypto wallet BitKeep lost over $9 Million worth of digital currencies after a cyber attack. BitKeep was the victim of a supply chain attack that resulted in the theft of over $9 Million worth of digital currencies from its customers....Security Affairs
December 28, 2022
Cybersecurity Firm Links Piers Morgan Twitter Hack to Leak of 400m Records Full Text
Abstract
The hacker claimed the data had been “scraped” from Twitter via a “vulnerability” in the site, and “includes emails and phone numbers of celebrities, politicians, companies, normal users, and a lot of OG and special usernames.Cyware
December 26, 2022
Cincinnati State Data Breach Possibly Exposed Social Security Numbers, Other Information Full Text
Abstract
The data included full names, addresses, dates of birth, Social Security numbers, driver’s licenses or state identification numbers, health insurance information, and financial account information, the notice states.Cyware
December 26, 2022
Attackers Bypass 2FA, Takeover Xfinity and other Accounts Full Text
Abstract
A number of Comcast Xfinity customers reported their accounts being hacked despite two-factor authentication being enabled on their accounts. According to a researcher, hackers attempted credential-stuffing attacks on users’ accounts. Criminals also tried to break into victims’ DropBox, Evernote, a ... Read MoreCyware
December 26, 2022
Hacker Claims to Have Scraped 400 Million Twitter User Records Full Text
Abstract
The posting, apparently first noticed by Israeli cyber intelligence firm Hudson Rock, includes alleged private email addresses for three dozen well-known personalities including New York Democratic Rep.Cyware
December 25, 2022
Data of 400 Million Twitter users up for sale Full Text
Abstract
A threat actor is claiming they have obtained data of 400,000,000 Twitter users and is offering it for sale. A threat actor claims they have obtained data of 400,000,000 Twitter users and is attempting to sell it. The seller claims the database...Security Affairs
December 23, 2022
BetMGM discloses security breach impacting 1.5 Million customers Full Text
Abstract
Online sports betting company BetMGM suffered a data breach and threat actors offered for sale a database containing the data of 1.5 million customers. On December 21, the online sports betting company BetMGM disclosed a data breach while threat actors...Security Affairs
December 23, 2022
Massive Twitter data leak investigated by EU privacy watchdog Full Text
Abstract
The Irish Data Protection Commission (DPC) has launched an inquiry following last month's news reports of a massive Twitter data leak.BleepingComputer
December 23, 2022
LastPass revealed that encrypted password vaults were stolen Full Text
Abstract
The data breach suffered by LastPass in August 2022 may have been more severe than previously thought. In August password management software firm LastPass disclosed a security breach, threat actors had access to portions of the company development...Security Affairs
December 23, 2022
Morley Companies data breach $4.3M class action settlement Full Text
Abstract
The settlement class, which has been directly notified of the settlement, is defined as U.S. residents whose data was compromised during the data incident the defendant announced on or about August 1, 2021.Cyware
December 23, 2022
Fertility Centers of Illinois data breach $450K class action settlement Full Text
Abstract
Consumers affected by a data breach in February 2021 filed a class action lawsuit against FCI, arguing that the company should have protected their information through reasonable cybersecurity measures.Cyware
December 22, 2022
Leading sports betting firm BetMGM discloses data breach Full Text
Abstract
Leading sports betting company BetMGM disclosed a data breach after a threat actor stole personal information belonging to an undisclosed number of customers.BleepingComputer
December 22, 2022
Lastpass: Hackers stole customer vault data in cloud storage breach Full Text
Abstract
LastPass revealed today that attackers stole customer vault data after breaching its cloud storage earlier this year using information stolen during an August 2022 incident.BleepingComputer
December 22, 2022
Sports betting operator BetMGM hit by data breach Full Text
Abstract
The issue affected customer information such as name, contact information, date of birth, hashed Social Security number, account identifiers and information related to transactions with BetMGM, the company said.Cyware
December 21, 2022
Okta revealed that its private GitHub repositories were hacked this month Full Text
Abstract
American identity and access management giant Okta revealed that that its private GitHub repositories were hacked this month. Okta revealed that its private GitHub repositories were hacked this month, the news was first reported by BleepingComputer...Security Affairs
December 21, 2022
Shoemaker Ecco leaks over 60GB of sensitive data for 500+ days Full Text
Abstract
CyberNews researchers reported that Ecco, a global shoe manufacturer and retailer, exposed millions of documents. Original post @ https://cybernews.com/security/ecco-leaks-sensitive-data-for-months/ Ecco, a global shoe manufacturer and retailer,...Security Affairs
December 21, 2022
Okta’s source code stolen after GitHub repositories hacked Full Text
Abstract
In a 'confidential' email notification sent by Okta and seen by BleepingComputer, the company states that attackers gained access to its GitHub repositories this month and stole the company's source code.BleepingComputer
December 21, 2022
Antwerp denies negotiating ransomware payment as city disappears from leak site Full Text
Abstract
A listing for the City of Antwerp was removed from the PLAY ransomware group’s leak site this weekend, despite its mayor announcing that the municipality did not pay the gang to unlock its data.Cyware
December 20, 2022
Little Rock School District approves $250K payment in ransomware settlement Full Text
Abstract
While trying to retrieve stolen data from its network, the Little Rock School District’s board voted 6-3 on December 5 to approve a $250,000 settlement that would end a recent ransomware incident.Cyware
December 19, 2022
DraftKings warns data of 67K people was exposed in account hacks Full Text
Abstract
Sports betting company DraftKings revealed last week that more than 67,000 customers had their personal information exposed following a credential attack in November.BleepingComputer
December 18, 2022
Restaurant CRM platform ‘SevenRooms’ confirms breach after data for sale Full Text
Abstract
SevenRooms, a restaurant CRM software and guest manRestaurant customer management platform SevenRooms has confirmed it suffered a data breach after a threat actor began selling stolen data on a hacking forum.agement service provider, has admitted it has suffered a data breach, result of a security incident on one of its vendors.BleepingComputer
December 16, 2022
Social Blade discloses security breach Full Text
Abstract
Social media analytics service Social Blade disclosed a security breach after a database containing allegedly stolen data from the company was offered for sale. Social Blade is an American social media analytics platform, the company disclosed...Security Affairs
December 16, 2022
Data of 5.7M Gemini users available for sale on hacking forums Full Text
Abstract
Gemini crypto exchange warns users of an ongoing phishing campaign after a third-party vendor suffered a security breach. Gemini crypto exchange is warning of phishing campaigns targeting its users after a threat actor obtained their data by breaching...Security Affairs
December 15, 2022
Hackers leak personal info allegedly stolen from 5.7M Gemini users Full Text
Abstract
Gemini crypto exchange announced this week that customers were targeted in phishing campaigns after a threat actor collected their personal information from a third-party vendor.BleepingComputer
December 15, 2022
Database of the FBI’s InfraGard US Critical Infrastructure Intelligence portal available for sale Full Text
Abstract
The portal of the FBI's InfraGard US Critical Infrastructure Intelligence was hacked, and data is available for sale on a cybercrime forum. InfraGard is a partnership between the Federal Bureau of Investigation (FBI) and members of the private sector...Security Affairs
December 15, 2022
Ukrainian govt networks breached via trojanized Windows 10 installers Full Text
Abstract
Ukrainian government entities were hacked in targeted attacks after their networks were first compromised via trojanized ISO files posing as legitimate Windows 10 installers.BleepingComputer
December 15, 2022
Social Blade confirms breach after hacker posts stolen user data Full Text
Abstract
Social media analytics platform Social Blade has confirmed they suffered a data breach after its database was breached and put up for sale on a hacking forum.BleepingComputer
December 14, 2022
Nosey Parker: Find sensitive information in textual data and Git history Full Text
Abstract
Nosey Parker addresses the pervasive problem of secret exposure in source code and configuration files where sensitive information such as passwords, API keys, access tokens, asymmetric private keys, client secrets, and credentials exist.Cyware
December 14, 2022
California hospital breach exposed patients’ Social Security numbers, medical info Full Text
Abstract
A hospital in California’s Riverside County has reported a data breach to its patients including sensitive information like Social Security numbers and the details of medical care following an incident in the fall.Cyware
December 14, 2022
TPG Reveals Emails of 15,000 iiNet and Westnet Customers Exposed in Email Hack Full Text
Abstract
TPG has not said what might have been obtained in the attack, but an investigation is ongoing and affected customers will be advised. It told the ASX the breach didn't affect mobile or broadband services, and access has been cut off for the attacker.Cyware
December 13, 2022
Twitter says recently leaked user data are from 2021 breach Full Text
Abstract
Twitter confirmed that the recent leak of members' profile information resulted from the 2021 data breach disclosed in August 2022. Twitter confirmed that the recent data leak of millions of profiles resulted from the 2021 data breach that the company...Security Affairs
December 12, 2022
Indian foreign ministry’s Global Pravasi Rishta portal leaks expat passport details Full Text
Abstract
The Cybernews research team reported that India’s government platform Global Pravasi Rishta Portal was leaking sensitive user data. Original post @ https://cybernews.com/security/indias-foreign-ministry-leaks-passport-details/ The Global Pravasi...Security Affairs
December 12, 2022
Twitter confirms recent user data leak is from 2021 breach Full Text
Abstract
Twitter confirmed today that the recent leak of millions of members' profiles, including private phone numbers and email addresses, resulted from the same data breach the company disclosed in August 2022.BleepingComputer
December 12, 2022
Uber suffers new data breach after attack on vendor, info leaked online Full Text
Abstract
Uber has suffered a new data breach after a threat actor leaked employee email addresses, corporate reports, and IT asset information stolen from a third-party vendor in a cybersecurity incident.BleepingComputer
December 12, 2022
Data breach of Ontario’s vaccine booking system affects hundreds of thousands, province says Full Text
Abstract
Some 360,000 people will receive notices that their personal information was part of the November 2021 data breach of the COVAXX system, the Ministry of Public and Business Service Delivery said in a statement Friday.Cyware
December 12, 2022
Australian Telecom Firm Leaks Data of 130,000 Unlisted Customers Full Text
Abstract
"We're in the process of communicating to some unlisted customers whose details were incorrectly made available via Directory Assistance or the White Pages," Telstra said in a Friday statement.Cyware
December 9, 2022
CommonSpirit confirms data breach impacts 623K patients Full Text
Abstract
CommonSpirit Health confirmed that the October security breach resulted in the exposure of the personal data of 623,774 patients. In early October, Common Spirit, one of the largest hospital chains in the US, suffered a ransomware cyberattack that...Security Affairs
December 9, 2022
Popular HR and Payroll Company Sequoia Discloses a Data Breach Full Text
Abstract
“An unauthorized party may have accessed a cloud storage system that contained personal information,” the company wrote in the customer and individual disclosures. WIRED reviewed examples of both notifications.Cyware
December 08, 2022
Hacked corporate email accounts used to send MSP remote access tool Full Text
Abstract
MuddyWater hackers, a group associated with Iran's Ministry of Intelligence and Security (MOIS), used compromised corporate email accounts to deliver phishing messages to their targets.BleepingComputer
December 08, 2022
CommonSpirit Health ransomware attack exposed data of 623,000 patients Full Text
Abstract
CommonSpirit Health has confirmed that threat actors accessed the personal data for 623,774 patients during an October ransomware attack.BleepingComputer
December 8, 2022
Update: Patients’ Data at Seven More Hospitals Breached in CommonSpirit Ransomware Attack Full Text
Abstract
Patients of at least seven hospitals in Washington state affiliated with CommonSpirit have been affected by a data breach involving the hospital chain's October ransomware incident.Cyware
December 06, 2022
Amnesty International Canada breached by suspected Chinese hackers Full Text
Abstract
Amnesty International's Canadian branch has disclosed a security breach detected in early October and linked by cybersecurity firm Secureworks, who investigated the incident, to a threat group likely sponsored by China.BleepingComputer
December 5, 2022
DeFi Protocol Ankr Suffers $5 Million Theft; Promises to Reimburse Affected Users Full Text
Abstract
"We will take a snapshot and reissue ankrBNB to all valid aBNBc holders before the exploit. The ankrBNB token will continue to be redeemable, while aBNBc and aBNBb will no longer be redeemable," Ankr said in a tweet after the exploit.Cyware
December 01, 2022
Samsung, LG, Mediatek certificates compromised to sign Android malware Full Text
Abstract
Multiple platform certificates used by Android OEM device vendors to digitally sign core system applications have also been used to sign Android apps containing malware.BleepingComputer
Dec 01, 2022
Hackers Leak Another Set of Medibank Customer Data on the Dark Web Full Text
Abstract
Medibank on Thursday confirmed that the threat actors behind the devastating cyber attack have posted another dump of data stolen from its systems on the dark web after its refusal to pay a ransom. "We are in the process of analyzing the data, but the data released appears to be the data we believed the criminal stole," the Australian health insurer said . "While our investigation continues there are currently no signs that financial or banking data has been taken. And the personal data stolen, in itself, is not sufficient to enable identity and financial fraud. The raw data we have analyzed today so far is incomplete and hard to understand." The leak comes almost a month after the company acknowledged that personal data belonging to around 9.7 million of its current and former customers were accessed following a ransomware incident in October 2022. This includes 5.1 million Medibank customers, 2.8 million ahm customers, and 1.8 million international custThe Hacker News
Dec 01, 2022
LastPass Suffers Another Security Breach; Exposed Some Customers Information Full Text
Abstract
Popular password management service LastPass said it's investigating a second security incident that involved attackers accessing some of its customer information. "We recently detected unusual activity within a third-party cloud storage service, which is currently shared by both LastPass and its affiliate, GoTo," LastPass CEO Karim Toubba said . GoTo, formerly called LogMeIn, acquired LastPass in October 2015. In December 2021, the Boston-based firm announced plans to spin off LastPass as an independent company. The digital break-in resulted in the unauthorized third-party leveraging information obtained following a previous breach in August 2022 to access "certain elements of our customers' information." The August 2022 security event targeted its development environment, leading to the theft of some of its source code and technical information. In September, LastPass revealed the threat actor had access for four days. The scope of the breachThe Hacker News
December 1, 2022
Schoolyard Bully Trojan Steals Facebook Credentials Across 71 Countries via Fake Educational Apps Full Text
Abstract
Disguised as the good guy, these malicious apps known as the “Schoolyard Bully Trojan” are camouflaged as legitimate, educational applications with a wide range of books and topics for their victims to read.Zimperium
December 1, 2022
Lastpass discloses the second security breach this year Full Text
Abstract
LastPass disclosed a new security breach, threat actors had access to its cloud storage using information stolen in the August 2022 breach. Password management solution LastPass disclosed a new security breach, the attackers had access to a third-party...Security Affairs
November 30, 2022
GoTo says hackers breached its dev environment, cloud storage Full Text
Abstract
Remote access and collaboration company GoTo disclosed today that they suffered a security breach where threat actors gained access to their development environment and third-party cloud storage service.BleepingComputer
November 30, 2022
Lastpass says hackers accessed customer data in new breach Full Text
Abstract
LastPass says unknown attackers breached its cloud storage using information stolen during a previous security incident from August 2022.BleepingComputer
November 30, 2022
ENC Security, the encryption provider for Sony and Lexar, leaked sensitive data for over a year Full Text
Abstract
CyberNews experts discovered that ENC Security, a Netherlands software company, had been leaking critical business data since May 2021. Original post at https://cybernews.com/security/encsecurity-leaked-sensitive-data/ When you buy a Sony, Lexar,...Security Affairs
November 30, 2022
Encryption Provider ENC Security Leaked Sensitive Data for Over a Year Due to Security Misconfiguration Full Text
Abstract
The company said a misconfiguration by a third-party supplier caused the issue and fixed it immediately upon notification. The data was accessible from May 27, 2021, up until November 9, 2022.Security Affairs
November 30, 2022
Virginia County Confirms Personal Information Stolen in Ransomware Attack Full Text
Abstract
The county says that it took steps to contain the attack immediately after identifying it, and that it launched an investigation into the incident, to determine the type of data that might have been compromised.Security Week
November 29, 2022
Irish data protection commission fines Meta over 2021 data-scraping leak Full Text
Abstract
Irish data protection commission (DPC) fined Meta for not protecting Facebook's users' data from scraping. Meta has been fined €265 million ($275.5 million) by the Irish data protection commission (DPC) for the data leak suffered by Facebook...Security Affairs
November 29, 2022
Indiana Health Entity Reports Breach Involving Tracking Code Full Text
Abstract
Community Health Network on November 18 reported to the U.S. Department of Health and Human Services an unauthorized access/disclosure breach affecting 1.5 million individuals involving the use of website tracking code.Bank Info Security
November 27, 2022
5.4 million Twitter users’ stolen data leaked online — more shared privately Full Text
Abstract
Over 5.4 million Twitter user records containing non-public information stolen using an API vulnerability fixed in January have been shared for free on a hacker forum. Another massive, potentially more significant, data dump of millions of Twitter records has also been disclosed by a security researcher.BleepingComputer
November 26, 2022
Data from 5.4M Twitter users obtained from multiple threat actors and combined with data from other breaches Full Text
Abstract
The massive data breach suffered by Twitter that exposed emails and phone numbers of its customers may have impacted more than five million users. At the end of July, a threat actor leaked data of 5.4 million Twitter accounts that were obtained...Security Affairs
November 25, 2022
Mobile Numbers of 487 Million WhatsApp Users Available for Sale on Hacking Forum Full Text
Abstract
On November 16, a sales ad was found on a notorious hacking community forum where the threat actor claimed they had fresh data, not older than 2022, from millions of people around the globe.Heimdal Security
November 25, 2022
OSSTF Victim of Ransomware Attack, Notifies Members of Personal Data Compromised Full Text
Abstract
The Ontario Secondary School Teachers’ Federation says it discovered in late May that an “unauthorized third party” accessed and encrypted its systems between May 25 and 30.The Peterborough Examiner
November 25, 2022
Experts investigate WhatsApp data leak: 500M user records for sale Full Text
Abstract
Cybernews investigated a data sample available for sale containing up-to-date mobile phone numbers of nearly 500 million WhatsApp users. Original post published by Cybernews: https://cybernews.com/news/whatsapp-data-leak/ On November 16, an actor...Security Affairs
November 24, 2022
Medical Software Firm Exposes Vulnerable Children’s Sensitive Data Full Text
Abstract
Researchers reviewed a sample of 1,000 records to determine who owned the data and informed them about the exposed database. As per their findings, each record they reviewed had some form of PII related to children.Hackread
November 23, 2022
Personal data of nearly 4,000 people leaked in hack of Radio Free Asia Full Text
Abstract
Radio Free Asia, a U.S. government-sponsored news outlet, announced a breach this week that affected almost 4,000 people – leaking troves of personal information including Social Security and passport numbers, as well as financial data.The Record
November 23, 2022
Belarusian Hacktivist Group Claims to Breach Russia’s Internet and Media Regulator Full Text
Abstract
A unit of the Russian internet and media regulator Roskomnadzor confirmed Saturday that hackers had breached its systems after the Belarusian hacktivist group known as the Cyber Partisans claimed to attack the organization.The Record
November 22, 2022
Hackers breach energy orgs via bugs in discontinued web server Full Text
Abstract
Microsoft said today that security vulnerabilities found to impact a web server discontinued since 2005 have been used to target and compromise organizations in the energy sector.BleepingComputer
November 21, 2022
Apps with over 3 million installs leak ‘Admin’ search API keys Full Text
Abstract
Researchers discovered 1,550 mobile apps leaking Algolia API keys, risking the exposure of sensitive internal services and stored user information.BleepingComputer
November 19, 2022
India’s securities depository CDSL says malware compromised its network Full Text
Abstract
CSDL said it continues to investigate, and that it has so far “no reason to believe that any confidential information or the investor data has been compromised” due to the incident.Tech Crunch
November 17, 2022
Misconfigured Server Exposed PHI of 600,000 Inmates at Kentucky-based CorrectCare Integrated Health Full Text
Abstract
A server misconfiguration at a firm that provides medical claims processing for correctional facilities exposed sensitive information of nearly 600,000 inmates who received medical care during the last decade while incarcerated.Bank Info Security
November 17, 2022
Iran-linked threat actors compromise US Federal Network Full Text
Abstract
Iran-linked threat actors compromised a Federal Civilian Executive Branch organization using a Log4Shell exploit and installed a cryptomining malware. According to a joint advisory published by the FBI and CISA, an Iran-linked APT group compromised...Security Affairs
November 17, 2022
Iranian Hackers Compromised a U.S. Federal Agency’s Network Using Log4Shell Exploit Full Text
Abstract
Iranian government-sponsored threat actors have been blamed for compromising a U.S. federal agency by taking advantage of the Log4Shell vulnerability in an unpatched VMware Horizon server. The details, which were shared by the U.S. Cybersecurity and Infrastructure Security Agency (CISA), come in response to incident response efforts undertaken by the authority from mid-June through mid-July 2022. "Cyber threat actors exploited the Log4Shell vulnerability in an unpatched VMware Horizon server, installed XMRig crypto mining software, moved laterally to the domain controller (DC), compromised credentials, and then implanted Ngrok reverse proxies on several hosts to maintain persistence," CISA noted . LogShell, aka CVE-2021-44228 , is a critical remote code execution flaw in the widely-used Apache Log4j Java-based logging library. It was addressed by the open source project maintainers in December 2021. The latest development marks the continued abuse of the Log4j vThe Hacker News
November 16, 2022
Researchers Discover Hundreds of Amazon RDS Instances Leaking Users’ Personal Data Full Text
Abstract
Hundreds of databases on Amazon Relational Database Service (Amazon RDS) are exposing personal identifiable information (PII), new findings from Mitiga, a cloud incident response company, show. "Leaking PII in this manner provides a potential treasure trove for threat actors – either during the reconnaissance phase of the cyber kill chain or extortionware/ransomware campaigns," researchers Ariel Szarf, Doron Karmi, and Lionel Saposnik said in a report shared with The Hacker News. This includes names, email addresses, phone numbers, dates of birth, marital status, car rental information, and even company logins. Amazon RDS is a web service that makes it possible to set up relational databases in the Amazon Web Services (AWS) cloud. It offers support for different database engines such as MariaDB, MySQL, Oracle, PostgreSQL, and SQL Server. The root cause of the leaks stems from a feature called public RDS snapshots , which allows for creating a backup of the entire daThe Hacker News
November 16, 2022
US govt: Iranian hackers breached federal agency using Log4Shell exploit Full Text
Abstract
The FBI and CISA revealed in a joint advisory published today that an unnamed Iranian-backed threat group hacked a Federal Civilian Executive Branch (FCEB) organization to deploy XMRig cryptomining malware.BleepingComputer
November 16, 2022
NewYork-Presbyterian Hospital Issues Notification of Cybersecurity Incident Full Text
Abstract
Approximately twelve thousand (12,000) patients were affected. Information pertaining to those patients includes first and last names, addresses, insurance authorizations, medical records numbers, and exam results.nyp
November 15, 2022
Researchers Say China State-backed Hackers Breached a Digital Certificate Authority Full Text
Abstract
A suspected Chinese state-sponsored actor breached a digital certificate authority as well as government and defense agencies located in different countries in Asia as part of an ongoing campaign since at least March 2022. Symantec, by Broadcom Software, linked the attacks to an adversarial group it tracks under the name Billbug , citing the use of tools previously attributed to this actor. The activity appears to be driven by espionage and data-theft, although no data is said to have been stolen to date. Billbug , also called Bronze Elgin, Lotus Blossom, Lotus Panda, Spring Dragon , and Thrip , is an advanced persistent threat (APT) group that is believed to operate on behalf of Chinese interests. Primary targets include government and military organizations in South East Asia. Attacks mounted by the adversary in 2019 involved the use of backdoors like Hannotog and Sagerunex , with the intrusions observed in Hong Kong, Macau, Indonesia, Malaysia, the Philippines, and Vietnam.The Hacker News
November 14, 2022
Whoosh confirms data breach after hackers sell 7.2M user records Full Text
Abstract
The Russian scooter-sharing service Whoosh has confirmed a data breach after hackers started to sell a database containing the details of 7.2 million customers on a hacking forum.BleepingComputer
November 14, 2022
Over 15,000 WordPress Sites Compromised in Malicious SEO Campaign Full Text
Abstract
A new malicious campaign has compromised over 15,000 WordPress websites in an attempt to redirect visitors to bogus Q&A portals. "These malicious redirects appear to be designed to increase the authority of the attacker's sites for search engines," Sucuri researcher Ben Martin said in a report published last week, calling it a "clever black hat SEO trick." The search engine poisoning technique is designed to promote a "handful of fake low quality Q&A sites" that share similar website-building templates and are operated by the same threat actor. A notable aspect of the campaign is the ability of the hackers to modify over 100 files per website on average, an approach that contrasts dramatically from other attacks of this kind wherein only a limited number of files are tampered with to reduce footprint and escape detection. Some of the most commonly infected pages consist of wp-signup.php, wp-cron.php, wp-links-opml.php, wp-settings.phpThe Hacker News
November 10, 2022
Attackers Compromise 15,000 Sites for Massive Google SEO Poisoning Campaign Full Text
Abstract
These malicious redirects appear to be designed to increase the authority of the attacker’s sites for search engines. PublicWWW results show nearly 15,000 websites have been affected by this malware so far.Sucuri
November 09, 2022
Medibank warns customers their data was leaked by ransomware gang Full Text
Abstract
Australian health insurance giant Medibank has warned customers that the ransomware group behind last month's breach has started to leak data stolen from its systems.BleepingComputer
November 9, 2022
US States Announce $16M Settlement With Experian, T-Mobile Over Data Breaches Full Text
Abstract
Authorities in 40 US states have reached a settlement totaling more than $16 million with Experian and T-Mobile over data breaches suffered by the companies in 2012 and 2015.Security Week
November 07, 2022
Medibank Refuses to Pay Ransom After 9.7 Million Customers Exposed in Ransomware Hack Full Text
Abstract
Australian health insurer Medibank today confirmed that personal data belonging to around 9.7 million of its current and former customers were accessed following a ransomware incident. The attack , according to the company, was detected in its IT network on October 12 in a manner that it said was "consistent with the precursors to a ransomware event," prompting it to isolate its systems, but not before the attackers exfiltrated the data. "This figure represents around 5.1 million Medibank customers, around 2.8 million ahm customers, and around 1.8 million international customers," Medibank noted . Compromised details include names, dates of birth, addresses, phone numbers, and email addresses, as well as Medicare numbers (but not expiry dates) for ahm customers, and passport numbers (but not expiry dates) and visa details for international student customers. It further said the incident resulted in the theft of health claims data for about 160,000 Medibank cThe Hacker News
November 07, 2022
Experts Find URLScan Security Scanner Inadvertently Leaks Sensitive URLs and Data Full Text
Abstract
Security researchers are warning of "a trove of sensitive information" leaking through urlscan.io, a website scanner for suspicious and malicious URLs. "Sensitive URLs to shared documents, password reset pages, team invites, payment invoices and more are publicly listed and searchable," Positive Security co-founder, Fabian Bräunlein, said in a report published on November 2, 2022. The Berlin-based cybersecurity firm said it started an investigation in the aftermath of a notification sent by GitHub in February 2022 to an unknown number of users about sharing their usernames and private repository names (i.e., GitHub Pages URLs ) to urlscan.io for metadata analysis as part of an automated process. Urlscan.io, which has been described as a sandbox for the web , is integrated into several security solutions via its API . "With the type of integration of this API (for example via a security tool that scans every incoming email and performs a urlscan oThe Hacker News
November 7, 2022
Australian real estate agency Harcourts suffers a data breach Full Text
Abstract
Australian real estate agency Harcourts has revealed it was affected by a cyberattack last month, with the personal information of tenants, landlords, and tradespeople potentially exposed.SBS News
November 7, 2022
Data Breach at IT Support Firm May Impact Health Records of Thousands of School Students in Victoria Full Text
Abstract
Thousands of Victorian students and their families may have had personal data including medical information stolen after a technology company that has contracts with the Victorian government was hacked.The Age
November 4, 2022
AstraZeneca password lapse exposed patient data Full Text
Abstract
Pharmaceutical company AstraZeneca has blamed “user error” for leaving a list of credentials unsecured online for more than a year that exposed access to sensitive patient data.Tech Crunch
November 4, 2022
Victims lose $237,000 amid resurgence in SingPost and Singtel phishing scams: Singapore Police Full Text
Abstract
At least 85 people here have lost about $237,000 since January 2022 after falling victim to phishing scams involving purported e-mails from Singapore Post (SingPost) and telco Singtel.Straits Times
November 2, 2022
API of Website Scan Engine Urlscan.io Unwittingly Leaks Sensitive URLs, Data Full Text
Abstract
In a blog post published today, Positive Security said the urlscan API came to its attention due to an email sent by GitHub in February, warning customers that GitHub Pages URLs had been accidentally leaked via a third party during metadata analysis.The Daily Swig
November 02, 2022
Vodafone Italy discloses data breach after reseller hacked Full Text
Abstract
Vodafone Italia is sending customers notices of a data breach, informing them that one of its commercial partners, FourB S.p.A., who operates as a reseller of the telco's services in the country, has fallen victim to a cyberattack.BleepingComputer
November 2, 2022
Leaked Amazon Prime Video Server Exposed Users Viewing Habits Full Text
Abstract
The exposed database contained 215 million records of pseudonymized viewing data. This includes the name of the movie or show being streamed, the streaming device, and similar internal data such as subscription information and network quality.Hackread
November 2, 2022
Dropbox discloses unauthorized access to 130 GitHub source code repositories Full Text
Abstract
Dropbox disclosed a security breach, threat actors gained unauthorized access to 130 of its source code repositories on GitHub. File hosting service Dropbox announced that threat actors gained unauthorized access to 130 of its source code repositories...Security Affairs
November 02, 2022
Dropbox Breach: Hackers Unauthorizedly Accessed 130 GitHub Source Code Repositories Full Text
Abstract
File hosting service Dropbox on Tuesday disclosed that it was the victim of a phishing campaign that allowed unidentified threat actors to gain unauthorized access to 130 of its source code repositories on GitHub. "These repositories included our own copies of third-party libraries slightly modified for use by Dropbox, internal prototypes, and some tools and configuration files used by the security team," the company revealed in an advisory. The breach resulted in the access of some API keys used by Dropbox developers as well as "a few thousand names and email addresses belonging to Dropbox employees, current and past customers, sales leads, and vendors." It, however, stressed that the repositories did not contain source code related to its core apps or infrastructure. Dropbox, which offers cloud storage, data backup, and document signing services, among others, has over 17.37 million paying users and 700 million registered users as of August 2022 . The diThe Hacker News
November 01, 2022
Dropbox discloses breach after hacker stole 130 GitHub repositories Full Text
Abstract
Dropbox disclosed a security breach after threat actors stole 130 code repositories after gaining access to one of its GitHub accounts using employee credentials stolen in a phishing attack.BleepingComputer
November 1, 2022
Experian tool exposed partial Social Security numbers, putting customers at risk Full Text
Abstract
An Experian product that allows organizations to verify customers’ identity could be exploited to expose partial Social Security numbers, a researcher found through testing several organizations that use the product.CyberScoop
October 31, 2022
Label Printing Giant Multi-Color Corporation Discloses Data Breach Full Text
Abstract
An investigation launched into the incident has revealed that sensitive HR data might have been compromised, including “personnel files and information on enrollment in our benefits programs”.Security Week
October 31, 2022
Hackers selling access to 576 corporate networks for $4 million Full Text
Abstract
A new report shows that hackers are selling access to 576 corporate networks worldwide for a total cumulative sales price of $4,000,000, fueling attacks on the enterprise.BleepingComputer
October 31, 2022
Air New Zealand Faces Cybersecurity Breach, Multiple Accounts Compromised Full Text
Abstract
The breach was an instance of “credential stuffing”, in which scammers used email and password information stolen from another online source to hack into Air NZ Airpoints accounts.Stuff NZ
October 30, 2022
Former British Prime Minister Liz Truss ‘s phone was allegedly hacked by Russian spies Full Text
Abstract
According to the Daily Mail, Former British Prime Minister Liz Truss 's personal phone was hacked by Russian spies. The personal mobile phone of British Prime Minister Liz Truss was hacked by cyber spies suspected of working for the Kremlin, the Daily...Security Affairs
October 29, 2022
Bed Bath & Beyond reviewing possible data breach Full Text
Abstract
Bed Bath & Beyond said that it has no reason to believe that any sensitive or personally identifiable information was accessed and this cybersecurity incident would likely not have a material impact on the company.Yahoo Finance
October 29, 2022
Twilio Reveals Another Breach from the Same Hackers Behind the August Hack Full Text
Abstract
Communication services provider Twilio this week disclosed that it experienced another "brief security incident" in June 2022 perpetrated by the same threat actor behind the August hack that resulted in unauthorized access of customer information. The security event occurred on June 29, 2022, the company said in an updated advisory shared this week, as part of its probe into the digital break-in. "In the June incident, a Twilio employee was socially engineered through voice phishing (or 'vishing') to provide their credentials, and the malicious actor was able to access customer contact information for a limited number of customers," Twilio said . It further said the access gained following the successful attack was identified and thwarted within 12 hours, and that it had alerted impacted customers on July 2, 2022. The San Francisco-based firm did not reveal the exact number of customers impacted by the June incident, and why the disclosure was madeThe Hacker News
October 29, 2022
Twilio discloses another security incident that took place in June Full Text
Abstract
Twilio suffered another brief security incident in June 2022, the attack was conducted by the same threat actor of the August hack. The Communications company Twilio announced that it suffered another "brief security incident" on June 29, 2022,...Security Affairs
October 27, 2022
Thomson Reuters collected and leaked at least 3TB of sensitive data Full Text
Abstract
The multinational media conglomerate Thomson Reuters left a database with sensitive customer and corporate data exposed online Original post at https://cybernews.com/security/thomson-reuters-leaked-terabytes-sensitive-data/ Thomson Reuters, a multinational...Security Affairs
October 27, 2022
Australian Clinical Labs says patient data stolen in ransomware attack Full Text
Abstract
Australian Clinical Labs (ACL) has disclosed a February 2022 data breach that impacted its Medlab Pathology business, exposing the medical records and other sensitive information of 223,000 people.BleepingComputer
October 27, 2022
Australian Health Insurer Medibank Suffers Breach Exposing 3.9 Million Customers’ Data Full Text
Abstract
Australian health insurance firm Medibank on Wednesday disclosed that the personal information of all of its customers had been unauthorizedly accessed following a recent ransomware attack. In an update to its ongoing investigation into the incident, the firm said the attackers had access to "significant amounts of health claims data" as well as personal data belonging to its ahm health insurance subsidiary and international students. Medibank, which is one of the largest Australian private health insurance providers, serves about 3.9 million customers across the country. "We have evidence that the criminal has removed some of this data and it is now likely that the criminal has stolen further personal and health claims data," the company further added. "As a result, we expect that the number of affected customers could grow substantially." The company also said it's continuing its probe to determine what specific data has been stolen in thThe Hacker News
October 26, 2022
See Tickets discloses data breach, customers’ credit card data exposed Full Text
Abstract
International ticketing services company See Tickets disclosed a data breach that exposed customers' payment card details. Ticketing service company See Tickets disclosed a data breach, and threat actors might have accessed customers' payment card...Security Affairs
October 26, 2022
Medibank now says hackers accessed all its customers’ personal data Full Text
Abstract
Australian insurance firm Medibank has confirmed that hackers accessed all of its customers' personal data and a large amount of health claims data during a recent ransomware attack.BleepingComputer
October 25, 2022
See Tickets discloses 2.5 years-long credit card theft breach Full Text
Abstract
Ticketing service provider 'See Tickets' has disclosed a data breach, informing customers that cybercriminals might have accessed their payment card details via a skimmer on its website.BleepingComputer
October 25, 2022
Hive Ransomware Hackers Begin Leaking Data Stolen from Tata Power Energy Company Full Text
Abstract
The Hive ransomware-as-a-service (RaaS) group has claimed responsibility for a cyber attack against Tata Power that was disclosed by the company less than two weeks ago. The incident is said to have occurred on October 3, 2022. The threat actor has also been observed leaking stolen data exfiltrated prior to encrypting the network as part of its double extortion scheme. This allegedly comprises signed client contracts, agreement documents, as well as other sensitive information such as emails, addresses, phone numbers, passport numbers, taxpayer data, among others. The Mumbai-based firm, which is India's largest integrated power company, is part of the Tata Group conglomerate. Tata Power had previously disclosed in a filing with the National Stock Exchange (NSE) of India that an intrusion on the company's IT infrastructure impacted "some of its IT systems." According to further details shared by security researcher Rakesh Krishnan, the leak contains personThe Hacker News
October 25, 2022
Hive claims ransomware attack on Tata Power, begins leaking data Full Text
Abstract
Hive ransomware group has claimed responsibility for a cyber attack disclosed by Tata Power this month. In screenshots seen by BleepingComputer, Hive operators are leaking data they claim to have stolen from Tata Power, indicating the ransom negotiations failed.BleepingComputer
October 24, 2022
Hacktivists ‘Steal’ 100,000 Emails from Iran Nuclear Agency Full Text
Abstract
An activist group that calls itself Black Reward and claims to be from Iran claimed that it had accessed an email server run by a company related to Iran's Atomic Energy Organization and exfiltrated 324 inboxes comprising over 100,000 messages.The Register
October 24, 2022
Iran’s atomic energy agency confirms hack after stolen data leaked online Full Text
Abstract
The Iranian Atomic Energy Organization (AEOI) has confirmed that one of its subsidiaries' email servers was hacked after the ''Black Reward' hacking group published stolen data online.BleepingComputer
October 24, 2022
Data of alleged 2.6m Carousell accounts being sold on Dark Web, hacking forums Full Text
Abstract
The breached database, allegedly containing the information of 2.6 million accounts, is being sold for $1,000. Carousell said that 1.95 million user accounts were affected.Straits Times
October 23, 2022
Hackers stole sensitive data from Iran’s atomic energy agency Full Text
Abstract
Iran’s atomic energy agency claims that alleged state-sponsored hackers have compromised its email system. Iran’s atomic energy agency revealed on Sunday that a nation-state actor had access to a subsidiary’s network and free access to its email...Security Affairs
October 21, 2022
EnergyAustralia Electricity company discloses security breach Full Text
Abstract
Electricity company EnergyAustralia suffered a security breach, threat actors had access to information on 323 customers. Another Australian organization was hit by a severe cyber attack, this time the victim is the Electricity company EnergyAustralia....Security Affairs
October 21, 2022
Microsoft Confirms Server Misconfiguration Led to 65,000+ Companies’ Data Leak Full Text
Abstract
Microsoft this week confirmed that it inadvertently exposed information related to thousands of customers following a security lapse that left an endpoint publicly accessible over the internet sans any authentication. "This misconfiguration resulted in the potential for unauthenticated access to some business transaction data corresponding to interactions between Microsoft and prospective customers, such as the planning or potential implementation and provisioning of Microsoft services," Microsoft said in an alert. Microsoft also emphasized that the B2B leak was "caused by an unintentional misconfiguration on an endpoint that is not in use across the Microsoft ecosystem and was not the result of a security vulnerability." The misconfiguration of the Azure Blob Storage was spotted on September 24, 2022, by cybersecurity company SOCRadar, which termed the leak BlueBleed . Microsoft said it's in the process of directly notifying impacted customers. The WinThe Hacker News
October 21, 2022
Healthcare system Advocate Aurora Health data breach potentially impacted 3M patients Full Text
Abstract
Healthcare system Advocate Aurora Health (AAH) disclosed a data breach that exposed the personal data of 3,000,000 patients. The US-based hospital healthcare system Advocate Aurora Health (AAH) disclosed a data breach that exposed the personal data...Security Affairs
October 20, 2022
BlueBleed: Microsoft confirmed data leak exposing customers’ info Full Text
Abstract
Microsoft disclosed a data leak, sensitive data of some of its customers were exposed by a misconfigured Microsoft server accessible online. Microsoft announced that sensitive data belonging to some of its customers were exposed on the Internet due to a misconfigured...Security Affairs
October 20, 2022
Health system data breach due to Meta Pixel hits 3 million patients Full Text
Abstract
Advocate Aurora Health (AAH), a 26-hospital healthcare system in the states of Wisconsin and Illinois, is notifying its patients of an unintentional data breach that impacts 3,000,000 individuals.BleepingComputer
October 20, 2022
Experts discovered millions of .git folders exposed to public Full Text
Abstract
Nearly two million .git folders containing vital project information are exposed to the public, the Cybernews research team found. Original Post at https://cybernews.com/security/millions-git-folders-exposed/ Git is the most popular open-source,...Security Affairs
October 19, 2022
Microsoft data breach exposes customers’ contact info, emails Full Text
Abstract
Microsoft said today that some of its customers' sensitive information was exposed by a misconfigured Microsoft server accessible over the Internet.BleepingComputer
October 19, 2022
Online Wine Retailer iDealwine Suffered a Data Breach Full Text
Abstract
It has informed its customers that their name, address, telephone number and email address may have been compromised. Customers' credit card/bank information has not been compromised, since it’s not stored on company servers.Help Net Security
October 19, 2022
LockBit Claims 1.4TB of Data Theft from U.K Insurance Firm Full Text
Abstract
The IT team blocked all external access and affected servers were brought offline as soon as the cyberattack became known, but the investigation concluded that business operations have not been impacted.Heimdal Security
October 19, 2022
Hackers Threaten to Release Stolen Medical Data of High-Profile Australians Full Text
Abstract
The unknown hackers claim to have 200 gigabytes of data from Medibank, a private health insurer in Australia that has roughly 3.9 million customers in a country of just 25 million people.Gizmodo
October 18, 2022
Keystone Health Data Breach Impacts 235,000 Patients Full Text
Abstract
In a data breach notification published on its website, Keystone is disclosing a cybersecurity incident identified on August 19 and which has resulted in the disruption of some systems.Security Week
October 18, 2022
Vinomofo Suffers Major Data Breach Full Text
Abstract
Online wine seller Vinomofo has disclosed a major data breach in which an intruder accessed customers’ personal information including names, dates of birth, addresses, and contact details.Sydney Morning Herald
October 18, 2022
Verizon notifies prepaid customers their accounts were breached Full Text
Abstract
Verizon warned an undisclosed number of prepaid customers that attackers gained access to Verizon accounts and used exposed credit card info in SIM swapping attacks.BleepingComputer
October 18, 2022
New Data Leaks Add to Australia’s Data Security Reckoning Full Text
Abstract
Personal data from MyDeal[.]com[.]au, a marketplace owned by Australia's largest grocery chain Woolworths Group, has appeared for sale on a data leak forum. The data breach appears to be legitimate as per Troy Hunt, a data breach expertBank Info Security
October 18, 2022
Hackers compromised Hong Kong govt agency network for a year Full Text
Abstract
Researchers at Symantec have uncovered cyberattacks attributed to the China-linked espionage actor APT41 (a.k.a. Winnti) that breached government agencies in Hong Kong and remained undetected for a year in some cases.BleepingComputer
October 17, 2022
Retail giant Woolworths discloses data breach of MyDeal online marketplace Full Text
Abstract
Australian retail giant Woolworths disclosed a data breach that impacted approximately 2.2 million MyDeal customers. Bad news for the customers of the MyDeal online marketplace, the Australian retail giant Woolworths disclosed a data breach that impacted...Security Affairs
October 17, 2022
MyDeal data breach impacts 2.2M users, stolen data for sale online Full Text
Abstract
Woolworths' MyDeal subsidiary has disclosed a data breach affecting 2.2 million customers, with the hacker trying to sell the stolen data on a hacker forum.BleepingComputer
October 14, 2022
DJI drone tracking data exposed in the US Full Text
Abstract
Over 80,000 drone IDs were exposed in the leak of a database containing information from airspace monitoring devices manufactured by DJI. Original post at CyberNews: https://cybernews.com/privacy/dji-drone-tracking-data-exposed-in-us/ Over 80,000...Security Affairs
October 14, 2022
DJI drone tracking data exposed in the US Full Text
Abstract
Over 80,000 drone IDs were exposed in a data leak after a database containing information from dozens of airspace monitoring devices manufactured by the Chinese-owned DJI was left accessible to the public.Security Affairs
October 14, 2022
Australian police secret agents exposed in Colombian data leak Full Text
Abstract
Identities of secret agents working for the Australian Federal Police (AFP) have been exposed after hackers leaked documents stolen from the Colombian government.BleepingComputer
October 12, 2022
64,000 Additional Patients Impacted by Omnicell Data Breach - What is Your Data Breach Action Plan? Full Text
Abstract
In April 2022, Omnicell reported a data breach affecting nearly 62,000 patients. The company has revealed that the incident has impacted an additional 64,000 individuals. This brings the total number of patients affected to over 126,000. Will you be the next victim like Omnicell? If you are overlooking the importance of data protection, attackers can get you in no time. Explore the impact of the data breach on the healthcare sector and what preventive measures can be taken against such attacks. Omnicell Announced Data Breach Founded in 1992, Omnicell is a leading provider of medication management solutions for hospitals, long-term care facilities, and retail pharmacies. On May 4, 2022, Omnicell's IT systems and third-party cloud services were affected by ransomware attacks which may lead to data security concerns for employees and patients. While it is still early in the investigation, this appears to be a severe breach with potentially significant consequences for theThe Hacker News
October 11, 2022
Toyota discloses accidental leak of some customers’ personal information Full Text
Abstract
Toyota Motor Corporation discloses data leak, customers' personal information may have been exposed after an access key was exposed on GitHub. Toyota Motor Corporation warns customers that their personal information may have been accidentally exposed...Security Affairs
October 10, 2022
Toyota discloses data leak after access key exposed on GitHub Full Text
Abstract
Toyota Motor Corporation is warning that customers' personal information may have been exposed after an access key was publicly available on GitHub for almost five years.BleepingComputer
October 10, 2022
Intel Confirms Leak of Alder Lake BIOS Source Code Full Text
Abstract
Chipmaker Intel has confirmed that proprietary source code related to its Alder Lake CPUs has been leaked, following its release by an unknown third-party on 4chan and GitHub last week. The published content contains Unified Extensible Firmware Interface ( UEFI ) code for Alder Lake , the company's 12th generation processors that was originally launched in November 2021. In a statement shared with Tom's Hardware, Intel said the leak doesn't expose "any new security vulnerabilities as we do not rely on obfuscation of information as a security measure." It's also encouraging the broader security research community to report any potential issues through its bug bounty program , adding it's reaching out to customers to notify them of the matter. Besides the UEFI code, the leaked data dump includes a plethora of files and tools, some of which appear to come from firmware vendor Insyde Software. Exact details surrounding the nature of the hack, incluThe Hacker News
October 10, 2022
Dark web carding site BidenCash gives 1.2M payment cards for free Full Text
Abstract
BidenCash, a popular dark web carding site, released a dump of more than 1.2 million credit cards to promote its service. Operators behind the popular dark web carding market 'BidenCash' have released a dump of 1,221,551 credit cards to promote their...Security Affairs
October 09, 2022
Intel confirms leaked Alder Lake BIOS Source Code is authentic Full Text
Abstract
Intel has confirmed that a source code leak for the UEFI BIOS of Alder Lake CPUs is authentic and has been released by a third party.BleepingComputer
October 08, 2022
ADATA denies RansomHouse cyberattack, says leaked data from 2021 breach Full Text
Abstract
Taiwanese chip maker ADATA denies claims of a RansomHouse cyberattack after the threat actors began posting the company's stolen files on their data leak site.BleepingComputer
October 07, 2022
2K Games warns users their stolen data is now up for sale online Full Text
Abstract
Video game publisher 2K emailed users on Thursday to warn that some of their personal info was stolen and put up for sale online following a September 19 security breach.BleepingComputer
October 7, 2022
Update: 2K warns users their info has been stolen following breach of its help desk Full Text
Abstract
2K warned users to remain on the lookout for suspicious activity across their accounts following a breach last month that allowed a threat actor to obtain email addresses, names, and other sensitive information provided to 2K's support team.ARS Technica
October 6, 2022
City of Tucson Data Breach impacted 123,500 individuals Full Text
Abstract
The City of Tucson, Arizona disclosed a data breach, the incident was discovered in May 2022 and impacted 123,500 individuals. The security breach was discovered at the end of May 2022 and concluded the investigation in September. According to the notification...Security Affairs
October 6, 2022
19-Year-Old man arrested for misusing leaked record from Optus Breach Full Text
Abstract
The Australian Federal Police (AFP) arrested a 19-year-old teen from Sydney for attempting to use data from the Optus data breach in SMS scams. The Australian Federal Police (AFP) has arrested a 19-year-old teen from Sydney for allegedly attempting...Security Affairs
October 6, 2022
“Egypt Leaks” – Hacktivists are Leaking Financial Data Full Text
Abstract
Researchers at cybersecurity firm Resecurity spotted a new group of hacktivists targeting financial institutions in Egypt, Resecurity, a California-based cybersecurity company protecting Fortune 500 corporations globally, has noticed a new group of hacktivists...Security Affairs
October 6, 2022
Former Uber CSO Joe Sullivan found guilty in breach cover-up Full Text
Abstract
A federal jury found Sullivan guilty of obstruction of proceedings of the Federal Trade Commission (FTC) and misprision of a felony in connection with attempting to conceal the Uber breach and pay off the hackers through a bug bounty award.Tech Target
October 05, 2022
Telstra Telecom Suffers Data Breach Potentially Exposing Employee Information Full Text
Abstract
Australia's largest telecommunications company Telstra disclosed that it was the victim of a data breach through a third-party, nearly two weeks after Optus reported a breach of its own. "There has been no breach of Telstra's systems," Narelle Devine, the company's chief information security officer for the Asia Pacific region, said . "And no customer account data was involved." It said the breach targeted a third-party platform called Work Life NAB that's no longer actively used by the company, and that the leaked data posted on the internet concerned a "now-obsolete Telstra employee rewards program." Telstra also noted it became aware of the breach last week, adding the information included first and last names and the email addresses used to sign up for the program. It further clarified that the data posted was from 2017. The data was "basic in nature," Devine said. The company did not reveal how many employees werThe Hacker News
October 5, 2022
Telstra Telecom discloses data breach impacting former and current employees Full Text
Abstract
Bad news for the Australian telecommunications industry, the largest company in the country Telstra suffered a data breach. Australia's largest telecommunications company Telstra disclosed a data breach through a third-party supplier. The company...Security Affairs
October 05, 2022
City of Tucson discloses data breach affecting over 125,000 people Full Text
Abstract
The City of Tucson, Arizona, has disclosed a data breach affecting the personal information of more than 125,000 individuals.BleepingComputer
October 05, 2022
Hundreds of Microsoft SQL servers backdoored with new malware Full Text
Abstract
Security researchers have found a new piece of malware targeting Microsoft SQL servers. Named Maggie, the backdoor has already infected hundreds of machines all over the world.BleepingComputer
October 05, 2022
CommonSpirit US nonprofit health system discloses security incident Full Text
Abstract
CommonSpirit Health, one of the largest nonprofit health systems in the United States, says it took down some of its IT systems because of a security incident that has impacted multiple facilities.BleepingComputer
October 5, 2022
CommonSpirit Health Suffers ‘IT Security Incident’ Impacting Facilities in Multiple Regions Full Text
Abstract
CommonSpirit Health, one of the nation’s largest health systems, said it experienced an “IT security incident” on Monday at an undisclosed number of facilities in multiple regions.Cybersecurity Dive
October 5, 2022
Australian Staff at Security Firm G4S on Alert After Tax Numbers and Bank Details Posted Online Full Text
Abstract
Current and former Australian employees of security firm G4S have been told to be on alert after personal information – including tax file numbers, bank account information, and medical checks – was stolen and posted online in a ransomware attack.The Guardian
October 04, 2022
Optus confirms 2.1 million ID numbers exposed in data breach Full Text
Abstract
Optus confirmed yesterday that 2.1 million customers had government identification numbers compromised during a cyberattack last month.BleepingComputer
October 03, 2022
TD Bank discloses data breach after employee leaks customer info Full Text
Abstract
TD Bank has disclosed a data breach affecting an undisclosed number of customers whose personal information was stolen by a former employee and used to conduct financial fraud.BleepingComputer
October 3, 2022
Update: Optus reveals extent of data breach, but stays mum on how it happened Full Text
Abstract
Of the 9.8 million customers impacted by the data breach, 1.2 million have at least one form of identification number that is valid, says the Singtel-owned Australian operator, adding that it has brought in Deloitte to investigate the breach.ZDNet
October 03, 2022
Russian retail chain ‘DNS’ confirms hack after data leaked online Full Text
Abstract
Russian retail chain 'DNS' (Digital Network System) disclosed yesterday that they suffered a data breach that allegedly exposed the personal information of 16 million customers and employees.BleepingComputer
October 03, 2022
Live support service hacked to spread malware in supply chain attack Full Text
Abstract
The official installer for the Comm100 Live Chat application, a widely deployed SaaS (software-as-a-service) that businesses use for customer communication and website visitors, was trojanized as part of a new supply-chain attack.BleepingComputer
October 3, 2022
Commercial Chat Provider Comm100 Hijacked to Spread Malware in Supply Chain Attack Full Text
Abstract
The attack featured a trojan malware delivered via an installer for Comm100’s Windows Desktop agent software, available on the company website and signed using a valid Comm100 certificate dated September 26, 2022, according to Crowdstrike.The Record
October 1, 2022
Guacamaya hacktivists stole sensitive data from Mexico and Latin American countries Full Text
Abstract
A hacker group called Guacamaya stole classified government information from multiple military and government agencies across several Latin American countries. Among the data stolen by a group of hackers called Guacamaya (macaw in Spanish) there was a huge...Security Affairs
October 1, 2022
Luxury hotel chain Shangri-La suffered a security breach Full Text
Abstract
The Shangri-La hotel group disclosed a data breach, a database containing the personal information of its customers was compromised. The Shangri-La hotel group disclosed a data breach, threat actors had access to a database containing the personal...Security Affairs
September 30, 2022
Optus breach victims will get “supercharged” fraud protection Full Text
Abstract
The Australian Federal Police (AFP) announced today the launch of Operation Guardian which will ensure that more than 10,000 customers who had their personal info leaked in the Optus data breach will get priority protection against fraud attempts.BleepingComputer
September 29, 2022
Update: Optus tells former Virgin Mobile and Gomo customers they could also be part of data breach Full Text
Abstract
Both companies are wholly owned subsidiaries of Optus, with the company shuttering the Virgin brand in 2018, but it was not apparent until now whether these customers would have been caught up in the breach.The Guardian
September 29, 2022
Swachh City Platform Suffers Data Breach Leaking 16 Million User Records Full Text
Abstract
A threat actor by the name of LeakBase has shared a database containing personal information allegedly affecting 16 million users of Swachh City, an Indian complaint redressal platform. Leaked details include usernames, email addresses, password hashes, mobile numbers, one-time passwords, last logged-in times, and IP addresses, among others, according to a report shared by security firm CloudSEK with The Hacker News. The website is currently inaccessible. The Swachhata Platform is part of the Indian government's Swachh Bharat Mission (translated as Clean India Mission) nationwide initiative to "achieve universal sanitation coverage." According to Cyble , the database comprises 101,718 unique email addresses and 15,835,111 unique mobile numbers, putting users at risk of phishing, smishing, social engineering, and identity theft. The cybersecurity firm said that the breach possibly leveraged compromised credentials belonging to administrator and non-administThe Hacker News
September 28, 2022
Auth0 warns that some source code repos may have been stolen Full Text
Abstract
Authentication service provider and Okta subsidiary Auth0 has disclosed what it calls a "security event" involving some of its code repositories.BleepingComputer
September 27, 2022
Defense firm Elbit Systems of America discloses data breach Full Text
Abstract
Elbit Systems of America, a subsidiary of defense giant Elbit Systems, disclosed a data breach after Black Basta ransomware gang claimed to have hacked it. In late June, the Black Basta ransomware gang claimed to have hacked Elbit Systems of America,...Security Affairs
September 27, 2022
Hacker Behind Optus Breach Releases 10,200 Customer Records in Extortion Scheme Full Text
Abstract
The Australian Federal Police (AFP) on Monday disclosed it's working to gather "crucial evidence" and that it's collaborating with overseas law enforcement authorities following the hack of telecom provider Optus. "Operation Hurricane has been launched to identify the criminals behind the alleged breach and to help shield Australians from identity fraud," the AFP said in a statement. The development comes after Optus, Australia's second-largest wireless carrier, disclosed on September 22, 2022, that it was a victim of a cyberattack. It claimed it "immediately shut down the attack" as soon as it came to light. The threat actor behind the breach also briefly released a sample of 10,200 records from the breach – putting those users at heightened risk of fraud – in addition to asking for $1 million as part of an extortion demand. The dataset has since been taken down, with the attacker also claiming to have deleted the only copy of the stoThe Hacker News
September 24, 2022
American Airlines learned it was breached from phishing targets Full Text
Abstract
American Airlines says its Cyber Security Response Team found out about a recently disclosed data breach from the targets of a phishing campaign that was using an employee's hacked Microsoft 365 account.BleepingComputer
September 24, 2022
London Police arrested a teen suspected to be behind Uber, Rockstar Games breaches Full Text
Abstract
The City of London Police this week announced the arrest of a 17-year-old teenager on suspicion of hacking. Is he the Uber hacker? The City of London Police on Friday announced to have arrested a 17-year-old teenager on suspicion of hacking, however,...Security Affairs
September 23, 2022
Australian Telecoms company Optus discloses security breach Full Text
Abstract
Australian telecoms company Optus disclosed a data breach, threat actors gained access to former and current customers. Optus, one of the largest service providers in Australia, disclosed a data breach. The intruders gained access to the personal...Security Affairs
September 21, 2022
Capital One freed from consent order tied to 2019 breach Full Text
Abstract
With the termination of the consent order, Capital One is no longer required to submit quarterly updates detailing its risk management and auditing practices to the OCC, which it was required to do following the discovery of the hack.Cybersecurity Dive
September 21, 2022
Update: Hackers post residents’ data stolen in Suffolk cyberattack Full Text
Abstract
Documents published by a group taking responsibility for the ransomware attack on Suffolk County government include speeding tickets, contracts with county vendors, and a handwritten marriage license from 1908, according to a Newsday review.News Day
September 20, 2022
2K Games says hacked help desk targeted players with malware Full Text
Abstract
American video game publisher 2K has confirmed that its help desk platform was hacked and used to target customers with fake support tickets pushing malware via embedded links.BleepingComputer
September 20, 2022
Uber Blames LAPSUS$ Hacking Group for Recent Security Breach Full Text
Abstract
Uber on Monday disclosed more details related to the security incident that happened last week, pinning the attack on a threat actor it believes is affiliated to the notorious LAPSUS$ hacking group. "This group typically uses similar techniques to target technology companies, and in 2022 alone has breached Microsoft, Cisco, Samsung, NVIDIA, and Okta, among others," the San Francisco-based company said in an update. The financially-motivated extortionist gang was dealt a huge blow in March 2022 when the City of London Police moved to arrest seven suspected LAPSUS$ gang members aged between 16 and 21. Weeks later, two of them were charged for their actions. The hacker behind the Uber breach, an 18-year-old teenager who goes by the moniker Tea Pot, has also claimed responsibility for breaking into video game maker Rockstar Games over the weekend. Uber said it's working with "several leading digital forensics firms" as the company's investigation iThe Hacker News
September 20, 2022
American Airlines disclosed a data breach Full Text
Abstract
American Airlines disclosed a data breach, threat actors had access to an undisclosed number of employee email accounts. American Airlines recently suffered a data breach, threat actors compromised a limited number of employee email accounts. The...Security Affairs
September 20, 2022
2K game support hacked to email RedLine info-stealing malware Full Text
Abstract
Hackers have compromised the support system of American video game publisher 2K and now are sending support tickets to gamers containing the RedLine password-stealing malware.BleepingComputer
September 19, 2022
American Airlines discloses data breach after employee email compromise Full Text
Abstract
American Airlines has notified customers of a recent data breach after attackers compromised an undisclosed number of employee email accounts and gained access to sensitive personal information.BleepingComputer
September 19, 2022
Rockstar Games Confirms Hacker Stole Early Grand Theft Auto VI Footage Full Text
Abstract
American video game publisher Rockstar Games on Monday revealed it was a victim of a "network intrusion" that allowed an unauthorized party to illegally download early footage for the Grand Theft Auto VI. "At this time, we do not anticipate any disruption to our live game services nor any long-term effect on the development of our ongoing projects," the company said in a notice shared on its social media handles. The company said that the third-party accessed "confidential information from our systems," although it's not immediately clear if it involved any other data beyond the game footage. The trove of data, contains some 90 videos of clips from the game, leaked over the weekend on GTAForums by a user with an alias "teapotuberhacker," hinting that the party is also the same person responsible for the recent Uber breach . The Uber hacker, who is going by the name Tea Pot , is believed to be an 18-year-old teenager. No other deThe Hacker News
September 19, 2022
Revolut security breach: data of +50,000 users exposed Full Text
Abstract
Revolut has suffered a cyberattack, threat actors have had access to personal information of tens of thousands of customers. The financial technology company Revolut suffered a 'highly targeted' cyberattack over the weekend, threat actors had access...Security Affairs
September 19, 2022
Alleged Grand Theft Auto 6 (GTA6) gameplay videos and source code leaked online Full Text
Abstract
Threat actors leaked source code and gameplay videos of Grand Theft Auto 6 (GTA6) after they have allegedly breached Rockstar Game. Threat actors allegedly compromised Rockstar Game's Slack server and Confluence wiki and leaked Grand Theft Auto 6 gameplay...Security Affairs
September 19, 2022
Uber links breach to Lapsus$ group, blames contractor for hack Full Text
Abstract
Uber believes the hacker behind last week's breach is affiliated with the Lapsus$ extortion group, known for breaching other high-profile tech companies such as Microsoft, Cisco, Nvidia, Samsung, and Okta.BleepingComputer
September 19, 2022
Revolut hack exposes data of 50,000 users, fuels new phishing wave Full Text
Abstract
Revolut is sending out notices of a data breach to a small percentage of impacted users, informing them of a security incident where an unauthorized third party accessed internal data.BleepingComputer
September 19, 2022
ClearBalance data breach class action settlement Full Text
Abstract
The settlement benefits a nationwide Class of individuals whose personal identifying information was compromised in the CSI Financial Services data breach between March 8, 2021, and April 26, 2021.Top Class Actions
September 19, 2022
San Dieguito High School 1.75M Data Breach Settlement Full Text
Abstract
The settlement benefits individuals who had an Aeries account through the San Dieguito Union High School District during the Aeries Software data breach around November 4, 2019.Top Class Actions
September 18, 2022
GTA 6 source code and videos leaked after Rockstar Games hack Full Text
Abstract
Grand Theft Auto 6 gameplay videos and source code have been leaked after a hacker allegedly breached Rockstar Game's Slack server and Confluence wiki.BleepingComputer
September 18, 2022
Uber says there is no evidence that users’ private information was compromised Full Text
Abstract
Uber hack update: There is no evidence that users' private information was compromised in the data breach. Uber provided an update regarding the recent security breach of its internal computer systems, the company confirmed that there is no evidence...Security Affairs
September 17, 2022
Uber Claims No Sensitive Data Exposed in Latest Breach… But There’s More to This Full Text
Abstract
Uber, in an update, said there is "no evidence" that users' private information was compromised in a breach of its internal computer systems that was discovered late Thursday. "We have no evidence that the incident involved access to sensitive user data (like trip history)," the company said . "All of our services including Uber, Uber Eats, Uber Freight, and the Uber Driver app are operational." The ride-hailing company also said it's brought back online all the internal software tools it took down previously as a precaution, reiterating it's notified law enforcement of the matter. It's not immediately clear if the incident resulted in the theft of any other information or how long the intruder was inside Uber's network. Uber has not provided more specifics of how the incident played out beyond saying its investigation and response efforts are ongoing. But independent security researcher Bill Demirkapi characterized Uber's &quThe Hacker News
September 17, 2022
LastPass revealed that intruders had internal access for four days during the August hack Full Text
Abstract
The Password management solution LastPass revealed that the threat actors had access to its systems for four days during the August hack. Password management solution LastPass shared more details about the security breach that the company suffered...Security Affairs
September 17, 2022
New York ambulance service discloses data breach after ransomware attack Full Text
Abstract
Empress EMS (Emergency Medical Services), a New York-based emergency response and ambulance service provider, has disclosed a data breach that exposed customer information.BleepingComputer
September 17, 2022
Hackers Had Access to LastPass’s Development Systems for Four Days Full Text
Abstract
Password management solution LastPass shared more details pertaining to the security incident last month, disclosing that the threat actor had access to its systems for a four-day period in August 2022. "There is no evidence of any threat actor activity beyond the established timeline," LastPass CEO Karim Toubba said in an update shared on September 15, adding, "there is no evidence that this incident involved any access to customer data or encrypted password vaults." LastPass in late August revealed that a breach targeting its development environment resulted in the theft of some of its source code and technical information, although no further specifics were offered. The company, which said it completed the probe into the hack in partnership with incident response firm Mandiant, said the access was achieved using a developer's compromised endpoint. While the exact method of initial entry remains "inconclusive," LastPass noted the adversaryThe Hacker News
September 16, 2022
Uber hacked, internal systems and confidential documents were allegedly compromised Full Text
Abstract
Uber on Thursday disclosed a security breach, threat actors gained access to its network, and stole internal documents. Uber on Thursday suffered a cyberattack, the attackers were able to penetrate its internal network and access internal documents,...Security Affairs
September 16, 2022
Uber Says It’s Investigating a Potential Breach of Its Computer Systems Full Text
Abstract
Ride hailing giant Uber disclosed Thursday it's responding to a cybersecurity incident involving a breach of its network and that it's in touch with law enforcement authorities. The New York Times first reported the incident. The company pointed to its tweeted statement when asked for comment on the matter. The hack is said to have forced the company to take its internal communications and engineering systems offline as it investigated the extent of the breach. The publication said the malicious intruder compromised an employee's Slack account, and leveraged it to broadcast a message that the company had "suffered a data breach," in addition to listing internal databases that's supposed to have been compromised. "It appeared that the hacker was later able to gain access to other internal systems, posting an explicit photo on an internal information page for employees," the New York Times said. Uber has yet to offer additional details abouThe Hacker News
September 16, 2022
Uber hacked, internal systems breached and vulnerability reports stolen Full Text
Abstract
Uber suffered a cyberattack Thursday afternoon with a hacker gaining access to vulnerability reports and sharing screenshots of the company's internal systems, email dashboard, and Slack server.BleepingComputer
September 13, 2022
Hackers breach software vendor for Magento supply-chain attacks Full Text
Abstract
Hackers have injected malware in multiple extensions from FishPig, a vendor of Magento-WordPress integrations that count over 200,000 downloads.BleepingComputer
September 12, 2022
U-Haul discloses data breach exposing customer driver licenses Full Text
Abstract
Moving and storage giant U-Haul International (U-Haul) disclosed a data breach after a customer contract search tool was hacked to access customers' names and driver's license information.BleepingComputer
September 12, 2022
Hacktivist Group GhostSec Compromises 55 Berghof PLCs Across Israel Full Text
Abstract
A hacktivist collective called GhostSec has claimed credit for compromising as many as 55 Berghof programmable logic controllers ( PLCs ) used by Israeli organizations as part of a "Free Palestine" campaign. Industrial cybersecurity firm OTORIO, which dug deeper into the incident, said the breach was made possible owing to the fact that the PLCs were accessible through the Internet and were secured by trivially guessable credentials. Details of the compromise first came to light on September 4 after GhostSec shared a video on its Telegram channel demonstrating a successful login to the PLC's admin panel, in addition to dumping data from the hacked controllers. The Israeli company said the system dumps and screenshots were exported directly from the admin panel following unauthorized access to the controllers through their public IP addresses. GhostSec (aka Ghost Security), first identified in 2015, is a self-proclaimed vigilante group that was initially formedThe Hacker News
September 12, 2022
Cisco confirms that data leaked by the Yanluowang ransomware gang were stolen from its systems Full Text
Abstract
Cisco confirmed the May attack and that the data leaked by the Yanluowang ransomware group was stolen from its systems. In August, Cisco disclosed a security breach, the Yanluowang ransomware gang breached its corporate network in late May and stole...Security Affairs
September 12, 2022
Cisco confirms Yanluowang ransomware leaked stolen company data Full Text
Abstract
Cisco has confirmed that the data leaked yessterday by the Yanluowang ransomware gang was stolen from the company network during a cyberattack in May.BleepingComputer
September 8, 2022
Classified NATO documents sold on darkweb after they were stolen from Portugal Full Text
Abstract
Threat actors claimed to have stolen classified NATO documents from the Armed Forces General Staff agency of Portugal (EMGFA). After discovering that Classified NATO documents belonging to the Armed Forces General Staff agency of Portugal (EMGFA)...Security Affairs
September 08, 2022
Shopify Fails to Prevent Known Breached Passwords Full Text
Abstract
A recent report revealed that ecommerce provider, Shopify uses particularly weak password policies on the customer-facing portion of its Website. According to the report, Shopify's requires its customers to use a password that is at least five characters in length and that does not begin or end with a space. According to the report, Specops researchers analyzed a list of a billion passwords that were known to have been breached and found that 99.7% of those passwords adhere to Shopify's requirements. While this is not meant to suggest that Shopify customers' passwords have been breached, the fact that so many known breached passwords adhere to Shopify's minimum password requirements does underscore the dangers associated with using weak passwords. The danger of weak passwords in your Active Directory A recent study by Hive Systems echoes the dangers of using weak passwords. The study examines the amount of time that would be required to brute force crack passwoThe Hacker News
September 08, 2022
Classified NATO documents stolen from Portugal, now sold on darkweb Full Text
Abstract
The Armed Forces General Staff agency of Portugal (EMGFA) has suffered a cyberattack that allegedly allowed the theft of classified NATO documents, which are now sold on the dark web.BleepingComputer
September 5, 2022
TikTok denies data breach following leak of user data Full Text
Abstract
Threat actors published a sample of data allegedly stolen from TikTok, but the company denies it was breached. The hacking collective AgainstTheWest recently published a post on Breach Forums message board claiming to have hacked TikTok and stolen...Security Affairs
September 5, 2022
US Federal Tax Agency Inadvertently Exposed 120,000 Taxpayers’ Confidential Information Full Text
Abstract
The exposed data did not include Social Security numbers, full individual income information, detailed financial account data, or other information that could impact a taxpayer’s credit.Yahoo Finance
September 4, 2022
IRS mistakenly published confidential info for roughly 120K taxpayers Full Text
Abstract
The Internal Revenue Service (IRS) mistakenly leaked confidential information for approximately 120,000 taxpayers. Bad news for approximately 120,000 taxpayers who filed a form 990-T as part of their tax returns, the Internal Revenue Service has accidentally...Security Affairs
September 3, 2022
Anonymous hacked Russian Yandex taxi app causing a massive traffic jam Full Text
Abstract
According to Forbes Russia, the cabs were directed to one of the main avenues in Moscow, Kutuzovsky Prospekt, which is widely known for the Stalinist-era building called Hotel Ukraina (Hotel Ukraine).Hackread
September 03, 2022
IRS data leak exposes personal info of 120,000 taxpayers Full Text
Abstract
The Internal Revenue Service has accidentally leaked confidential information for approximately 120,000 taxpayers who filed a form 990-T as part of their tax returns.BleepingComputer
September 03, 2022
Samsung Admits Data Breach that Exposed Details of Some U.S. Customers Full Text
Abstract
South Korean chaebol Samsung on Friday said it experienced a cybersecurity incident that resulted in the unauthorized access of some customer information, the second time this year it has reported such a breach. "In late July 2022, an unauthorized third-party acquired information from some of Samsung's U.S. systems," the company disclosed in a notice. "On or around August 4, 2022, we determined through our ongoing investigation that personal information of certain customers was affected." Samsung said the infiltration enabled hackers to access certain data such as names, contact and demographic information, dates of birth, and product registration details. It stressed that the incident did not affect users' Social Security numbers or credit and debit card numbers, but noted the information leaked for each relevant customer may vary. The collected information is necessary to help the company deliver the best experience with its products and services,The Hacker News
September 2, 2022
Samsung discloses a second data breach this year Full Text
Abstract
Electronics giant Samsung has confirmed a new data breach after some of its US systems were compromised in July. After the attack that hit the company in late July 2022, Samsung disclosed a data breach. The Electronics giant discovered on August 4 that...Security Affairs
September 02, 2022
Samsung discloses data breach after July hack Full Text
Abstract
Electronics giant Samsung has confirmed a new data breach today after some of its U.S. systems were hacked to steal customer data.BleepingComputer
September 1, 2022
Tulsa Tech Hit By Data Breach Full Text
Abstract
According to the school, an unknown actor accessed the district's systems in June and took files from the network, including the names and Social Security numbers of students.News9
September 01, 2022
Over 1,800 Android and iOS Apps Found Leaking Hard-Coded AWS Credentials Full Text
Abstract
Researchers have identified 1,859 apps across Android and iOS containing hard-coded Amazon Web Services (AWS) credentials, posing a major security risk. "Over three-quarters (77%) of the apps contained valid AWS access tokens allowing access to private AWS cloud services," Symantec's Threat Hunter team, a part of Broadcom Software, said in a report shared with The Hacker News. Interestingly, a little more than 50% of the apps were found using the same AWS tokens found in other apps maintained by other developers and companies, indicating a supply chain vulnerability. "The AWS access tokens could be traced to a shared library, third-party SDK, or other shared component used in developing the apps," the researchers said. These credentials are typically used for downloading appropriate resources necessary for the app's functions as well as accessing configuration files and authenticating to other cloud services. To make matters worse, 47% of the identiThe Hacker News
September 01, 2022
Neopets says hackers had access to its systems for 18 months Full Text
Abstract
Neopets has released details about the recently disclosed data breach incident that exposed personal information of more than 69 million members.BleepingComputer
August 31, 2022
Threat actors breached the network of the Italian oil company ENI Full Text
Abstract
Italian oil giant Eni was hit by a cyber attack, attackers compromised its computer networks, but the consequences appear to be minor. Italian oil giant company Eni disclosed a security breach, threat actors gained access to its network, but according...Security Affairs
August 31, 2022
Russian streaming platform Start discloses a data breach impacting 7.5M users Full Text
Abstract
The Russian subscription-based streaming service Start discloses a data breach affecting 7.5 million users. The Russian media streaming platform START disclosed a data breach that impacted 7.5 millions of its users. According to the company, the attackers...Security Affairs
August 30, 2022
Russian streaming platform confirms data breach affecting 7.5M users Full Text
Abstract
Russian media streaming platform 'START' (start.ru) has confirmed rumors of a data breach impacting millions of users.BleepingComputer
August 30, 2022
India’s Newest Airline Akasa Air Found Leaking Passengers’ Personal Information Full Text
Abstract
Akasa Air, India's newest commercial airline, exposed the personal data belonging to its customers that the company blamed on a technical configuration error. According to security researcher Ashutosh Barot , the issue is rooted in the account registration process, leading to the exposure of details such as names, gender, email addresses, and phone numbers. The bug was identified on August 7, 2022, the same day the low-cost airline commenced its operations in the country. "I found an HTTP request which gave my name, email, phone number, gender, etc. in JSON format," Barot said in a write-up. "I immediately changed some parameters in [the] request and I was able to see other user's PII. It took around ~30 minutes to find this issue." Upon receiving the report, the company said it temporarily shut down parts of its system to incorporate additional security guardrails. It has also reported the incident to the Indian Computer Emergency Response Team (The Hacker News
August 29, 2022
Nelnet Servicing breach exposes data of 2.5M student loan accounts Full Text
Abstract
Nelnet Serving, a Nebraska-based student loan technology services provider, has been breached by unauthorized network intruders who exploited a vulnerability in its systems.BleepingComputer
August 29, 2022
Twilio breach let attackers access Authy two-factor accounts of 93 users Full Text
Abstract
Threat actors behind the Twilio hack also gained access to the accounts of 93 individual users of its Authy two-factor authentication (2FA) service. Early August, the communications company Twilio discloses a data breach, threat actors had access...Security Affairs
August 29, 2022
Personal Data of Thai Citizens with COVID Symptoms Exposed Full Text
Abstract
Based on the acquired samples and additional insights related to the security incident, the bad actors were able to gain unauthorized access to the government portal allowing them to manage users and records illegally.Security Affairs
August 29, 2022
Twilio Breach Also Compromised Authy Two-Factor Accounts of Some Users Full Text
Abstract
Twilio, which earlier this month became a sophisticated phishing attack , disclosed last week that the threat actors also managed to gain access to the accounts of 93 individual users of its Authy two-factor authentication (2FA) service. The communication tools company said the unauthorized access made it possible for the adversary to register additional devices to those accounts. It has since identified and removed the illegitimately added devices from the impacted accounts. Authy, acquired by Twilio in February 2015, allows safeguarding online accounts with a second security layer to prevent account takeover attacks. It's estimated to have nearly 75 million users. Twilio further noted its investigation as of August 24, 2022, turned up 163 affected customers, up from 125 it reported on August 10, whose accounts it said were hacked for a limited period of time. Besides Twilio, the sprawling campaign, dubbed 0ktapus by Group-IB, is believed to have struck 136 companies,The Hacker News
August 29, 2022
COVID-19 data put for sale on Dark Web Full Text
Abstract
Researchers discovered leaked PII stolen from Thailand’s Department of Medical Sciences containing information about citizens with COVID-19. Resecurity, a California-based cybersecurity company protecting Fortune 500, has identified leaked PII stolen...Security Affairs
August 28, 2022
Okta one-time MFA passcodes exposed in Twilio cyberattack Full Text
Abstract
The threat actor behind the Twilio hack used their access to steal one-time passwords (OTPs) delivered over SMS to from customers of Okta identity and access management company.BleepingComputer
August 28, 2022
Twilio breach let hackers see Okta’s one-time MFA passwords Full Text
Abstract
The threat actor behind the Twilio hack used their access to steal one-time passwords (OTPs) delivered over SMS to from customers of Okta identity and access management company.BleepingComputer
August 27, 2022
Twilio hackers also breached the food delivery firm DoorDash Full Text
Abstract
Twilio hackers also compromised the food delivery firm DoorDash, the attackers had access to company data, including customer and employee info. On-demand food delivery service DoorDash disclosed a data breach, the threat actors behind the Twilio...Security Affairs
August 27, 2022
The number of companies caught up in the Twilio hack keeps growing Full Text
Abstract
Three new companies—authentication service Authy, password manager LastPass, and food delivery service DoorDash—said in recent days that the Twilio compromise led to them being hacked.ARS Technica
August 26, 2022
DoorDash discloses new data breach tied to Twilio hackers Full Text
Abstract
Food delivery firm DoorDash has disclosed a data breach exposing customer and employee data that is linked to the recent cyberattack on Twilio.BleepingComputer
August 26, 2022
Hackers Breach LastPass Developer System to Steal Source Code Full Text
Abstract
Password management service LastPass confirmed a security incident that resulted in the theft of certain source code and technical information. The security breach is said to have occurred two weeks ago, targeting its development environment. No customer data or encrypted passwords were accessed, although the company provided no further details regarding the hack and what source code was stolen. "An unauthorized party gained access to portions of the LastPass development environment through a single compromised developer account and took portions of source code and some proprietary LastPass technical information," LastPass CEO Karim Toubba said . Amidst ongoing investigation into the incident, the company said it has engaged the services of a leading cybersecurity and forensics firm and that it has implemented additional countermeasures. LastPass, however, didn't elaborate on the exact mitigation techniques that it used to strengthen its environment. It also reiterated that theThe Hacker News
August 26, 2022
Twilio breach let hackers gain access to Authy 2FA accounts Full Text
Abstract
Twilio's investigation into the attack on August 4 reveals that hackers gained access to some Authy user accounts and registered unauthorized devices.BleepingComputer
August 25, 2022
LastPass data breach: threat actors stole a portion of source code Full Text
Abstract
Password management software firm LastPass has suffered a data breach, threat actors have stole source code and other data. Password management software firm LastPass disclosed a security breach, threat actors had access to portions of the company...Security Affairs
August 25, 2022
This company paid a ransom demand. Hackers leaked its data anyway Full Text
Abstract
Stealing sensitive data has become a common part of ransomware attacks. Criminals leverage it as part of their extortion attempts, threatening to release it if a ransom isn't received.ZDNet
August 24, 2022
Employee Data Exposed After North Dakota Phishing Attack Full Text
Abstract
A Workforce Safety & Insurance employee opened a malicious email attachment — an incident that led to cyber attackers accessing personal data on 182 individuals who had been seeking injured employee claims.Government Technology
August 24, 2022
Plex discloses data breach and urges password reset Full Text
Abstract
The streaming media platform Plex is urging its users to reset passwords after threat actors gained access to its database. Plex is an American streaming media service and a client–server media player platform. The company disclosed a data...Security Affairs
August 24, 2022
Lamoille Health Partners Experiences Ransomware Attack Leading to Data Breach Involving Patient Information Full Text
Abstract
While the breached information varies depending on the individual, it may include name, address, date of birth, Social Security number, health insurance information, and any medical treatment information that was provided to Lamoille Health Partners.JD Supra
August 24, 2022
Plex warns users to reset passwords after a data breach Full Text
Abstract
The Plex media streaming platform is sending password reset notices to many of its users in response to discovering unauthorized access to one of its databases.BleepingComputer
August 23, 2022
ETHERLED: Air-gapped systems leak data via network card LEDs Full Text
Abstract
Israeli researcher Mordechai Guri has discovered a new method to exfiltrate data from air-gapped systems using the LED indicators on network cards. Dubbed 'ETHERLED', the method turns the blinking lights into Morse code signals that can be decoded by an attacker.BleepingComputer
August 23, 2022
Ragnar Locker Ransomware Claims to Breach Greek Natural Gas Operator DESFA Full Text
Abstract
On Saturday, DESFA confirmed that its IT infrastructure was hit by a cyberattack and that it had a “confirmed impact on the availability of some systems and possible leakage of a number of directories and files.”The Record
August 22, 2022
Misconfigured Meta Pixel exposed healthcare data of 1.3M patients Full Text
Abstract
U.S. healthcare provider Novant Health has disclosed a data breach impacting 1,362,296 individuals who have had their sensitive information mistakenly collected by the Meta Pixel ad tracking script.BleepingComputer
August 22, 2022
Luxury Textile Company Sferra Discloses Data Breach Affecting Employee Information Full Text
Abstract
Founded in 1891, Sferra designs and sells Italian-made luxury linen products, including luxury sheets, table linens, and bedding collections, as well as decorative home accessories.Security Week
August 22, 2022
Greek natural gas operator suffers ransomware-related data breach Full Text
Abstract
Greece's largest natural gas distributor DESFA confirmed on Saturday that they suffered a limited scope data breach and IT system outage following a cyberattack.BleepingComputer
August 20, 2022
WordPress sites hacked with fake Cloudflare DDoS alerts pushing malware Full Text
Abstract
WordPress sites are being hacked to display fake Cloudflare DDoS protection pages to distribute malware that installs the NetSupport RAT and the RaccoonStealer password-stealing Trojan.BleepingComputer
August 16, 2022
New MailChimp breach exposed DigitalOcean customer email addresses Full Text
Abstract
DigitalOcean is warning customers that a recent MailChimp security breach exposed the email addresses of some customers, with a small number receiving unauthorized password resets.BleepingComputer
August 16, 2022
BharatPay Data Breach: Personal data, Transaction Details of 37,000 Users Leaked Online - ET CISO Full Text
Abstract
BharatPay, an Indian finance service, leaked PII and sensitive financial data of users. Researchers found that transaction data and API keys of online bill payment facilitators such as Patchway Recharge and Mr. Robotics were also exposed.The Times Of India
August 16, 2022
CS:GO trading site hacked to steal $6 million worth of skins Full Text
Abstract
CS.MONEY, one of the largest platforms for trading CS:GO skins, has taken its website offline after a cyberattack allowed hackers to loot 20,000 items worth approximately $6,000,000.BleepingComputer
August 16, 2022
Phone numbers of 1,900 Signal users exposed as a result of Twilio security breach Full Text
Abstract
For about 1,900 users, Twilio hackers could have attempted to re-register their number to another device or learned that their number was registered to Signal. Communication company Twilio provides Signal with phone number verification services, and recent...Security Affairs
August 15, 2022
Nearly 1,900 Signal Messenger Accounts Potentially Compromised in Twilio Hack Full Text
Abstract
Popular end-to-end encrypted messaging service Signal on Monday disclosed the cyberattack aimed at Twilio earlier this month may have exposed the phone numbers of roughly 1,900 users. "For about 1,900 users, an attacker could have attempted to re-register their number to another device or learned that their number was registered to Signal," the company said . "All users can rest assured that their message history, contact lists, profile information, whom they'd blocked, and other personal data remain private and secure and were not affected." Signal, which uses Twilio to send SMS verification codes to users registering with the app, said it's in the process of alerting the affected users directly and prompting them to re-register the service on their devices. The development comes less than a week after Twilio revealed that data associated with about 125 customer accounts were accessed by malicious actors through a phishing attack that duped the compThe Hacker News
August 15, 2022
Twilio hack exposed Signal phone numbers of 1,900 users Full Text
Abstract
Phone numbers of close to 1,900 Signal users were exposed in the data breach Twilio cloud communications company suffered at the beginning of the month.BleepingComputer
August 13, 2022
Killnet claims to have breached Lockheed Martin Full Text
Abstract
Russian hacker group Killnet claims to have launched a DDoS attack on the aerospace and defense giant Lockheed Martin. The Moscow Times first reported that the Pro-Russia hacker group Killnet is claiming responsibility for a recent DDoS attack that...Security Affairs
August 12, 2022
Anonymous poop gifting site hacked, customers exposed Full Text
Abstract
ShitExpress, a web service that lets you send a box of feces along with a personalized message to friends and enemies, has been breached after a "customer" spotted a vulnerability.BleepingComputer
August 12, 2022
Twilio: 125 customers affected by data breach, no passwords stolen Full Text
Abstract
Cloud communications giant Twilio, the owner of the highly popular two-factor authentication (2FA) provider Authy, says that it has so far identified 125 customers who had their data accessed during a security breach discovered last week.BleepingComputer
August 11, 2022
Cisco Confirms Network Breach Via Hacked Employee Google Account Full Text
Abstract
Networking giant says attackers gained initial access to an employee’s VPN client via a compromised Google account.Threatpost
August 10, 2022
Automotive supplier breached by 3 ransomware gangs in 2 weeks Full Text
Abstract
An automotive supplier had its systems breached and files encrypted by three different ransomware gangs over a two-week span in May, two of the attacks happening within just two hours.BleepingComputer
August 10, 2022
Hackers Behind Twilio Breach Also Targeted Cloudflare Employees Full Text
Abstract
Web infrastructure company Cloudflare on Tuesday disclosed at least 76 employees and their family members received text messages on their personal and work phones bearing similar characteristics as that of the sophisticated phishing attack against Twilio . The attack, which transpired around the same time Twilio was targeted, came from four phone numbers associated with T-Mobile-issued SIM cards and was ultimately unsuccessful. The text messages pointed to a seemingly legitimate domain containing the keywords "Cloudflare" and "Okta" in an attempt to deceive the employees into handing over their credentials. The wave of over 100 smishing messages commenced less than 40 minutes after the rogue domain was registered via Porkbun, the company noted, adding the phishing page was designed to relay the credentials entered by unsuspecting users to the attacker via Telegram in real-time. This also meant that the attack could defeat 2FA roadblocks, as the Time-based OnThe Hacker News
August 10, 2022
Cisco hacked by Yanluowang ransomware gang, 2.8GB allegedly stolen Full Text
Abstract
Cisco confirmed today that the Yanluowang ransomware group breached its corporate network in late May and that the actor tried to extort them under the threat of leaking stolen files online.BleepingComputer
August 09, 2022
Twilio Suffers Data Breach After Employees Fall Victim to SMS Phishing Attack Full Text
Abstract
Customer engagement platform Twilio on Monday disclosed that a "sophisticated" threat actor gained "unauthorized access" using an SMS-based phishing campaign aimed at its staff to gain information on a "limited number" of accounts. The social-engineering attack was bent on stealing employee credentials, the company said, calling the as-yet-unidentified adversary "well-organized" and "methodical in their actions." The incident came to light on August 4. "This broad based attack against our employee base succeeded in fooling some employees into providing their credentials," it said in a notice. "The attackers then used the stolen credentials to gain access to some of our internal systems, where they were able to access certain customer data." The communications giant has 268,000 active customer accounts , and counts companies like Airbnb, Box, Dell, DoorDash, eBay, Glassdoor, Lyft, Salesforce, Stripe, Twitter,The Hacker News
August 09, 2022
Cloudflare employees also hit by hackers behind Twilio breach Full Text
Abstract
Cloudflare says some of its employees' credentials were also stolen in an SMS phishing attack very similar to the one that led to Twilio's network being breached last week.BleepingComputer
August 9, 2022
India: Company cheated of $125k in man-in-the-middle cyber attack; 3 held Full Text
Abstract
The primary accused created a fake email ID, similar to that of a reputed company that deals in construction and technology, and sent an email to their client posing as the company and asked to deposit the amount in two other bank accounts.The Times Of India
August 8, 2022
More than 3200 Apps Found Exposing Twitter API Keys Full Text
Abstract
A set of 3,207 mobile apps were found exposing Twitter API keys to the public, potentially allowing a hacker to take over Twitter accounts associated with the apps. A threat actor with access to a Twitter account could perform actions such as reading direct messages, deleting tweets, accessing acco ... Read MoreCyware Alerts - Hacker News
August 08, 2022
Email marketing firm hacked to steal crypto-focused mailing lists Full Text
Abstract
Email marketing firm Klaviyo disclosed a data breach after threat actors gained access to internal systems and downloaded marketing lists for cryptocurrency-related customers.BleepingComputer
August 8, 2022
Twilio discloses data breach that impacted customers and employees Full Text
Abstract
Communications company Twilio discloses a data breach after threat actors have stolen employee credentials in an SMS phishing attack. Communications company Twilio discloses a data breach, threat actors had access to the data of some of its customers....Security Affairs
August 8, 2022
Anonymous Source Leaks 4TB of Cellebrite Data Online After Cyberattack Full Text
Abstract
It is worth noting that as of now, the leaked data is only available to researchers and journalists by requesting Distributed Denial of Secrets (DDoSecrets), a non-profit whistleblower organization.Hackread
August 8, 2022
Chinese Adult Site Leaking 14 Million User Details – and It’s Increasing! Full Text
Abstract
Hjedd, a Chinese adult content and NSFW platform, has been exposing a treasure trove of user data online since at least July 2022. The server was found to be publicly accessible without any security authentication or password.Hackread
August 6, 2022
A Slack Bug Exposed Some Users’ Hashed Passwords for 5 Years Full Text
Abstract
Slack has revealed that one of its low-friction features contained a vulnerability, now fixed, that exposed cryptographically scrambled versions of some users' passwords.Wired
August 6, 2022
Twitter fixes bug that exposed at least 5.4M accounts Full Text
Abstract
Twitter says it has fixed a security vulnerability that allowed threat actors to compile information of 5.4 million Twitter accounts, which were listed for sale on a known cybercrime forum.Tech Crunch
August 06, 2022
Hackers Exploit Twitter Vulnerability to Exposes 5.4 Million Accounts Full Text
Abstract
Twitter on Friday revealed that a now-patched zero-day bug was used to link phone numbers and emails to user accounts on the social media platform. "As a result of the vulnerability, if someone submitted an email address or phone number to Twitter's systems, Twitter's systems would tell the person what Twitter account the submitted email addresses or phone number was associated with, if any," the company said in an advisory. Twitter said the bug, which it was made aware of in January 2022, stemmed from a code change introduced in June 2021. No passwords were exposed as a result of the incident. The six-month delay in making this public stems from new evidence last month that an unidentified actor had potentially taken advantage of the flaw before the fix to scrape user information and sell it for profit on Breach Forums . Although Twitter didn't reveal the exact number of impacted users, the forum post made by the threat actor shows that the flaw was exThe Hacker News
August 06, 2022
Slack Resets Passwords After a Bug Exposed Hashed Passwords for Some Users Full Text
Abstract
Slack said it took the step of resetting passwords for about 0.5% of its users after a flaw exposed salted password hashes when creating or revoking shared invitation links for workspaces. "When a user performed either of these actions, Slack transmitted a hashed version of their password to other workspace members," the enterprise communication and collaboration platform said in an alert on 4th August. Hashing refers to a cryptographic technique that transforms any form of data into a fixed-size output (called a hash value or simply hash). Salting is designed to add an extra security layer to the hashing process to make it resistant to brute-force attempts. The Salesforce-owned company, which reported more than 12 million daily active users in September 2019, didn't reveal the exact hashing algorithm used to safeguard the passwords. The bug is said to have impacted all users who created or revoked shared invitation links between 17 April 2017 and 17 July 20The Hacker News
August 6, 2022
Slack resets passwords for about 0.5% of its users due to the exposure of salted password hashes Full Text
Abstract
Slack is resetting passwords for approximately 0.5% of its users after a bug exposed salted password hashes when users created or revoked a shared invitation link for their workspace Slack announced that it is resetting passwords for about 0.5% of its users...Security Affairs
August 5, 2022
Twitter confirms zero-day used to access data of 5.4 million accounts Full Text
Abstract
Twitter confirmed that the recent data breach that exposed data of 5.4 million accounts was caused by the exploitation of a zero-day flaw. At the end of July, a threat actor leaked data of 5.4 million Twitter accounts that were obtained by exploiting...Security Affairs
August 5, 2022
Neurology Practice Notifies 363,000 Individuals That PHI Was Posted on Dark Web Full Text
Abstract
An Indiana neurology practice is notifying nearly 363,000 individuals that their sensitive information was compromised in a recent ransomware attack - and that some of their data was posted on the dark web.Bank Info Security
August 05, 2022
Slack resets passwords after exposing hashes in invitation links Full Text
Abstract
Slack notified roughly 0.5% of its users that it reset their passwords after fixing a bug exposing salted password hashes when creating or revoking shared invitation links for workspaces.BleepingComputer
August 05, 2022
Twitter confirms zero-day used to expose data of 5.4 million accounts Full Text
Abstract
Twitter has confirmed a recent data breach was caused by a now-patched zero-day vulnerability used to link email addresses and phone numbers to users' accounts, allowing a threat actor to compile a list of 5.4 million user account profiles.BleepingComputer
August 4, 2022
India: Over 280M records comprising UANs, bank account numbers, incomes, and PFs allegedly leaked online Full Text
Abstract
On August 2, cybersecurity researcher Volodymyr "Bob" Diachenko, during a routine search for public exposures on the internet, found two IPs containing massive amounts of highly sensitive data belonging to Indian citizens.The Times Of India
August 4, 2022
Hackers stole $200 million from the Nomad crypto bridge Full Text
Abstract
The cryptocurrency bridge Nomad is the last victim of a cyber heist, threat actors stole almost $200 million of its funds. Another crypto heist made the headlines, threat actors stole nearly $200 million worth of cryptocurrency from the bridge Nomad....Security Affairs
August 4, 2022
UAE-based Retail Chain Spinneys Suffers Customer Data leak Full Text
Abstract
The hackers accessed an internal server that comprised customer data, including names, contact numbers, email addresses, delivery addresses, and previous order information.Secure Reading
August 03, 2022
Thousands of Solana wallets drained in attack using unknown exploit Full Text
Abstract
An overnight attack on the Solana blockchain platform drained thousands of software wallets of cryptocurrency worth millions of U.S. dollars.BleepingComputer
August 01, 2022
Over 3,200 apps leak Twitter API keys, some allowing account hijacks Full Text
Abstract
Cybersecurity researchers have uncovered a set of 3,207 mobile apps that are exposing Twitter API keys to the public, potentially enabling a threat actor to take over users' Twitter accounts that are associated with the app.BleepingComputer
August 01, 2022
Researchers Discover Nearly 3,200 Mobile Apps Leaking Twitter API Keys Full Text
Abstract
Researchers have uncovered a list of 3,207 apps, some of which can be utilized to gain unauthorized access to Twitter accounts. The takeover is made possible, thanks to a leak of legitimate Consumer Key and Consumer Secret information, respectively, Singapore-based cybersecurity firm CloudSEK said in a report exclusively shared with The Hacker News. "Out of 3,207, 230 apps are leaking all four authentication credentials and can be used to fully take over their Twitter Accounts and can perform any critical/sensitive actions," the researchers said. This can range from reading direct messages to carrying out arbitrary actions such as retweeting, liking and deleting tweets, following any account, removing followers, accessing account settings, and even changing the account profile picture. Access to the Twitter API requires generating the Keys and Access Tokens, which act as the usernames and passwords for the apps as well as the users on whose behalf the API requests wThe Hacker News
July 31, 2022
Threat actor claims to have hacked European manufacturer of missiles MBDA Full Text
Abstract
Threat actors that go online with the moniker Adrastea claim to have hacked the multinational manufacturer of missiles MBDA. MBDA is a European multinational developer and manufacturer of missiles that was the result of the merger of the main French, British and Italian missile...Security Affairs
July 29, 2022
OneTouchPoint Discloses Data Breach Impacting Over 30 Healthcare Firms Full Text
Abstract
In a data breach notice on its website, OneTouchPoint lists 34 healthcare insurance carriers and healthcare services providers that have been impacted, but the number appears to be larger.Security Week
July 29, 2022
Billion-record Chinese data leak’s host booms Full Text
Abstract
The popularity of stolen data bazaar BreachForums surged after it was used to sell a giant database of stolen information describing Chinese citizens, threat intelligence firm Cybersixgill said on Thursday.The Register
July 28, 2022
Microsoft SQL servers hacked to steal bandwidth for proxy services Full Text
Abstract
Threat actors are generating revenue by using adware bundles, malware, or even hacking into Microsoft SQL servers, to convert devices into proxies that are rented through online proxy services.BleepingComputer
July 27, 2022
Fallout from massive Shanghai Police data breach reverberates on dark web Full Text
Abstract
The availability of supposedly hacked Chinese data on the dark web appears to have surged in recent weeks on the heels of the massive Shanghai National Police breach, which was one of the largest ever recorded.CyberScoop
July 27, 2022
Wawa Agrees to Payment, Security Changes for ‘19 Data Breach Full Text
Abstract
A Pennsylvania-based convenience store chain will pay $8 million to several states over a 2019 data breach that involved some 34 million payment cards, authorities announced Tuesday.Security Week
July 26, 2022
Hackers steal $6 million from blockchain music platform Audius Full Text
Abstract
The decentralized music platform Audius was hacked over the weekend, with threat actors stealing over 18 million AUDIO tokens worth approximately $6 million.BleepingComputer
July 25, 2022
Hackers exploited PrestaShop zero-day to breach online stores Full Text
Abstract
Hackers are targeting websites using the PrestaShop platform, leveraging a previously unknown vulnerability chain to perform code execution and potentially steal customers' payment information.BleepingComputer
July 25, 2022
T-Mobile Settles to Pay $350M to Customers in Data Breach Full Text
Abstract
In a Securities and Exchange Commission filing on Friday, the mobile phone company said the funds would pay for claims by class members, the legal fees of plaintiffs’ counsel, and the costs of administering the settlement.Security Week
July 25, 2022
Lockbit ransomware gang claims to have breached the Italian Revenue Agency Full Text
Abstract
The ransomware group Lockbit claims to have stolen 78 GB of files from the Italian Revenue Agency (Agenzia delle Entrate). The ransomware gang Lockbit claims to have hacked the Italian Revenue Agency (Agenzia delle Entrate) and added...Security Affairs
July 25, 2022
Oklahoma City Housing Authority Provides Notice of Data Breach Full Text
Abstract
The impacted information varied by individual but may include name, Social Security number, driver's license or government identification, financial account information, and medical or health information.Yahoo Finance
July 24, 2022
A database containing data of 5.4 million Twitter accounts available for sale Full Text
Abstract
Threat actor leaked data of 5.4 million Twitter users that were obtained by exploiting a now patched flaw in the popular platform. A threat actor has leaked data of 5.4 million Twitter accounts that were obtained by exploiting a now-fixed vulnerability...Security Affairs
July 23, 2022
T-Mobile reaches $350M settlement in 2021 cyberattack and data breach impacting 76M people Full Text
Abstract
T-Mobile agreed to pay $350 million to settle class-action lawsuits brought over an August 2021 cyberattack in which a hacker infiltrated its computer systems to steal sensitive data relating to millions of customers.Geek Wire
July 22, 2022
Digital security giant Entrust breached by ransomware gang Full Text
Abstract
Digital security giant Entrust has confirmed that it suffered a cyberattack where threat actors breached their network and stole data from internal systems.BleepingComputer
July 22, 2022
Hackers breached Ukrainian radio station to spread fake news about Zelensky ‘s health Full Text
Abstract
Threat actors hacked the Ukrainian radio station TAVR Media and broadcasted fake news on the critical health condition of President Volodymyr Zelensky Threat actors breached the Ukrainian radio station TAVR Media this week, the attackers spread a fake...Security Affairs
July 22, 2022
Hackers breach Ukrainian radio network to spread fake news about Zelenskiy Full Text
Abstract
On Thursday, Ukrainian media group TAVR Media confirmed that it was hacked to spread fake news about President Zelenskiy being in critical condition and under intensive care.BleepingComputer
July 20, 2022
Neopets data breach exposes personal data of 69 million members Full Text
Abstract
Virtual pet website Neopets has suffered a data breach leading to the theft of source code and a database containing the personal information of over 69 million members.BleepingComputer
July 20, 2022
Feelyou Mental Health App Discloses Exposure of 78,000 User Emails in Breach Full Text
Abstract
When asked for comment, Bajji – the company that owns Feelyou – directed The Record to a statement released on Tuesday, disclosing that the vulnerability in the platform was patched on Saturday, July 16.The Record
July 19, 2022
Hackers steal 50,000 credit cards from 300 U.S. restaurants Full Text
Abstract
Payment card details from customers of more than 300 restaurants have been stolen in two web-skimming campaigns targeting three online ordering platforms.BleepingComputer
July 16, 2022
Hackers pose as journalists to breach news media org’s networks Full Text
Abstract
Researchers following the activities of advanced persistent (APT) threat groups originating from China, North Korea, Iran, and Turkey say that journalists and media organizations have remained a constant target for state-aligned actors.BleepingComputer
July 16, 2022
Elastix VoIP systems hacked in massive campaign to install PHP web shells Full Text
Abstract
Threat analysts have uncovered a large-scale campaign targeting Elastix VoIP telephony servers with more than 500,000 malware samples over a period of three months.BleepingComputer
July 15, 2022
Colorado Springs Utilities Warns Customers of Data Disclosure Incident Full Text
Abstract
According to a letter sent to customers, data stored by a subcontractor of Colorado Springs Utilities was "accessed by an unauthorized party" on June 15. The utility was notified of the incident on July 6, the letter states.The Gazette
July 15, 2022
Recruitment Agency Morgan Hunt Discloses Unauthorized Access to Internal Database Full Text
Abstract
In a letter to contractors, Morgan Hunt – which provides personnel services to clients in the charity education, finance, government, housing, and technology sectors – confirmed the break-in.The Register
July 13, 2022
$8 million stolen in large-scale Uniswap airdrop phishing attack Full Text
Abstract
Uniswap, a popular decentralized cryptocurrency exchange, lost close to $8 million worth of Ethereum in a sophisticated phishing attack yesterday.BleepingComputer
July 12, 2022
Hackers stole $620 million from Axie Infinity via fake job interviews Full Text
Abstract
The hack that caused Axie Infinity losses of $620 million in crypto started with a fake job offer from North Korean hackers to one of the game's developers.BleepingComputer
July 11, 2022
A fake job offer via LinkedIn allowed to steal $540M from Axie Infinity Full Text
Abstract
Threat actors used a fake job offer on LinkedIn to target an employee at Axie Infinity that resulted in the theft of $540 Million. In March, threat actors stole almost $625 million in Ethereum and USDC (a U.S. dollar pegged stablecoin) tokens from...Security Affairs
July 09, 2022
Mangatoon data breach exposes data from 23 million accounts Full Text
Abstract
Manga comic reading app Mangatoon has suffered a data breach that exposed the account information of 23 million users after a hacker stole it from an Elasticsearch database.BleepingComputer
July 7, 2022
American Marriage Ministries Acknowledges Data Exposure via Unsecured Amazon Bucket Full Text
Abstract
Wedding officiant training company American Marriage Ministries (AMM) said it is dealing with another data security issue after reporting a breach of sensitive data to the FBI earlier this year.The Record
July 6, 2022
Human Error Blamed for Leak of 1 Billion Records of Chinese Citizens Full Text
Abstract
A developer appears to have divulged credentials to a police database on a popular developer forum, leading to a breach and subsequent bid to sell 23 terabytes of personal data on the dark web.Threatpost
July 06, 2022
Marriott confirms another data breach after hotel got hacked Full Text
Abstract
Hotel giant Marriott International confirmed this week that it was hit by another data breach after an unknown threat actor managed to breach one of its properties and steal 20 GB worth of files.BleepingComputer
July 6, 2022
Marriott International suffered a new data breach, attackers stole 20GB of data Full Text
Abstract
Hotel chain Marriott International suffered a new data breach, a threat actor has stolen 20GB from the company. Hotel chain Marriott International confirmed it has suffered a new data breach after a threat actor stole 20GB of files from one of its properties. The...Security Affairs
July 06, 2022
Security advisory accidentally exposes vulnerable systems Full Text
Abstract
A security advisory for a vulnerability (CVE) published by MITRE has accidentally been exposing links to remote admin consoles of over a dozen vulnerable IP devices since at least April 2022.BleepingComputer
July 06, 2022
Marriott hit by new data breach and a failed extortion attempt Full Text
Abstract
Hotel giant Marriott International confirmed this week that it was hit by another data breach after an unknown threat actor managed to breach one of its properties and steal 20 GB worth of files.BleepingComputer
July 6, 2022
Data Breach at PFC USA Impacts Patients of 650 Healthcare Providers Full Text
Abstract
The ransomware attack on PFC appears to be part of a trend where cybercriminals are not targeting healthcare providers directly but turn on their partner organizations instead.Security Week
July 5, 2022
Threat actors compromised British Army ’s Twitter, YouTube accounts to promote crypto scams Full Text
Abstract
Threat actors compromised the Twitter and YouTube accounts of the British Army to promote online crypto scams. The Twitter and YouTube accounts of the British Army were used to promote NFT and other crypto scams. The YouTube account was used to transmit...Security Affairs
July 5, 2022
Dutch University Gets Cyber Ransom Money Back with Interest Full Text
Abstract
The southern Maastricht University in 2019 was hit by a large cyberattack in which criminals used ransomware, a type of malicious software that locks valuable data and can only be accessed once the victim pays a ransom amount.Security Week
July 4, 2022
Data of a billion Chinese residents available for sale on the dark web Full Text
Abstract
Threat actors claim to have breached a database belonging to Shanghai police and stole the data of a billion Chinese residents. Unknown threat actors claimed to have obtained data of a billion Chinese residents after breaching a database of the Shanghai...Security Affairs
July 04, 2022
Hacker claims to have stolen data on 1 billion Chinese citizens Full Text
Abstract
An anonymous threat actor is selling several databases they claim to contain more than 22 terabytes of stolen information on roughly 1 billion Chinese citizens for 10 bitcoins (approximately $195,000).BleepingComputer
July 04, 2022
UK Army’s Twitter, YouTube accounts hacked to push crypto scam Full Text
Abstract
British Army's Twitter and YouTube accounts were hacked sometime yesterday and altered to promote online crypto scams. In a statement, UK's Ministry of Defence confirms it is investigating the attack.BleepingComputer
July 03, 2022
Privacy protection agency seizes servers of hacked travel company Full Text
Abstract
The Privacy Protection Authority in Israel seized servers hosting multiple travel booking websites because their operator failed to address security issues that enabled data breaches affecting more than 300,000 individuals.BleepingComputer
July 02, 2022
Verified Twitter accounts hacked to send fake suspension notices Full Text
Abstract
BleepingComputer
June 30, 2022
OpenSea discloses data breach, warns users of phishing attacks Full Text
Abstract
OpenSea, the largest non-fungible token (NFT) marketplace, disclosed a data breach on Wednesday and warned users of phishing attacks that could target them in the coming days.BleepingComputer
June 29, 2022
Leaky Access Tokens Exposed Amazon Photos of Users Full Text
Abstract
Hackers with Amazon users’ authentication tokens could’ve stolen or encrypted personal photos and documents.Threatpost
June 27, 2022
Japanese worker loses city’s personal data in USB fail Full Text
Abstract
A Japanese contractor working in the city of Amagasaki, near Osaka, reportedly mislaid a USB drive containing personal data, including banking data, on the metropolis's 460,000 residents.The Register
June 25, 2022
Attackers exploited a zero-day in Mitel VOIP devices to compromise a network Full Text
Abstract
Experts warn threat actors have exploited a zero-day vulnerability in a Mitel VoIP appliance in a ransomware attack. CrowdStrike researchers recently investigated the compromise of a Mitel VOIP appliance as an entry point in a ransomware attack against...Security Affairs
June 24, 2022
CafePress fined $500,000 for breach affecting 23 million users Full Text
Abstract
The U.S. Federal Trade Commission (FTC) today ordered Residual Pumpkin Entity, the former owner of the CafePress t-shirt and merchandise site, to pay a $500,000 fine for attempting to cover up a major data breach impacting more than 23 million customers and failing to protect their data.BleepingComputer
June 24, 2022
Patients at Indiana University Health Affected by Third-party Breach Full Text
Abstract
An unauthorized party accessed patients’ personal information at IU Health's vendor MCG Health, including names, medical codes, postal addresses, telephone numbers, email addresses, dates of birth, and Social Security numbers.The Herald Bulletin
June 23, 2022
Conti ransomware hacking spree breaches over 40 orgs in a month Full Text
Abstract
The Conti cybercrime syndicate runs one of the most aggressive ransomware operations and has grown highly organized, to the point that affiliates were able to hack more than 40 companies in a little over a month.BleepingComputer
June 22, 2022
Flagstar Bank discloses a data breach that impacted 1.5 Million individuals Full Text
Abstract
US Flagstar Bank disclosed a data breach that exposed files containing the personal information of 1.5 million individuals. US-based Flagstar Bank disclosed a data breach that impacted roughly 1.5 million individuals, but the company did not share...Security Affairs
June 20, 2022
Flagstar Bank discloses data breach impacting 1.5 million customers Full Text
Abstract
Flagstar Bank is notifying 1.5 million customers of a data breach where hackers accessed personal data during a December cyberattack.BleepingComputer
June 20, 2022
Internet scans find 1.6 million secrets leaked by websites Full Text
Abstract
Security researchers have apparently discovered more than 1.6 million secrets leaked by websites, including more than 395,000 exposed by the one million most popular domains.The Daily Swig
June 18, 2022
Inverse Finance Looted for $1.2 Million via Flash Loan Attack Full Text
Abstract
A decentralized autonomous organization (DAO) called Inverse Finance has been robbed of cryptocurrency somehow exchangeable for $1.2 million, just two months after being taken for $15.6 million.The Register
June 17, 2022
BlackCat Launches Dedicated Site for Victims to Search Their Stolen Data Full Text
Abstract
In a new initiative, the BlackCat group has begun publishing details of victims on websites open to the public Internet, with the data available in a searchable form. It has already listed 112GB of stolen data, including Social Security numbers, from 1,500 employees of a hotel and spa in Oregon.Cyware Alerts - Hacker News
June 16, 2022
2 Texas hospital networks infected by malicious code Full Text
Abstract
On April 20, the hospitals learned that malicious code had infected their networks as a result of an unauthorized party gaining access to certain systems between ??March 31 and April 24.Becker’s Health IT Review
June 16, 2022
Microsoft Under Attack by BlackCat: Exchange Servers hacked Full Text
Abstract
Microsoft stated that BlackCat RaaS affiliates are targeting Microsoft Exchange Servers by exploiting unpatched bugs. The unknown threat actor delivered BlackCat ransomware payloads via PsExec. The extent of damage is still unknown, and also there wasn’t any mention of the Exchange vulnerability us ... Read MoreCyware Alerts - Hacker News
June 15, 2022
Data Breach at US Ambulance Billing Service Comstar Exposed Patients’ Healthcare Information Full Text
Abstract
In a data breach notification issued on June 14, Comstar said it “immediately took steps to secure our network, and launched a thorough investigation, with the assistance of third-party experts, to determine the nature and scope of the incident”.The Daily Swig
June 15, 2022
Thousands of GitHub, AWS, Docker tokens exposed in Travis CI logs Full Text
Abstract
For a second time in less than a year, the Travis CI platform for software development and testing has exposed user data containing authentication tokens that could give access to developers' accounts on GitHub, Amazon Web Services, and Docker Hub.BleepingComputer
June 13, 2022
Kaiser Permanente data breach exposes health data of 69K people Full Text
Abstract
Kaiser Permanente, one of America's leading not-for-profit health plans and health care providers, has recently disclosed a data breach that exposed the health information of more than 69,000 individuals.BleepingComputer
June 13, 2022
Credentials for thousands of open source projects free for the taking Full Text
Abstract
A series of two batches of data the Aqua Security researchers accessed using the Travis CI programming interface yielded 4.28 million and 770 million logs from 2013 through May 2022.ARS Technica
June 13, 2022
Africa: Shoprite Group issues warning on ‘suspected data compromise’ Full Text
Abstract
The Shoprite Group said on Friday evening it had become aware of a suspected data compromise, including names and ID numbers, which may affect some customers who engaged in money transfers to and within Eswatini and within Namibia and Zambia.Sowetan Live
June 9, 2022
MyEasyDocs Exposed 30GB of Israeli and Indian Students PII Data Full Text
Abstract
The team of IT security researchers at vpnMentor led by Noam Rotem identified a misconfigured Microsoft Azure server that exposed the personal and educational records of tens of thousands of students from India and Israel.Hackread
June 8, 2022
China-linked threat actors have breached telcos and network service providers Full Text
Abstract
China-linked threat actors have breached telecommunications companies and network service providers to spy on the traffic and steal data. US NSA, CISA, and the FBI published a joint cybersecurity advisory to warn that China-linked threat actors have...Security Affairs
June 07, 2022
US: Chinese govt hackers breached telcos to snoop on network traffic Full Text
Abstract
Several US federal agencies today revealed that Chinese-backed threat actors have targeted and compromised major telecommunications companies and network service providers to steal credentials and harvest data.BleepingComputer
June 07, 2022
Shields Health Care Group data breach affects 2 million patients Full Text
Abstract
Shields Health Care Group (Shields) suffered a data breach that exposed the data of approximately 2,000,000 people in the United States after hackers breached their network and stole data.BleepingComputer
June 6, 2022
Personal Information of Over 30,000 Students Exposed in Unprotected Database Full Text
Abstract
The exposed information included full names, email addresses, and phone numbers, along with credit card information, transaction and purchased meals details, and login information stored in plain text.Security Week
June 4, 2022
Australian Trading Giant ACY Securities Exposed 60GB of User Data Full Text
Abstract
The data breach happened due to a misconfigured database owned by ACY Securities. The worse part of the data leak is the fact that it contained over 60GB worth of data that was left exposed without any security authentication.Hackread
June 2, 2022
Conti leaked chats confirm that the gang’s ability to conduct firmware-based attacks Full Text
Abstract
The analysis of the internal chats of the Conti ransomware group revealed the gang was working on firmware attack techniques. The analysis of Conti group's chats, which were leaked earlier this year, revealed that the ransomware gang has been...Security Affairs
June 1, 2022
Cybercriminal Scams the City of Portland for $1.4 Million by Compromising Email Account Full Text
Abstract
“Preliminary evidence indicates that an unauthorized, outside entity gained access to a City of Portland email account to conduct this illegal activity,” according to a statement by the city authorities.The Record
May 31, 2022
Australia’s National Disability Insurance Scheme Hit by Breach at Case Management System Provider Full Text
Abstract
CTARS, a Sydney-based software and analytics provider for the disability and care sectors, this week revealed an unauthorized third-party had gained access to its systems on May 15.IT News
May 30, 2022
Spirit Super Member Data Exposed After Security Breach Full Text
Abstract
The personal data that may have been comprised is akin to the information found in an annual statement. It includes items like name, addresses, ages, email addresses, telephone numbers, member account numbers and member balances.financialstandard
May 29, 2022
FBI Warns About Hackers Selling VPN Credentials for U.S. College Networks Full Text
Abstract
Network credentials and virtual private network (VPN) access for colleges and universities based in the U.S. are being advertised for sale on underground and public criminal marketplaces. "This exposure of sensitive credential and network access information, especially privileged user accounts, could lead to subsequent cyber attacks against individual users or affiliated organizations," the U.S. Federal Bureau of Investigation (FBI) said in an advisory published last week. The cyber intrusions against educational institutions involve threat actors leveraging tactics like spear-phishing and ransomware to carry out credential harvesting activities. The gathered credentials are then exfiltrated and sold on Russian cybercrime forums for prices ranging from a few to thousands of U.S. dollars. Armed with this login information, the agency pointed out, adversaries can proceed to conduct brute-force credential stuffing attacks to break into victim accounts spanning differentThe Hacker News
May 28, 2022
GitHub: Nearly 100,000 NPM Users’ credentials stolen in the April OAuth token attack Full Text
Abstract
GitHub provided additional details into the theft of its integration OAuth tokens that occurred in April, with nearly 100,000 NPM users' credentials. GitHub provided additional details about the incident that suffered in April, the attackers were...Security Affairs
May 27, 2022
GitHub: Attackers stole login details of 100K npm user accounts Full Text
Abstract
GitHub revealed today that an attacker stole the login details of roughly 100,000 npm accounts during a mid-April security breach with the help of stolen OAuth app tokens issued to Heroku and Travis-CI.BleepingComputer
May 27, 2022
Nearly 100,000 NPM Users’ Credentials Stolen in GitHub OAuth Breach Full Text
Abstract
Cloud-based repository hosting service GitHub on Friday shared additional details into the theft of GitHub integration OAuth tokens last month, noting that the attacker was able to access internal NPM data and its customer information. "Using stolen OAuth user tokens originating from two third-party integrators, Heroku and Travis CI, the attacker was able to escalate access to NPM infrastructure," Greg Ose said , adding the attacker then managed to obtain a number of files - A database backup of skimdb.npmjs.com consisting of data as of April 7, 2021, including an archive of user information from 2015 and all private NPM package manifests and package metadata. The archive contained NPM usernames, password hashes, and email addresses for roughly 100,000 users A set of CSV files encompassing an archive of all names and version numbers of published versions of all NPM private packages as of April 10, 2022, and A "small subset" of private packages from two orgaThe Hacker News
May 26, 2022
Update: Conti leaks data stolen during January attack on Oregon county Full Text
Abstract
Darrin Lane, administrative officer for Linn County, told The Record that the attack began on the morning of January 24 and that the county’s IT team immediately began shutting down systems in order to limit the damage.The Record
May 25, 2022
Washington University School of Medicine notifies patients of data breach Full Text
Abstract
According to the Washington University School of Medicine's website, the health system learned that an unauthorized person gained access to certain employee email accounts between March 4 and March 28.Becker’s Health IT Review
May 24, 2022
Popular PyPI Package ‘ctx’ and PHP Library ‘phpass’ Hijacked to Steal AWS Keys Full Text
Abstract
Two trojanized Python and PHP packages have been uncovered in what's yet another instance of a software supply chain attack targeting the open source ecosystem. One of the packages in question is "ctx," a Python module available in the PyPi repository. The other involves "phpass," a PHP package that's been forked on GitHub to distribute a rogue update. "In both cases the attacker appears to have taken over packages that have not been updated in a while," the SANS Internet Storm Center (ISC) said , one of whose volunteer incident handlers, Yee Ching, analyzed the ctx package. It's worth noting that ctx was last published to PyPi on December 19, 2014. On the other hand, phpass hasn't received an update since it was uploaded to Packagist on August 31, 2012. The malicious Python package, which was pushed to PyPi on May 21, 2022, has been removed from the repository , but the PHP library still continues to be available on GitHub. In bThe Hacker News
May 24, 2022
Hackers Breach Zola Wedding Registry Accounts and Make Fraudulent Purchases Full Text
Abstract
The popular wedding planning website Zola confirmed Monday that hackers had managed to access the accounts of a number of its users and tried to initiate fraudulent cash transfers.The Verge
May 24, 2022
Popular Python and PHP libraries hijacked to steal AWS keys Full Text
Abstract
PyPI module 'ctx' that gets downloaded over 20,000 times a week has been compromised in a software supply chain attack with malicious versions stealing the developer's environment variables. Additionally, versions of a 'phpass' fork published to the PHP/Composer package repository Packagist had been altered to steal secrets.BleepingComputer
May 23, 2022
GM credential stuffing attack exposed car owners’ personal info Full Text
Abstract
US car manufacturer GM disclosed that it was the victim of a credential stuffing attack last month that exposed customer information and allowed hackers to redeem rewards points for gift cards.BleepingComputer
May 21, 2022
Ransomware attack exposes data of 500,000 Chicago students Full Text
Abstract
The Chicago Public Schools has suffered a massive data breach that exposed the data of almost 500,000 students and 60,000 employee after their vendor, Battelle for Kids, suffered a ransomware attack in December.BleepingComputer
May 19, 2022
Microsoft Teams, Windows 11 hacked on first day of Pwn2Own Full Text
Abstract
During the first day of Pwn2Own Vancouver 2022, contestants won $800,000 after successfully exploiting 16 zero-day bugs to hack multiple products, including Microsoft's Windows 11 operating system and the Teams communication platform.BleepingComputer
May 18, 2022
National bank hit by ransomware trolls hackers with dick pics Full Text
Abstract
After suffering a ransomware attack by the Hive operation, the Bank of Zambia made it clear that they were not going to pay by posting a picture of male genitalia and telling the hackers to s… (well, you can use your imagination).BleepingComputer
May 18, 2022
Data of 22.5 Million Malaysians Born 1940-2004 Allegedly Being Sold for $10,000 Full Text
Abstract
The alleged data leak involves information purportedly stolen from the National Registration Department (NRD). Local tech portal Amanz reported that the database, 160GB in size, is being sold for US$10,000 (S$13,846) on the dark web.Straits Times
May 17, 2022
Ransomware-as-a-Service Operator AvosLocker Claims Data Theft from Another Healthcare Entity Full Text
Abstract
In its most recent assault against a healthcare entity, ransomware-as-a-service operator AvosLocker claims to be behind an attack allegedly involving data theft from Texas-based CHRISTUS Health.Gov Info Security
May 16, 2022
Update: Parker Hannifin reveals cyberattack exposed sensitive employee data Full Text
Abstract
Parker Hannifin said it began notifying potential victims, who include current and former employees, their dependents, and members of Parker’s Group Health Plans, on May 12.The Daily Swig
May 16, 2022
Engineering firm Parker discloses data breach after ransomware attack Full Text
Abstract
The Parker-Hannifin Corporation announced a data breach exposing employees' personal information after the Conti ransomware gang began publishing allegedly stolen data last month.BleepingComputer
May 14, 2022
OpRussia update: Anonymous breached other organizations Full Text
Abstract
Another week has passed and Anonymous has hacked other Russian companies and leaked their data via DDoSecrets. The #OpRussia launched by Anonymous on Russia after the criminal invasion of Ukraine continues, the collective claims to have hacked multiple...Security Affairs
May 12, 2022
Massive hacking campaign compromised thousands of WordPress websites Full Text
Abstract
Researchers uncovered a massive hacking campaign that compromised thousands of WordPress websites to redirect visitors to scam sites. Cybersecurity researchers from Sucuri uncovered a massive campaign that compromised thousands of WordPress websites...Security Affairs
May 12, 2022
Thousands of WordPress Sites Hacked to Redirect Visitors to Scam Sites Full Text
Abstract
Cybersecurity researchers have disclosed a massive campaign that's responsible for injecting malicious JavaScript code into compromised WordPress websites that redirects visitors to scam pages and other malicious websites to generate illegitimate traffic. "The websites all shared a common issue — malicious JavaScript had been injected within their website's files and the database, including legitimate core WordPress files," Krasimir Konov, a malware analyst at Sucuri, said in a report published Wednesday. This involved infecting files such as jquery.min.js and jquery-migrate.min.js with obfuscated JavaScript that's activated on every page load, allowing the attacker to redirect the website visitors to a destination of their choice. The GoDaddy-owned website security company said that the domains at the end of the redirect chain could be used to load advertisements, phishing pages, malware, or even trigger another set of redirects. In some instances, unsusThe Hacker News
May 10, 2022
Hacktivists hacked Russian TV schedules during Victory Day and displayed anti-war messages Full Text
Abstract
Hacktivists yesterday defaced the Russian TV with pro-Ukraine messages and took down the RuTube video streaming site. Hacktivists and white hat hackers continue to support Ukraine against the Russian invasion, in a recent attack, they defaced Russian...Security Affairs
May 7, 2022
OpenSea warns of Discord channel compromise Full Text
Abstract
OpenSea, the primary marketplace for buyers and sellers of non-fungible tokens (NFTs), has reported major problems with its Discord support channel owing to a “potential vulnerability” that allowed spambots to post phishing links to other users.Malwarebytes Labs
May 06, 2022
Ferrari subdomain hijacked to push fake Ferrari NFT collection Full Text
Abstract
One of Ferrari's subdomains was hijacked yesterday to host a scam promoting fake Ferrari NFT collection, according to researchers. The Ethereum wallet associated with the cryptocurrency scam appears to have collected a few hundred dollars before the hacked subdomain was shut down.BleepingComputer
May 05, 2022
Heroku Forces User Password Resets Following GitHub OAuth Token Theft Full Text
Abstract
Salesforce-owned subsidiary Heroku on Thursday acknowledged that the theft of GitHub integration OAuth tokens further involved unauthorized access to an internal customer database. The company, in an updated notification , revealed that a compromised token was abused to breach the database and "exfiltrate the hashed and salted passwords for customers' user accounts." As a consequence, Salesforce said it's resetting all Heroku user passwords and ensuring that potentially affected credentials are refreshed. It also emphasized that internal Heroku credentials were rotated and extra detections have been put in place. The attack campaign, which GitHub discovered on April 12, related to an unidentified actor leveraging stolen OAuth user tokens issued to two third-party OAuth integrators, Heroku and Travis-CI, to download data from dozens of organizations, including NPM. The timeline of events as shared by the cloud platform is as follows - April 7, 2022 - ThreatThe Hacker News
May 05, 2022
Thousands of Borrowers’ Data Exposed from ENCollect Debt Collection Service Full Text
Abstract
An ElasticSearch server instance that was left open on the Internet without a password contained sensitive financial information about loans from Indian and African financial services. The leak, which was discovered by researchers from information security company UpGuard, amounted to 5.8GB and consisted of a total of 1,686,363 records. "Those records included personal information like name, loan amount, date of birth, account number, and more," UpGuard said in a report shared with The Hacker News. "A total of 48,043 unique email addresses were in the collection, some of which were for the product administrators, corporate clients, and collection agents assigned to each case." The exposed instance, used as data storage for a debt collection platform called ENCollect, was detected on February 16, 2022. The leaky server has since been rendered non-accessible to the public as of February 28 following intervention from the Indian Computer Emergency Response TeaThe Hacker News
May 05, 2022
Heroku admits that customer credentials were stolen in cyberattack Full Text
Abstract
Heroku has now revealed that the stolen GitHub integration OAuth tokens from last month further led to the compromise of an internal customer database. The Salesforce-owned cloud platform acknowledged the same compromised token was used by attackers to exfiltrate customers' hashed and salted passwords from "a database."BleepingComputer
May 3, 2022
Data Breach at US Energy Supplier Riviera Utilities Potentially Exposed Sensitive Customer Information Full Text
Abstract
A data breach at Riviera Utilities, a utility company serving Baldwin County in Alabama, exposed the personal details of customers after employee email accounts were accessed.The Daily Swig
May 2, 2022
Attackers Steal $80 Million From Rari Capital’s Fuse Platform, Fei Protocol Suffers From Exploit Full Text
Abstract
The attack on Saturday was also confirmed by Fei Protocol’s official Twitter account. Fei Protocol also offered the attacker a $10 million bounty to return the stolen funds.Bitcoin
May 02, 2022
U.S. DoD tricked into paying $23.5 million to phishing actor Full Text
Abstract
The U.S. Department of Justice (DoJ) has announced the conviction of Sercan Oyuntur, 40, resident of California, for multiple counts relating to a phishing operation that caused $23.5 million in damages to the U.S. Department of Defense (DoD).BleepingComputer
May 1, 2022
Hackers stole +80M from DeFi platforms Rari Capital and Fei Protocol Full Text
Abstract
Threat actors exploited a bug in the Fuse protocol used by DeFi platforms Rari Capital and Fei Protocol and stole more than $80 million. Threat actors stole more than $80 million from the decentralized finance (DeFi) platforms Rari Capital and Fei Protocol...Security Affairs
April 29, 2022
Data breach at US healthcare provider ARcare impacts 345,000 individuals Full Text
Abstract
Potentially exposed data included names, social security numbers, drivers’ license or state identification numbers, dates of birth, financial account information, and medical treatment information among other confidential information.The Daily Swig
April 29, 2022
Online library app Onleihe faces issues after cyberattack on provider Full Text
Abstract
Library lending app Onleihe announced problems lending several media formats offered on the platform, like audio, video, and e-book files, after a cyberattack targeted their vendor.BleepingComputer
April 29, 2022
More Than $13 Million Stolen From DeFi Platform Deus Finance Full Text
Abstract
PeckShield said the attacker stole about $13.4 million worth of cryptocurrency but noted that the platform’s actual losses may be larger. CertiK put the losses at 5,446 ETH, or about $15.7 million.The Record
April 28, 2022
Attacker Breach ‘Dozens’ of GitHub Repos Using Stolen OAuth Tokens Full Text
Abstract
GitHub shared the timeline of breaches in April 2022, this timeline encompasses the information related to when a threat actor gained access and stole private repositories belonging to dozens of organizations.Threatpost
April 28, 2022
Medical software firm fined €1.5M for leaking data of 490k patients Full Text
Abstract
The French data protection authority (CNIL) fined medical software vendor Dedalus Biology with EUR 1.5 million for violating three articles of the GDPR (General Data Protection Regulation).BleepingComputer
April 27, 2022
Student grades stored in Greek education platform UniverSIS could be manipulated via SQLi Full Text
Abstract
A SQL injection (SQLi) vulnerability in UniverSIS, an open-source platform developed by Greek universities to manage student data, left academic grades at risk of manipulation.The Daily Swig
April 27, 2022
New Black Basta ransomware springs into action with a dozen breaches Full Text
Abstract
A new ransomware gang known as Black Basta has quickly catapulted into operation this month, claiming to have breached over twelve companies in just a few weeks.BleepingComputer
April 27, 2022
GitHub: How stolen OAuth tokens helped breach dozens of orgs Full Text
Abstract
GitHub has shared a timeline of this month's security breach when a threat actor gained access to and stole private repositories belonging to dozens of organizations.BleepingComputer
April 27, 2022
Illinois-based doctor’s group reports data breach affecting patients’ personal, financial data Full Text
Abstract
Illinois Gastroenterology Group, based in Gurnee with offices throughout the Chicago area, said they recently experienced a security breach that left their patients’ private data and financial information exposed.Lake & Mchenry County Scanner
April 26, 2022
Coca-Cola investigates hackers’ claims of breach and data theft Full Text
Abstract
Coca-Cola, the world's largest soft drinks maker, has confirmed in a statement to BleepingComputer that it is aware of the reports about a cyberattack on its network and is currently investigating the claims.BleepingComputer
April 26, 2022
France: Health data leak leads to $1.6 million fine against Dedalus Biologie Full Text
Abstract
Following a massive health data leak disclosed in the press concerning nearly 500,000 persons in February 2021, the CNIL has fined the company Dedalus Biologie ~$1.6 million mainly for failure to comply with its data security obligation.Lexology
April 26, 2022
Stormous Ransomware Group Claims to Steal 161GB of Data from Coca Cola Full Text
Abstract
Coca-Cola said it is investigating reports of a data breach after a ransomware group named Stormous claimed to have stolen internal documents from the American beverage giant.The Record
April 24, 2022
Since declaring cyber war on Russia Anonymous leaked 5.8 TB of Russian data Full Text
Abstract
OpRussia continues unabated, since declaring 'cyber war' on Russia Anonymous has now published approximately 5.8 TB of Russian data. The #OpRussia launched by Anonymous on Russia after the criminal invasion of Ukraine continues to collect successes,...Security Affairs
April 23, 2022
T-Mobile confirms Lapsus$ had access its systems Full Text
Abstract
Telecommunication giant T-Mobile confirmed the LAPSUS$ extortion group gained access to its networks in March. Telecom company T-Mobile on Friday revealed that LAPSUS$ extortion gang gained access to its networks. The popular investigator...Security Affairs
April 23, 2022
Hackers Claim to Target Russian Institutions in Barrage of Cyberattacks and Leaks Full Text
Abstract
Hackers claim to have broken into dozens of Russian institutions over the past two months, including the Kremlin’s internet censor and one of its primary intelligence services, leaking emails and internal documents to the public.New York Times
April 22, 2022
T-Mobile confirms Lapsus$ hackers breached internal systems Full Text
Abstract
T-Mobile has confirmed that the Lapsus$ extortion gang breached its network "several weeks ago" using stolen credentials and gained access to internal systems.BleepingComputer
April 20, 2022
Microsoft Exchange servers hacked to deploy Hive ransomware Full Text
Abstract
A Hive ransomware affiliate has been targeting Microsoft Exchange servers vulnerable to ProxyShell security issues to deploy various backdoors, including Cobalt Strike beacon.BleepingComputer
April 20, 2022
Anonymous hacked other Russian organizations, some of the breaches could be severe Full Text
Abstract
The Anonymous collective and affiliate groups intensify their attacks and claimed to have breached multiple organizations. Anonymous and groups linked to the famous collective continues to target Russian organizations, the hacktivist are breaching...Security Affairs
April 20, 2022
Okta: Lapsus$ breach lasted only 25 minutes, hit 2 customers Full Text
Abstract
Identity and access management firm Okta says an investigation into the January Lapsus$ breach concluded the incident's impact was significantly smaller than expected.BleepingComputer
April 19, 2022
Okta Says Security Breach by Lapsus$ Hackers Impacted Only Two of Its Customers Full Text
Abstract
Identity and access management provider Okta on Tuesday said it concluded its probe into the breach of a third-party vendor in late January 2022 by the LAPSUS$ extortionist gang. Stating that the "impact of the incident was significantly less than the maximum potential impact" the company had previously shared last month, Okta said the intrusion impacted only two customer tenants, down from 366 as was initially assumed. The security event took place on January 21 when the LAPSUS$ hacking group gained unauthorized remote access to a workstation belonging to a Sitel support engineer. But it only became public knowledge nearly two months later when the adversary posted screenshots of Okta's internal systems on their Telegram channel. In addition to accessing two active customer tenants within the SuperUser application — which is used to perform basic management functions — the hacker group is said to have viewed limited additional information in other applicatioThe Hacker News
April 19, 2022
GitHub notifies owners of private repos stolen using OAuth tokens Full Text
Abstract
GitHub says it notified all organizations believed to have had data stolen from their private repositories by attackers abusing compromised OAuth user tokens issued to Heroku and Travis-CI.BleepingComputer
April 18, 2022
GitHub Notifies Victims Whose Private Data Was Accessed Using OAuth Tokens Full Text
Abstract
GitHub on Monday noted that it had notified all victims of an attack campaign, which involved an unauthorized party downloading private repository contents by taking advantage of third-party OAuth user tokens maintained by Heroku and Travis CI. "Customers should also continue to monitor Heroku and Travis CI for updates on their own investigations into the affected OAuth applications," the company said in an updated post. The incident originally came to light on April 12 when GitHub uncovered signs that a malicious actor had leveraged the stolen OAuth user tokens issued to Heroku and Travis-CI to download data from dozens of organizations, including NPM. The Microsoft-owned platform also said that it will alert customers promptly should the ongoing investigation identify additional victims. Additionally, it cautioned that the adversary may also be digging into the repositories for secrets that could be used in other attacks. Heroku, which has pulled support for GitHuThe Hacker News
April 18, 2022
Beanstalk DeFi platform loses $182 million in flash-loan attack Full Text
Abstract
The decentralized, credit-based finance system Beanstalk disclosed on Sunday that it suffered a security breach that resulted in financial losses of $182 million, the attacker stealing $80 million in crypto assets.BleepingComputer
April 18, 2022
Hackers steal $655K after picking MetaMask seed from iCloud backup Full Text
Abstract
MetaMask has published a warning for their iOS users about the seeds of cryptocurrency wallets being stored in Apple's iCloud if app data backup is active.BleepingComputer
April 18, 2022
Beanstalk DeFi platform loses $182 million in flash-load attack Full Text
Abstract
The decentralized, credit-based finance system Beanstalk disclosed on Sunday that it suffered a security breach that resulted in financial losses of $182 million, the attacker stealing $80 million in crypto assets.BleepingComputer
April 18, 2022
Lakeview Loan Servicing Suffered Data Breach Affecting 2.5 Million Users Full Text
Abstract
The company, which claims it is the nation’s fourth-largest servicer, said in public notices the breach impacted 2,537,261 borrowers between October 27, 2021, and December 7, 2021, and was identified in early December.National Mortgage News
April 16, 2022
Newman Regional Health notifies 52,224 patients after long-running breach of employee email accounts Full Text
Abstract
Newman Regional Health (NRH) is notifying more than 52,000 patients after an investigation revealed unauthorized access to a limited number of their employee e-mail accounts.Data Breaches
April 15, 2022
GitHub Says Hackers Breached Dozens of Organizations Using Stolen OAuth Access Tokens Full Text
Abstract
Cloud-based repository hosting service GitHub on Friday revealed that it discovered evidence of an unnamed adversary capitalizing on stolen OAuth user tokens to unauthorizedly download private data from several organizations. "An attacker abused stolen OAuth user tokens issued to two third-party OAuth integrators, Heroku and Travis-CI, to download data from dozens of organizations, including NPM," GitHub's Mike Hanley disclosed in a report. OAuth access tokens are often used by apps and services to authorize access to specific parts of a user's data and communicate with each other without having to share the actual credentials. It's one of the most common methods used to pass authorization from a single sign-on ( SSO ) service to another application. As of April 15, 2022, the list of affected OAuth applications is as follows - Heroku Dashboard (ID: 145909) Heroku Dashboard (ID: 628778) Heroku Dashboard – Preview (ID: 313468) Heroku Dashboard – ClassiThe Hacker News
April 15, 2022
GitHub: Attacker breached dozens of orgs using stolen OAuth tokens Full Text
Abstract
GitHub revealed today that an attacker is using stolen OAuth user tokens (issued to Heroku and Travis-CI) to download data from private repositories.BleepingComputer
April 14, 2022
Hetzner lost customer data and gave 20€ as compensation Full Text
Abstract
Hetzner Online GmbH, a German cloud services provider, told some customers this week that their data had been irreversibly lost and were provided a 20€ compensation in online credit.BleepingComputer
April 13, 2022
CitySprint Discloses Security Breach Impacting Personal Data of Delivery Drivers Full Text
Abstract
An email was sent on April 7th to thousands of drivers confirming that a security breach had occurred. CitySprint, which was recently acquired by parcel delivery giant DPD Group, uses self-employed drivers to deliver packages across the UK.Graham Cluley
April 11, 2022
Over 16,500 Sites Hacked to Distribute Malware via Web Redirect Service Full Text
Abstract
A new traffic direction system (TDS) called Parrot has been spotted leveraging tens of thousands of compromised websites to launch further malicious campaigns. "The TDS has infected various web servers hosting more than 16,500 websites, ranging from adult content sites, personal websites, university sites, and local government sites," Avast researchers Pavel Novák and Jan Rubín said in a report published last week. Traffic direction systems are used by threat actors to determine whether or not a target is of interest and should be redirected to a malicious domain under their control and act as a gateway to compromise their systems with malware. Earlier this January, the BlackBerry Research and Intelligence Team detailed another TDS called Prometheus that has been put to use in different campaigns mounted by cybercriminal groups to distribute Campo Loader, Hancitor, IcedID, QBot, Buer Loader, and SocGholish malware. What makes Parrot TDS stand out is its huge reach,The Hacker News
April 11, 2022
Anonymous hacked Russia’s Ministry of Culture and leaked 446 GB Full Text
Abstract
The Anonymous collective has hacked Russia's Ministry of Culture and leaked 446 GB of data through the DDoSecrets platform. Data leak service DDoSecrets has published over 700 GB of data allegedly stolen from the Russian government, including over...Security Affairs
April 11, 2022
SuperCare Health discloses a data breach that Impacted +300K people Full Text
Abstract
SuperCare Health, a leading respiratory care provider in the Western U.S, disclosed a data breach that impacted more than 300,000 individuals. SuperCare Health disclosed a security breach that has led to the exposure of personal information belonging...Security Affairs
April 11, 2022
Over 300,000 People Impacted by Data Breach at SuperCare Health Full Text
Abstract
In a data security notice posted on its website, SuperCare Health said the intrusion was discovered on July 27, 2021, when it noticed unauthorized activity on some systems.Security Week
April 08, 2022
Snap-on discloses data breach claimed by Conti ransomware gang Full Text
Abstract
American automotive tools manufacturer Snap-on announced a data breach exposing associate and franchisee data after the Conti ransomware gang began leaking the company's data in March.BleepingComputer
April 07, 2022
Into the Breach: Breaking Down 3 SaaS App Cyber Attacks in 2022 Full Text
Abstract
During the last week of March, three major tech companies - Microsoft, Okta, and HubSpot - reported significant data breaches. DEV-0537, also known as LAPSUS$, performed the first two. This highly sophisticated group utilizes state-of-the-art attack vectors to great success. Meanwhile, the group behind the HubSpot breach was not disclosed. This blog will review the three breaches based on publicly disclosed information and suggest best practices to minimize the risk of such attacks succeeding against your organization. HubSpot - Employee Access On March 21, 2022, HubSpot reported the breach which happened on March 18. Malicious actors compromised a HubSpot employee account that the employee used for customer support. This allowed malicious actors the ability to access and export contact data using the employee's access to several HubSpot accounts. With little information regarding this breach, defending against an attack is challenging, but a key configuration within HubSpoThe Hacker News
April 6, 2022
Texas Department of Insurance Exposed Data of 1.8 Million People Full Text
Abstract
The exposed information includes names, addresses, phone numbers, dates of births, and partial or full social security numbers, as well as information about injuries and worker compensation claims.Security Week
April 6, 2022
Block discloses data breach involving Cash App potentially impacting 8.2 million US customers Full Text
Abstract
Block disclosed a data breach related to the Cash App investing app and is notifying 8.2 million current and former US customers. The data breach involved a former employee that downloaded some unspecified reports of its Cash App Investing app that...Security Affairs
April 05, 2022
Cash App notifies 8.2 million US customers about data breach Full Text
Abstract
Cash App is notifying 8.2 million current and former US customers of a data breach after a former employee accessed their account information.BleepingComputer
April 5, 2022
MailChimp breached, intruders conducted phishing attacks against crypto customers Full Text
Abstract
Threat actors gained access to internal tools of the email marketing giant MailChimp to conduct phishing attacks against crypto customers. During the weekend, multiple owners of Trezor hardware cryptocurrency wallets reported having received...Security Affairs
April 05, 2022
Hackers Breach Mailchimp Email Marketing Firm to Launch Crypto Phishing Scams Full Text
Abstract
Email marketing service Mailchimp on Monday revealed a data breach that resulted in the compromise of an internal tool to gain unauthorized access to customer accounts and stage phishing attacks. The development was first reported by Bleeping Computer. The company, which was acquired by financial software firm Intuit in September 2021, told the publication that it became aware of the incident on March 26 when it became aware of a malicious party accessing the customer support tool. "The incident was propagated by an external actor who conducted a successful social engineering attack on Mailchimp employees, resulting in employee credentials being compromised," Siobhan Smyth, Mailchimp's chief information security officer, was quoted as saying. Although Mailchimp stated it acted quickly to terminate access to the breached employee account, the siphoned credentials were used to access 319 MailChimp accounts and further export the mailing lists pertaining to 102 accThe Hacker News
April 04, 2022
Hackers breach MailChimp’s internal tools to target crypto customers Full Text
Abstract
Email marketing firm MailChimp disclosed on Sunday that they had been hit by hackers who gained access to internal customer support and account management tools to steal audience data and conduct phishing attacks.BleepingComputer
April 4, 2022
Cyberattack on Iberdrola Compromises Data of Millions of Customers in Spain Full Text
Abstract
Spain’s energy giant Iberdrola has revealed that it suffered a cyberattack on March 15 which has affected 1.3 million customers, although the company has reassured that the hackers were unable to access “sensitive” information such as bank details.spanishnewstoday
April 3, 2022
Documents reveal financial fallout of Salt Lake City IT security breach Full Text
Abstract
That document, obtained by the KSL Investigators through a public records request, states more than 150 databases and all public safety software systems were reviewed for potential compromises but, "none have been found."KSL
April 2, 2022
Anonymous leaked 15 GB of data allegedly stolen from the Russian Orthodox Church Full Text
Abstract
Anonymous claims to have hacked the Russian Orthodox Church 's charitable wing and leaked 15 GB of alleged stolen data. Anonymous continues to target Russian government entities and private businesses, this week the group claimed to have hacked the private...Security Affairs
April 2, 2022
Ola Finance Says Attackers Stole $4.7M in ‘Re-Entrancy’ Exploit Full Text
Abstract
Decentralized lending platform Ola Finance was exploited for over $4.67 million in a “re-entrancy” cyberattack, according to a post-mortem report released by the developers.Yahoo! Finance
April 2, 2022
Ukraine intelligence leaks names of 620 alleged Russian FSB agents Full Text
Abstract
The Ukrainian Defense Ministry’s Directorate of Intelligence leaked personal data belonging to 620 alleged Russian FSB agents. The Ukrainian Defense Ministry’s Directorate of Intelligence has leaked the alleged personal data of 620 Russian FSB officers....Security Affairs
April 01, 2022
Sitel on Okta breach: “spreadsheet” did not contain passwords Full Text
Abstract
Okta's outsourced provider of support services, Sitel (Sykes) has shared more information this week in response to the leaked documents that detailed the various incident response tasks carried out by Sitel after the Lapsus$ hack.BleepingComputer
March 31, 2022
Lazarus Trojanized DeFi app for delivering malware Full Text
Abstract
The malware operator exclusively used compromised web servers located in South Korea for this attack. The threat actor configured this infrastructure with servers set up as multiple stages.Securelist
March 31, 2022
Viasat confirms satellite modems were wiped with AcidRain malware Full Text
Abstract
A newly discovered data wiper malware that wipes routers and modems has been deployed in the cyberattack that targeted the KA-SAT satellite broadband service to wipe SATCOM modems on February 24, affecting thousands in Ukraine and tens of thousands more across Europe.BleepingComputer
March 31, 2022
Palo Alto Networks error exposed customer support cases, attachments Full Text
Abstract
EXCLUSIVE: A bug in the support dashboard of Palo Alto Networks (PAN) exposed thousands of customer support tickets to an unauthorized individual, BleepingComputer has learned. The exposed information included, customer names, contact information, conversations between staff and customers, firewall logs and configuration dumps.BleepingComputer
March 30, 2022
Apple, Meta turned over user data to hackers using forged requests: report Full Text
Abstract
Apple and Facebook parent company Meta turned over user data last year to hackers pretending to be law enforcement officials, Bloomberg reported, citing three people familiar with the matter.The Hill
March 30, 2022
Globant confirms hack after Lapsus$ leaks 70GB of stolen data Full Text
Abstract
IT and software consultancy firm Globant has confirmed that they were breached by the Lapsus$ data extortion group, where data consisting of administrator credentials and source code was leaked by the threat actors.BleepingComputer
March 30, 2022
More than $600M in cryptocurrency stolen in video game hack Full Text
Abstract
Hackers exploited a cryptocurrency exchange network in a virtual game called Axie Infinity to steal more than $600 million from the system.The Hill
March 30, 2022
French National Health Insurance Fund Suffers Massive Data Leak Full Text
Abstract
Data stolen from affected members of the French health insurance body included names, surnames, date of birth, social security numbers, GP details, and levels of reimbursement.Connexion France
March 30, 2022
Data Breach at Japanese Candy Maker Morinaga Affects Customers on its Online Store Full Text
Abstract
Japanese confectionary manufacturer Morinaga has warned that a suspected data breach of its online store may have exposed the personal information of more than 1.6 million customers.The Daily Swig
March 30, 2022
LAPSUS$ Claims to Have Breached IT Firm Globant; Leaks 70GB of Data Full Text
Abstract
The LAPSUS$ data extortion gang announced their return on Telegram after a week-long "vacation," leaking what they claim is data from software services company Globant. "We are officially back from a vacation," the group wrote on their Telegram channel – which has nearly around 54,000 members as of writing – posting images of extracted data and credentials belonging to the company's DevOps infrastructure. The screenshots depict a folder listing for what appears to be different companies from across the world, including Arcserve, Banco Galicia, BNP Paribas Cardif, Citibanamex, DHL, Facebook, Stifel, among others. Also shared is a torrent file purported to contain around 70GB of Globant's source code as well as administrator passwords associated with the firm's Atlassian suite, including Confluence and Jira, and the Crucible code review tool. As malware research group VX-Underground points out, the passwords are not only easily guessable, but theThe Hacker News
March 30, 2022
Anonymous Hacks 2 Russian Industrial Firms, Leaks 112GB of Data for Ukraine Full Text
Abstract
The online hacktivist group Anonymous has claimed responsibility for targeting two Russian companies, MashOil and FID Group, stealing a trove of their data and leaking it online for the public to download.Hackread
March 29, 2022
$620 million in crypto stolen from Axie Infinity’s Ronin bridge Full Text
Abstract
A hacker has stolen almost $620 million in Ethereum and USDC tokens from Axie Infinity's Ronin network bridge, making it possibly the largest crypto hack in history.BleepingComputer
March 29, 2022
Shutterfly discloses data breach after Conti ransomware attack Full Text
Abstract
Online retail and photography manufacturing platform Shutterfly has disclosed a data breach that exposed employee information after threat actors stole data during a Conti ransomware attack.BleepingComputer
March 28, 2022
Anonymous is working on a huge data dump that will blow Russia away Full Text
Abstract
The Anonymous collective hacked the Russian construction company Rostproekt and announced that a leak that will Blow Russia Away. Anonymous continues its offensive against Russia, the collective announced the hack of the Russian construction company...Security Affairs
March 27, 2022
Okta: “We made a mistake” delaying the Lapsus$ hack disclosure Full Text
Abstract
Okta has admitted that it made a mistake delaying the disclosure of hack from the Lapsus$ data extortion group that took place in January. Additionally, the company has provided a detailed timeline of the incident and its investigation activities.BleepingComputer
March 26, 2022
Okta says 366 clients had data ‘acted upon’ in Lapsus$ hack Full Text
Abstract
As many as 366 Okta customers might have had their data ‘acted upon’ following the LapsusUS$ cyberattack against the identity security giant’s customer support subcontractor.CRN
March 25, 2022
Anonymous leaked 28GB of data stolen from the Central Bank of Russia Full Text
Abstract
Anonymous announced that the affiliate group Black Rabbit World has leaked 28 GB of data stolen from the Central Bank of Russia This week the Anonymous hacker collective claims to have hacked the Central Bank of Russia and stole accessed 35,000 documents. The...Security Affairs
March 24, 2022
HubSpot Data Breach Ripples Through Crytocurrency Industry Full Text
Abstract
~30 crypto companies were affected, including BlockFi, Swan Bitcoin and NYDIG, providing an uncomfortable reminder about how much data CRM systems snarf up.Threatpost
March 24, 2022
Morgan Stanley client accounts breached in social engineering attacks Full Text
Abstract
Morgan Stanley Wealth Management, the wealth and asset management division of Morgan Stanley, says some of its customers had their accounts compromised following vishing attacks.BleepingComputer
March 24, 2022
Lapsus$ Infiltrates High Profile Victims Through Employee Accounts Full Text
Abstract
The Lapsus$ group, also tracked as DEV-0537, deploys the RedLine password stealer to get access to session tokens and passwords. It buys session tokens and credentials from underground forums. These credentials are used to access VPN, RDP, and VDI systems.Cyware Alerts - Hacker News
March 23, 2022
Sensitive health data of 50 million Americans hacked or breached last year: analysis Full Text
Abstract
The health data of almost 50 million Americans was breached last year, according to a Politico analysis of data from the Department of Health and Human Services.The Hill
March 22, 2022
Microsoft and Okta Confirm Breach by LAPSUS$ Extortion Group Full Text
Abstract
Microsoft on Tuesday confirmed that the LAPSUS$ extortion-focused hacking crew had gained "limited access" to its systems, as authentication services provider Okta revealed that nearly 2.5% of its customers have been potentially impacted in the wake of the breach. "No customer code or data was involved in the observed activities," Microsoft's Threat Intelligence Center (MSTIC) said, adding that the breach was facilitated by means of a single compromised account that has since been remediated to prevent further malicious activity. The Windows maker, which was already tracking the group under the moniker DEV-0537 prior to the public disclosure, said it "does not rely on the secrecy of code as a security measure and viewing source code does not lead to elevation of risk." "This public disclosure escalated our action allowing our team to intervene and interrupt the actor mid-operation, limiting broader impact," the company's securityThe Hacker News
March 22, 2022
Okta confirms 2.5% customers impacted by hack in January Full Text
Abstract
Okta, a major provider of access management systems, says that 2.5%, or approximately 375 customers, were impacted by a cyberattack claimed by the Lapsus$ data extortion group.BleepingComputer
March 22, 2022
LAPSUS$ Hackers Claim to Have Breached Microsoft and Authentication Firm Okta Full Text
Abstract
Microsoft and authentication services provider Okta said they are investigating claims of a potential breach alleged by the LAPSUS$ extortionist gang. The development, which was first reported by Vice and Reuters , comes after the cyber criminal group posted screenshots and source code of what it said were the companies' internal projects and systems on its Telegram channel. The leaked 37GB archive shows that the group may have accessed the repositories related to Microsoft's Bing, Bing Maps, and Cortana, with the images highlighting Okta's Atlassian suite and in-house Slack channels. "For a service that powers authentication systems to many of the largest corporations (and FEDRAMP approved) I think these security measures are pretty poor," the hacking cartel wrote on Telegram. On top of this, the group alleged that it breached LG Electronics (LGE) for the "second time" in a year. Bill Demirkapi, an independent security researcher, noted thThe Hacker News
March 22, 2022
Anonymous hacked Nestlè and leaked 10 GB of sensitive Full Text
Abstract
The popular Anonymous hacktivist collective announced to have hacked Nestlè and leaked 10 GB of sensitive data because the food and beverage giant continued to operate in Russia. The popular Anonymous hacktivist collective recently declared war on all companies...Security Affairs
March 22, 2022
Software firm investigates digital breach Full Text
Abstract
Okta, a software company based in San Francisco, said it is investigating a possible digital breach after hackers posted screenshots of internal information, according to Reuters.The Hill
March 22, 2022
Okta confirms support engineer’s laptop was hacked in January Full Text
Abstract
Okta, a major provider of access management systems, has completed its investigation into a breach incident claimed by the Lapsus$ data extortion group.BleepingComputer
March 22, 2022
Lapsus$ extortion gang leaked the source code for some Microsoft projects Full Text
Abstract
The Lapsus$ extortion group claims to have hacked Microsoft 's internal Azure DevOps server and leaked the source code for some projects. Microsoft recently announced that is investigating claims that the Lapsus$ cybercrime gang breached...Security Affairs
March 22, 2022
Okta investigating claims of customer data breach from Lapsus$ group Full Text
Abstract
Okta, a leading provider of authentication services and Identity and access management (IAM) solutions says it is investigating claims of data breach.BleepingComputer
March 22, 2022
Lapsus$ hackers leak 37GB of Microsoft’s alleged source code Full Text
Abstract
The Lapsus$ hacking group claims to have leaked the source code for Bing, Cortana, and other projects stolen from Microsoft's internal Azure DevOps server.BleepingComputer
March 21, 2022
Hacker leaked a new version of Conti ransomware source code on Twitter Full Text
Abstract
A Ukrainian security researcher has leaked more source code from the Conti ransomware operation to protest the gang's position on the conflict. Hacker leaked a new version of the Conti ransomware source code on Twitter as retaliation of the gang's...Security Affairs
March 21, 2022
Microsoft investigating claims of hacked source code repositories Full Text
Abstract
Microsoft says they are investigating claims that the Lapsus$ data extortion hacking group breached their internal Azure DevOps source code repositories and stolen data.BleepingComputer
March 21, 2022
Iranian hackers leak Mossad chief’s personal information Full Text
Abstract
Iranian hackers on Wednesday published a video on an anonymous Telegram channel featuring personal photos and documents allegedly obtained from a phone used by the wife of Mossad Director David Barnea.JNS
March 21, 2022
HubSpot Hack Leads to Data Breaches at BlockFi, Swan Bitcoin, NYDIG and Circle Full Text
Abstract
While user information was leaked to hackers, the companies say that passwords and other internal information was not affected. As Hubspot is an external tool, hackers did not gain access to internal systems.Yahoo! Finance
March 20, 2022
More Conti ransomware source code leaked on Twitter out of revenge Full Text
Abstract
A Ukrainian security researcher has leaked newer malware source code from the Conti ransomware operation in revenge for the cybercriminals siding with Russia on the invasion of Ukraine.BleepingComputer
March 20, 2022
Anonymous leaked data stolen from Russian pipeline company Transneft Full Text
Abstract
Anonymous hacked Omega Company, the in-house R&D unit of Transneft, the Russian oil pipeline giant, and leaked stolen data. Anonymous collective claims it has hacked Omega Company, which is the in-house R&D unit of Transneft, the Russia-based...Security Affairs
March 19, 2022
NRA Confirms It Got Pwned by Cybercriminals Full Text
Abstract
A ransomware gang calling itself “Grief” bragged to the digital underworld last October about compromising the gun lobby’s servers and stealing sensitive internal documents.Gizmodo
March 19, 2022
Russian pipeline company Transneft hit by data leak Full Text
Abstract
The data leak came to notice after the leak hosting website Distributed Denial of Secrets published a link to 79GB of emails from the Omega Company, the research and development division of Transneft.The Verge
March 19, 2022
1 Million Texans Potentially Impacted By Dental Care Data Breach Full Text
Abstract
Jefferson Dental and Orthodontics, which has 72 offices across Texas, reported to the Texas Attorney General’s Office a data breach affecting more than a million residents of Texas.CBS Local
March 18, 2022
South Africa credit bureau breached, data reportedly held for $15M ransom Full Text
Abstract
The country’s arm of TransUnion confirmed that “a criminal third party obtained access to a TransUnion South Africa server through misuse of an authorized client’s credentials.” The company said the ransom demand “will not be paid.”CyberScoop
March 18, 2022
Hackers claim to breach TransUnion South Africa with ‘Password’ password Full Text
Abstract
TransUnion South Africa has disclosed that hackers breached one of their servers using stolen credentials and demanded a extortion demand not to release stolen data.BleepingComputer
March 16, 2022
Hacker breaches key Russian ministry in blink of an eye Full Text
Abstract
In mere seconds, a hacker remotely accessed a computer belonging to a regional Russian Ministry of Health, taking advantage of sloppy cybersecurity practices to expose its entire network. Original post at https://cybernews.com/cyber-war/hacker-breaches-key-russian-ministry-in-blink-of-an-eye/ Spielerkid89,...Security Affairs
March 16, 2022
Hundreds of GoDaddy-hosted sites backdoored in a single day Full Text
Abstract
Internet security analysts have spotted a spike in backdoor infections on WordPress websites hosted on GoDaddy's Managed WordPress service, all featuring an identical backdoor payload.BleepingComputer
March 15, 2022
Update: Thousands of Secret Keys Found in Leaked Samsung Source Code Full Text
Abstract
An analysis of the recently leaked Samsung source code revealed that thousands of secret keys have been exposed, including many that could be highly useful to malicious actors.Security Week
March 14, 2022
Gaming Company Ubisoft Confirms It was Hacked, Resets Staff Passwords Full Text
Abstract
French video game company Ubisoft on Friday confirmed it was a victim of a "cyber security incident," causing temporary disruptions to its games, systems, and services. The Montreuil-headquartered firm said that an investigation into the breach was underway and that it has initiated a company-wide password reset as a precautionary measure. "Also, we can confirm that all our games and services are functioning normally and that at this time there is no evidence any player personal information was accessed or exposed as a by-product of this incident," the company said in a statement. The news of the hack comes amid a string of high-profile attacks targeting NVIDIA , Samsung , Mercado Libre , and Vodafone in recent weeks. While the extortionist gang LAPSUS$ claimed responsibility for these attacks, it's not immediately clear if the group is behind the Ubisoft breach as well. Technology news site The Verge, which first reported the development, said thThe Hacker News
March 14, 2022
South Denver Cardiology Associates Discloses Unauthorized Access to its Databases Full Text
Abstract
SDCA admitted that an unnamed attacker broke into its systems and had access to confidential databases for three days between January 2, 2022, and January 5, 2022, before the breach was detected and thwarted.The Daily Swig
March 14, 2022
Ubisoft reveals ‘security incident’ forcing company-wide password refresh Full Text
Abstract
The gaming giant, headquartered in Montreuil, France, said on March 10 that the incident took place earlier this month, causing "temporary disruption to some of our games, systems, and services."ZDNet
March 13, 2022
LockBit ransomware group claims to have hacked Bridgestone Americas Full Text
Abstract
LockBit ransomware gang claimed to have hacked Bridgestone Americas, one of the largest manufacturers of tires. LockBit ransomware gang claimed to have compromised the network of Bridgestone Americas, one of the largest manufacturers of tires, and stolen...Security Affairs
March 12, 2022
Ubisoft confirms ‘cyber security incident’, resets staff passwords Full Text
Abstract
Video game developer Ubisoft has confirmed that it suffered a 'cyber security incident' that caused disruption to some of its services. Data extortion group LAPSUS$, who has claimed responsibility for hacking Samsung, NVIDIA, and Mercado Libre thus far, also appears to be behind Ubisoft incident.BleepingComputer
March 12, 2022
287,652 South Denver Cardiology Associates patients notified of breach Full Text
Abstract
In a notice on their website, the South Denver Cardiology Associates noted that there was no impact to the contents of patient medical records and no unauthorized access to the patient portal.Data Breaches
March 11, 2022
Wightlink Reports Potential Data Breach After Suffering Highly Sophisticated Cyberattack Full Text
Abstract
In a statement obtained by The Daily Swig, Wightlink said: “Unfortunately, despite Wightlink taking appropriate security measures, some of its back-office IT systems were affected by a cyber-attack last month.The Daily Swig
March 11, 2022
Vodafone investigates claims of a data breach made by Lapsus$ gang Full Text
Abstract
Vodafone is investigating a recently suffered cyberattack, after a ransomware gang Lapsus$ claimed to have stolen its source code. Vodafone announced to have launched an investigation after the Lapsus$ cybercrime group claimed to have stolen its source...Security Affairs
March 10, 2022
Multi-Ransomwared Victims Have It Coming–Podcast Full Text
Abstract
Let’s blame the victim. IT decision makers’ confidence about security doesn’t jibe with their concession that repeated incidents are their own fault, says ExtraHop’s Jamie Moles.Threatpost
March 10, 2022
SEC wants public companies to report breaches within four days Full Text
Abstract
The US Securities and Exchange Commission (SEC) has proposed rule amendments to require publicly traded companies to report data breaches and other cybersecurity incidents within four days after they're determined as being a material incident (one that shareholders would likely consider important).BleepingComputer
March 10, 2022
Notorious Hacker Group Claims to Steal 200 GB of Source Code from Vodafone Full Text
Abstract
The notorious hacker group, calling itself “Lapsus$,” claims to have obtained roughly 200 Gb of source code files, allegedly representing approximately 5,000 GitHub repositories.Security Week
March 9, 2022
Samsung data breach: Lapsus$ gang stole Galaxy devices’ source code Full Text
Abstract
Samsung confirmed that threat actors had access to the source code of its Galaxy smartphones in recent security breach. Samsung this week disclosed a data breach, threat actors had access to internal company data, including the source code of Galaxy...Security Affairs
March 08, 2022
Samsung Confirms Data Breach After Hackers Leak Galaxy Source Code Full Text
Abstract
Samsung on Monday confirmed a security breach that resulted in the exposure of internal company data, including the source code related to its Galaxy smartphones. "According to our initial analysis, the breach involves some source code relating to the operation of Galaxy devices, but does not include the personal information of our consumers or employees," the electronics giant told Bloomberg. The South Korean chaebol also confirmed that it doesn't anticipate any impact to its business or its customers as a result of the incident and that it has implemented new security measures to prevent such breaches in the future. The confirmation comes after the LAPSUS$ hacking group dumped 190GB of Samsung data on its Telegram channel towards the end of last week, allegedly exposing the source code for trusted applets installed within TrustZone , algorithms for biometric authentication, bootloaders for recent devices, and even confidential data from its chip supplier QualcomThe Hacker News
March 8, 2022
Update: Samsung confirms Galaxy source code breach but says no customer information was stolen Full Text
Abstract
Samsung has now confirmed in a statement, without naming the hacking group, that there was a security breach, but it asserted that no personal information of customers was compromised.ZDNet
March 8, 2022
Ragnar Locker ransomware group breached at least 52 organizations across 10 critical infrastructure sectors Full Text
Abstract
The US FBI warns that the Ragnar Locker ransomware gang has breached the networks of at least 52 organizations from multiple US critical infrastructure sectors. The US Federal Bureau of Investigation (FBI) and CISA published a flash alert to warn...Security Affairs
March 08, 2022
E-commerce giant Mercado Libre confirms source code data breach Full Text
Abstract
E-commerce giant Mercado Libre has confirmed "unauthorized access" to a part of its source code this week. Mercado additionally says data of around 300,000 of its users was accessed by threat actors.BleepingComputer
March 7, 2022
Samsung Confirms Lapsus$ Ransomware Hit, Source Code Leak Full Text
Abstract
The move comes just a week after GPU-maker NVIDIA was hit by Lapsus$ and every employee credential was leaked.Threatpost
March 7, 2022
NVIDIA’s Stolen Code-Signing Certs Used to Sign Malware Full Text
Abstract
NVIDIA certificates are being used to sign malware, enabling malicious programs to pose as legitimate and slide past security safeguards on Windows machines.Threatpost
March 07, 2022
FBI: Ransomware gang breached 52 US critical infrastructure orgs Full Text
Abstract
The US Federal Bureau of Investigation (FBI) says the Ragnar Locker ransomware group has breached the networks of at least 52 organizations from multiple US critical infrastructure sectors.BleepingComputer
March 7, 2022
Japanese beauty retailer Acro blames third-party hack for breach of 100k payment cards Full Text
Abstract
In a data breach notice, Acro revealed that customers of two of its beauty product websites were impacted as the result of the exploitation of a vulnerability in a third-party payment processing vendor.The Daily Swig
March 07, 2022
Samsung confirms hackers stole Galaxy devices source code Full Text
Abstract
Samsung Electronics confirmed on Monday that its network was breached and the hackers stole confidential information, including source code present in Galaxy smartphones.BleepingComputer
March 06, 2022
Adafruit discloses data leak from ex-employee’s GitHub repo Full Text
Abstract
Adafruit has disclosed a data leak that occurred due to a publicly-viewable GitHub repository. The company suspects this could have allowed "unauthorized access" to information about certain users on or before 2019.BleepingComputer
March 5, 2022
Lapsus$ gang leaks data allegedly stolen from Samsung Electronics Full Text
Abstract
The Lapsus$ ransomware group claimed to have hacked Samsung Electronics and leaked alleged stolen confidential data. The Lapsus$ ransomware gang claims to have stolen a huge trove of sensitive data from Samsung Electronics and leaked 190GB of alleged...Security Affairs
March 5, 2022
Anonymous #OpRussia Thousands of sites hacked, data leaks and more Full Text
Abstract
Anonymous and its affiliates continue to target Russia and Belarus, it is also targeting the Russian disinformation machine. Anonymous announced to have hacked more than 2,500 websites linked to the Russian and Belarusian governments, state-owned...Security Affairs
March 04, 2022
Hackers leak 190GB of alleged Samsung data, source code Full Text
Abstract
The Lapsus$ data extortion group leaked today a huge collection of confidential data they claim to be from Samsung Electronics, the South Korean giant consumer electronics company.BleepingComputer
March 03, 2022
NY OAG warns T-Mobile data breach victims of identity theft risks Full Text
Abstract
The New York State Office of the Attorney General (NY OAG) warned victims of the August 2021 T-Mobile data breach that they faced identity theft risks after some of the stolen information ended up for sale on the dark web.BleepingComputer
March 3, 2022
West Virginia-based Mon Health Discloses Data Breach Impacting Patients, Employees, and Partners Full Text
Abstract
The healthcare services provider discovered the incident on December 18, when some of its IT systems were disrupted, but learned of the potential data theft only a couple of weeks later.Security Week
March 03, 2022
NVIDIA data breach exposed credentials of over 71,000 employees Full Text
Abstract
More than 71,000 employee credentials were stolen and leaked online following a data breach suffered by US chipmaker giant Nvidia last month.BleepingComputer
March 03, 2022
Hackers Who Broke Into NVIDIA’s Network Leak DLSS Source Code Online Full Text
Abstract
American chipmaking company NVIDIA on Tuesday confirmed that its network was breached as a result of a cyber attack, enabling the perpetrators to gain access to sensitive data, including source code purportedly associated with its Deep Learning Super Sampling (DLSS) technology. "We have no evidence of ransomware being deployed on the NVIDIA environment or that this is related to the Russia-Ukraine conflict," the company said in a security notice. "However, we are aware that the threat actor took employee passwords and some NVIDIA proprietary information from our systems and has begun leaking it online." The incident is said to have come to light on February 23, with the company noting that it's taken steps to analyze the leaked information and that it's enforcing all of its employees to change their passwords with immediate effect. The confirmation comes days after The Telegraph last week reported that the company is investigating a potential cyberThe Hacker News
March 2, 2022
Update: NVIDIA discloses data breach after the recent ransomware attack Full Text
Abstract
The chipmaker company launched an investigation into the incident to determine the extent of the intrusion that confirmed that the attackers have stolen data from the chipmaker.Security Affairs
March 2, 2022
Ukrainian researcher leaked the source code of Conti Ransomware Full Text
Abstract
A Ukrainian researcher leaked the source for the Conti ransomware and components for the control panels. Recently a Ukrainian researcher leaked 60,694 messages internal chat messages belonging to the Conti ransomware operation after...Security Affairs
March 1, 2022
Chrome Skype extension with nine million installs found to be leaking user info Full Text
Abstract
Security researcher Wladimir Palant discovered a “trivial” bug in the Skype-for-Chrome extension that allowed websites to ascertain information about user accounts that should typically be off-limits.The Daily Swig
March 01, 2022
Conti Ransomware Gang’s Internal Chats Leaked Online After Siding With Russia Full Text
Abstract
Days after the Conti ransomware group broadcasted a pro-Russian message pledging its allegiance to Vladimir Putin's ongoing invasion of Ukraine, a disgruntled member of the cartel has leaked the syndicate's internal chats. The file dump, published by malware research group VX-Underground , is said to contain 13 months of chat logs between affiliates and administrators of the Russia-affiliated ransomware group from January 2021 to February 2022, in a move that's expected to offer unprecedented insight into the gang's workings. "Glory to Ukraine," the leaker said in their message. The leaked conversations show that Conti used fake front companies to attempt to schedule product demos with security firms like CarbonBlack and Sophos to obtain code signing certificates, with the operators working in scrum sprints to complete the software development tasks. Additionally, the messages confirm the shutdown of the TrickBot botnet last week as well as highThe Hacker News
March 01, 2022
NVIDIA confirms data was stolen in recent cyberattack Full Text
Abstract
Chipmaker giant Nvidia confirms that its network was breached in a cyberattack last week, giving intruders access to proprietary information data and employee login data.BleepingComputer
February 28, 2022
Anonymous hit Russian Nuclear Institute and leak stolen data Full Text
Abstract
Anonymous and other hacker groups that responded to the call to war against Russia continue to launch cyberattacks on gov organizations and businesses. Anonymous and numerous hacker groups linked to the popular collective continue to launch cyber...Security Affairs
February 27, 2022
Conti ransomware’s internal chats leaked after siding with Russia Full Text
Abstract
An angry member of the Conti ransomware operation has leaked over 60,000 private messages after the gang sided with Russia over the invasion of Ukraine.BleepingComputer
February 27, 2022
Anonymous breached the internal network of Belarusian railways Full Text
Abstract
The Anonymous hacker collective claims to have breached the Belarusian Railway's data-processing network. The Anonymous collective announced that the internal network of Belarusian railways has been compromised, the group claims to have blocked all services...Security Affairs
February 27, 2022
Nvidia Breach Seen as Ransomware Attack Unconnected to Ukraine Full Text
Abstract
A cyber breach suffered by Nvidia Corp. in recent days appears to have been a ransomware attack that’s not connected to the crisis in Ukraine, according to a person familiar with the incident.Hindustan Times
February 25, 2022
Data Breach Impacts DNA Data of Sexual Assault Victims Reported to Oklahoma City Police Department Full Text
Abstract
The laboratory processed the DNA evidence from rape victims, known as ‘rape kits’, for the Oklahoma City Police Department (OKCPD), amongst other clients, over a two-year period.The Daily Swig
February 22, 2022
Cyberattackers Cook Up Employee Personal Data Heist for Meyer Full Text
Abstract
The Conti gang breached the cookware giant’s network, prepping thousands of employees’ personal data for consumption by cybercrooks.Threatpost
February 18, 2022
Warning: Popular e-cigarette store hacked to steal credit cards Full Text
Abstract
BleepingComputer has confirmed Element Vape, a prominent online seller of e-cigarettes and vaping kits is serving a credit card skimmer on its live site, likely after getting hacked. Element Vape has a presence across the U.S. and Canada and sells products in both retail outlets and on their online store.BleepingComputer
February 17, 2022
Hackers slip into Microsoft Teams chats to distribute malware Full Text
Abstract
Security researchers warn that some attackers are compromising Microsoft Teams accounts to slip into chats and spread malicious executables to participants in the conversation.BleepingComputer
February 16, 2022
Russia-linked threat actors breached US cleared defense contractors (CDCs) Full Text
Abstract
Russia-linked threat actors have breached the network of U.S. cleared defense contractors (CDCs) since at least January 2020. According to a joint alert published by the FBI, NSA, and CISA, Russia-linked threat actors conducted a cyber espionage campaign...Security Affairs
February 16, 2022
US says Russian state hackers breached defense contractors Full Text
Abstract
Russian-backed hackers have been targeting and compromising U.S. cleared defense contractors (CDCs) since at least January 2020 to gain access to and steal sensitive info that gives insight into U.S. defense and intelligence programs and capabilities.BleepingComputer
February 16, 2022
Red Cross: State hackers breached our network using Zoho bug Full Text
Abstract
The International Committee of the Red Cross (ICRC) said today that the hack disclosed last month against its servers was a targeted attack likely coordinated by a state-backed hacking group.BleepingComputer
February 15, 2022
Internet Society Discloses Third-party Data Leak Exposed 80,000 Members’ Login Credentials Full Text
Abstract
The Internet Society (ISOC), a non-profit dedicated to keeping the internet open and secure, has blamed the inadvertent exposure of its 80,000-plus members’ personal data on a third-party vendor.The Daily Swig
February 14, 2022
BlackByte ransomware breached at least 3 US critical infrastructure organizations Full Text
Abstract
The US Federal Bureau of Investigation (FBI) said that the BlackByte ransomware gang has breached at least three organizations from US critical infrastructure sectors. The US Federal Bureau of Investigation (FBI) published a joint cybersecurity...Security Affairs
February 14, 2022
More Than 500,000 Addresses Leaked from NSW Government Database Full Text
Abstract
The hundreds of thousands of locations were collected by the NSW Customer Services Department through its QR code registration system and made public through a government website.9News
February 14, 2022
Data of 1.2 Million Guests of Harbour Plaza Hotels in Hong Kong Impacted by Cyberattack Full Text
Abstract
Hong Kong's privacy watchdog said on Friday that it had received reports from the firm two days ago about a cybersecurity incident involving several databases for room reservations.South China Morning Post
February 12, 2022
Croatian phone carrier A1 Hrvatska discloses data breach Full Text
Abstract
Croatian phone carrier A1 Hrvatska has disclosed a data breach that has impacted roughly 200,000 customers. Croatian phone carrier A1 Hrvatska has disclosed a data breach that has impacted 10% of its customers, roughly 200,000 people. Threat actors...Security Affairs
February 11, 2022
Croatian phone carrier data breach impacts 200,000 clients Full Text
Abstract
Croatian phone carrier 'A1 Hrvatska' has disclosed a data breach exposing the personal information of 10% of its customers, roughly 200,000 people.BleepingComputer
February 11, 2022
Vice Society Ransomware Gang Leaks Stolen Customer Files from Optionis Group Full Text
Abstract
What appears to be stolen data belonging to customers of accounting conglomerate Optionis Group has surfaced on the dark web weeks after the firm confirmed intruders had broken into its systems.The Register
February 10, 2022
Charity Site for Ottawa Truckers’ ‘Freedom Convoy’ Protest Exposes Donors’ Passports and Driver Licenses Full Text
Abstract
The donation site used by truckers in Ottawa who are currently protesting against national vaccine mandates has fixed a security lapse that exposed the passports and driver licenses of donors.TechCrunch
February 10, 2022
Georgia Voter Information Leaked Online After EasyVote Solutions Security Breach Full Text
Abstract
Public information about voters was posted to an online forum, but the breach didn’t involve Social Security numbers or driver’s license numbers, said Charles Davis, CFO for EasyVote.Government Technology
February 10, 2022
Information for over 6,000 Memorial Hermann patients accessed in security breach Full Text
Abstract
One of its contracted vendors, Advent Health Partners, announced a cybersecurity issue Tuesday. According to the health system, the protected health information of 6,260 patients has been breached.KHOU
February 8, 2022
Data of +6K Puma employees stolen in December Kronos Ransomware attack Full Text
Abstract
Data belonging to 6,632 Puma employees was stolen in a December 2021 ransomware attack that hit Ultimate Kronos Group (UKG). Data of 6,632 Puma employees was stolen in a ransomware attack that hit HR management platform Ultimate Kronos Group (UKG)...Security Affairs
February 07, 2022
DPD Group parcel tracking flaw may have exposed customer data Full Text
Abstract
An unauthenticated API call vulnerability in DPD Group's package tracking system could have been exploited to access the personally identifiable details of its clients.BleepingComputer
February 07, 2022
Hackers Backdoored Systems at China’s National Games Just Before Competition Full Text
Abstract
Systems hosting content pertaining to the National Games of China were successfully breached last year by an unnamed Chinese-language-speaking hacking group. Cybersecurity firm Avast, which dissected the intrusion, said that the attackers gained access to a web server 12 days prior to the start of the event on September 3 to drop multiple reverse web shells for remote access and achieve permanent foothold in the network. The National Games of China , a multi-sport event held every four years, took place in the Shaanxi Province between September 15 and 27, 2021. The Czech company said it was unable to determine the nature of the information stolen by the hackers, adding it has "reason to believe [the attackers] are either native Chinese-language speakers or show high fluency in Chinese." The breach is said to have been resolved ahead of the start of the games. The initial access was facilitated by exploiting a vulnerability in the webserver. But before dropping the weThe Hacker News
February 07, 2022
Puma hit by data breach after Kronos ransomware attack Full Text
Abstract
Sportswear manufacturer Puma was hit by a data breach following the ransomware attack that hit Kronos, one of its North American workforce management service providers, in December 2021.BleepingComputer
February 7, 2022
Hackers breached a server of National Games of China days before the event Full Text
Abstract
An unnamed Chinese-language-speaking hacking group compromised systems at National Games of China in 2021. Researchers at cybersecurity firm Avast discovered that a Chinese-language-speaking threat actor has compromised systems at National Games of China...Security Affairs
February 7, 2022
$4.4 Million Stolen in Attack on Meter Network and Moonriver Network Full Text
Abstract
Blockchain research company PeckShield confirmed that 1391 ETH and 2.74 BTC were stolen during the incident. The Meter network, as well as the Moonriver network, were affected by the hack.ZDNet
February 05, 2022
Washington state agency says data of hundreds of thousands of professionals may have been breached Full Text
Abstract
The Washington State Department of Licensing (DOL) announced Friday that it had detected irregular activity on one of its online systems last month and that the personal data of professional licensees may have been breached.The Hill
February 04, 2022
Argo CD vulnerability leaks sensitive info from Kubernetes apps Full Text
Abstract
A vulnerability in Argo CD, used by thousands of orgs for deploying applications to Kubernetes, can be leveraged in attacks to disclose sensitive information such as passwords and API keys.BleepingComputer
February 1, 2022
British Council exposed 144,000 files containing student details Full Text
Abstract
Personal information belonging to British Council students was exposed online via an unsecured repository. The British Council is a British organisation specialising in international cultural and educational opportunities. It operates in over 100 countries:...Security Affairs
February 01, 2022
British Council exposed more than 100,000 files with student records Full Text
Abstract
More than 100,000 files with student records belonging to British Council were found exposed online. An unsecured Microsoft Azure blob found on the internet by cybersecurity firm revealed student IDs, names, usernames and email addresses, and other personal information.BleepingComputer
January 31, 2022
Unsecured AWS Server Exposed 3TB of Airport Employee Records from Colombia and Peru Full Text
Abstract
The server contained 3TB ata dating back to 2018, including airport employee records. While the team was not able to examine every record in the database, four airports were named in exposed files:ZDNet
January 31, 2022
Vulnerability in PostBus public transport platform exposed customer data Full Text
Abstract
ZTF researchers say the penetration test revealed the compromise of confidential, centrally stored data through “an obvious deficiency”, an insecure direct object reference (IDOR) vulnerability.The Daily Swig
January 28, 2022
Finnish diplomats’ devices infected with Pegasus spyware Full Text
Abstract
Finland Ministry for Foreign Affairs revealed that devices of Finnish diplomats have been infected with NSO Group's Pegasus spyware. Finland's Ministry for Foreign Affairs revealed that the devices of some Finnish diplomats have been compromised with...Security Affairs
January 27, 2022
Puerto Rico’s Senate, Internet Provider, Phone System, and Website Impacted by Cyberattack Full Text
Abstract
Puerto Rico’s Senate announced that it was the target of a cyberattack that disabled its internet provider, phone system, and online page, the latest in a string of similar incidents in recent years.Security Week
January 25, 2022
Segway e-store compromised in a Magecart attack to steal credit cards Full Text
Abstract
Segway e-store suffered a Magecart attack that potentially allowed threat actors to steal credit cards and customer info. The online store of Segway was compromised as a result of a Magecart attack, threat actors planted a malicious script to steal...Security Affairs
January 25, 2022
California public office admits COVID-19 healthcare data breach Full Text
Abstract
The County of Kings, in mid-California, announced that the security flaw in its public web server made limited information on Covid-19 cases available to anyone on the internet.The Daily Swig
January 25, 2022
Segway store hacked to steal customers’ credit cards Full Text
Abstract
Segway's online store was compromised to include a malicious Magecart script that potentially allowed threat actors to steal credit cards and customer information during checkout.BleepingComputer
January 24, 2022
Hackers say they encrypted Belarusian Railway servers in protest Full Text
Abstract
A group of hackers (known as Belarusian Cyber-Partisans) claim they breached and encrypted servers belonging to the Belarusian Railway, Belarus's national state-owned railway company.BleepingComputer
January 23, 2022
OpenSubtitles data breach impacted 7 million subscribers Full Text
Abstract
OpenSubtitles has suffered a data breach, the maintainers confirmed that the incident impacted 7 Million subscribers. OpenSubtitles is a popular subtitles websites, it suffered a data breach that affected 6,783,158 subscribers. Exposed data include...Security Affairs
January 20, 2022
Crypto.com hack impacted 483 accounts and resulted in a $34 million theft Full Text
Abstract
Crypto.com confirmed that a cyber attack compromised around 400 of its customer accounts leading in the theft of $33 million. Crypto.com is a cryptocurrency exchange app based in Singapore, the app currently has 10 million users and 3,000...Security Affairs
January 20, 2022
Indonesia’s central bank confirms ransomware attack, Conti leaks data Full Text
Abstract
Bank Indonesia (BI), the central bank of the Republic of Indonesia, has confirmed today that a ransomware attack hit its networks last month.BleepingComputer
January 20, 2022
Biden warns of US ‘cyber’ response after Ukraine says computers wiped during attack Full Text
Abstract
Biden's comments come after Ukrainian officials told journalist Kim Zetter that dozens of systems within at least two government agencies were wiped during a cyberattack last week.ZDNet
January 20, 2022
Crypto.com confirms 483 accounts hacked, $34 million withdrawn Full Text
Abstract
Crypto.com has confirmed that a multi-million dollar cyberattack led to the compromise of 483 of its customer accounts. Although, the company's CEO stresses that customer funds are not at risk. Crypto.com is reportedly the world's third-largest cryptocurrency trading platform.BleepingComputer
January 19, 2022
Red Cross cyberattack exposes data of 515,000 people seeking missing family Full Text
Abstract
A cyberattack on a Red Cross contactor has led to the theft of personal data for more than 515,000 people in 'Restoring Family Links,' a program that helps reunite families separated by war, disaster, and migration.BleepingComputer
January 19, 2022
New Zealand: Kings Plant Barn the latest retailer hit by FlexBooker click-and-collect data breach Full Text
Abstract
Kings Plant Barn has contacted customers about a security breach to FlexBooker, the internet-based system it uses to organize bookings. Names, email addresses, and collection times were exposed.NZ Herald
January 19, 2022
Marketing giant RRD confirms data theft in Conti ransomware attack Full Text
Abstract
RR Donnelly has confirmed that threat actors stole data in a December cyberattack, confirmed by BleepingComputer to be a Conti ransomware attack.BleepingComputer
January 19, 2022
Accellion Reaches $8.1 Million Settlement Over FTA Data Breach Full Text
Abstract
The cyberattack was attributed to the financially-motivated advanced persistent threat (APT) actor FIN11. Operating out of Russia, FIN11 is believed to be a TA505 spin-off.Security Week
January 18, 2022
Fashion giant Moncler confirms data breach after ransomware attack Full Text
Abstract
Italian luxury fashion giant Moncler confirmed that they suffered a data breach after files were stolen by the AlphV/BlackCat ransomware operation in December and published today on the dark web.BleepingComputer
January 18, 2022
Aditya Birla Fashion confirms data breach, but says no sensitive info was compromised Full Text
Abstract
The company addressed the data breach on its portal and sought to assure its customers that no sensitive information was compromised. On Monday, it was reported that the company's database was hacked.CNBC TV18
January 16, 2022
Ukraine government agencies’ computer systems infected with malware, Microsoft says Full Text
Abstract
Microsoft announced on Saturday that dozens of computer systems linked to the Ukrainian government, agencies and organizations had been infected with malware.The Hill
January 14, 2022
Threat actors defaced Ukrainian government websites Full Text
Abstract
Threat actors defaced multiple Ukrainian government websites after talks between Ukrainian, US, and Russian officials hit a dead this week. Threat actors have defaced multiple websites of the Ukrainian government on the night between January 13 and January...Security Affairs
January 14, 2022
Goodwill discloses data breach on its ShopGoodwill platform Full Text
Abstract
American nonprofit Goodwill has disclosed a data breach that affected the accounts of customers using its ShopGoodwill.com e-commerce auction platform.BleepingComputer
January 14, 2022
North Korean Hackers Stole Millions from Cryptocurrency Startups Worldwide Full Text
Abstract
Operators associated with the Lazarus sub-group BlueNoroff have been linked to a series of cyberattacks targeting small and medium-sized companies worldwide with an aim to drain their cryptocurrency funds, in what's yet another financially motivated operation mounted by the prolific North Korean state-sponsored actor. Russian cybersecurity company Kaspersky, which is tracking the intrusions under the name " SnatchCrypto ," noted that the campaign has been running since at 2017, adding the attacks are aimed at startups in the FinTech sector located in China, Hong Kong, India, Poland, Russia, Singapore, Slovenia, the Czech Republic, the U.A.E., the U.S., Ukraine, and Vietnam. "The attackers have been subtly abusing the trust of the employees working at targeted companies by sending them a full-featured Windows backdoor with surveillance functions, disguised as a contract or another business file," the researchers said . "In order to eventually empty the vThe Hacker News
January 12, 2022
Hackers take over diplomat’s email, target Russian deputy minister Full Text
Abstract
Hackers believed to work for the North Korean government have compromised the email account of a staff member of Russia's Ministry of Foreign Affairs (MID) and deployed spear-phishing attacks against the country's diplomats in other regions.BleepingComputer
January 11, 2022
Medical Review Institute of America Discloses Data Breach Affecting 134,000 People Full Text
Abstract
The incident was discovered on November 9, 2021. A couple of days later, MRIoA discovered that personal information was compromised in the attack and, by November 16, it had managed to retrieve it.Security Week
January 11, 2022
Philippines: Comelec servers hacked; Downloaded data may include information that could affect 2022 elections Full Text
Abstract
Sensitive voter details may have been compromised after a group of hackers was allegedly able to breach the servers of Comelec, stealing over 60GB of data possibly affecting the May 2022 elections.Manila Bulletin News
January 10, 2022
Several EA Sports FIFA 22 players have been hacked Full Text
Abstract
Several EA Sports FIFA 22 players claim to have been hacked, they say to have lost access to their personal EA and email accounts. A growing number of EA Sports FIFA 22 players reported that their EA accounts were hacked, including famous streamers...Security Affairs
January 10, 2022
City of Grass Valley Suffers Data Breach Impacting Employee and Citizen Information Full Text
Abstract
More details concerning an extensive data breach at the City of Grass Valley, California, revealed that the data of employees, citizens, and others was copied and transferred to another network.The Daily Swig
January 10, 2022
Patient Data from Bangkok’s Siriraj Hospital Sold on Online Forum Full Text
Abstract
About 39 million patient records from Siriraj Hospital have been offered for sale on an internet database-sharing forum in what appears to be the latest hack of Thailand's public health sector.Bangkok Post
January 09, 2022
Dev corrupts NPM libs ‘colors’ and ‘faker’ breaking thousands of apps Full Text
Abstract
Users of popular open-source libraries 'colors' and 'faker' were left stunned after they saw their applications, using these libraries, printing gibberish data and breaking. Some surmised if the NPM libraries had been compromised, but it turns out there's more to the story.BleepingComputer
January 7, 2022
3.7M FlexBooker Records Dumped on Hacker Forum Full Text
Abstract
Attackers are trading millions of records from a trio of pre-holiday breaches on an online forum.Threatpost
January 7, 2022
Singapore: Personal details of OG department store customers leaked in data breach Full Text
Abstract
In a statement to OG members, the department store said it was notified on Tuesday about the data breach, which affected members who are in either the basic or gold tiers.Straits Times
January 06, 2022
FlexBooker discloses data breach, over 3.7 million accounts impacted Full Text
Abstract
Accounts of more than three million users of the U.S.-based FlexBooker appointment scheduling service have been stolen in an attack before the holidays and are now being traded on hacker forums.BleepingComputer
January 06, 2022
US online pharmacy Ravkoo links data breach to AWS portal incident Full Text
Abstract
Ravkoo, a US Internet-based pharmacy service, has disclosed a data breach after the company's AWS hosted cloud prescription portal was involved in a security incident that may have led to personal and health information being accessed.BleepingComputer
January 6, 2022
Chemicals Company Element Solutions Discloses Cybersecurity Incident Full Text
Abstract
The company said it had detected an intrusion on some of its IT systems and it “promptly took action to contain it and implement business continuity and data recovery protocols.”Security Week
January 5, 2022
Broward Breach Highlights Healthcare Supply-Chain Problems Full Text
Abstract
More than 1.3 million patient records were stolen in the just-disclosed breach, which occurred back in October.Threatpost
January 5, 2022
1.1M Compromised Accounts Found at 17 Major Companies Full Text
Abstract
The accounts fell victim to credential-stuffing attacks, according to the New York State AG.Threatpost
January 4, 2022
UScellular discloses the second data breach in a year Full Text
Abstract
UScellular, one of the largest wireless carriers in the US, has disclosed a data breach after the hack suffered in December 2021. UScellular has disclosed a data breach after the attack that compromised the company's billing system in December 2021....Security Affairs
January 4, 2022
Saltzer Health Informs Patients of Personal Information Exposure Full Text
Abstract
Medical data affected by the breach includes diagnosis, medical history, treatment details, prescription medication information, and physician information, along with health insurance information.Security Week
January 04, 2022
UScellular discloses data breach after billing system hack Full Text
Abstract
UScellular, self-described as the fourth-largest wireless carrier in the US, has disclosed a data breach after the company's billing system was hacked in December 2021.BleepingComputer
January 4, 2022
Hospitality Chain McMenamins discloses data breach after ransomware attack Full Text
Abstract
Hospitality chain McMenamins disclosed a data breach after a recent ransomware attack. Hospitality chain McMenamins discloses a data breach after a ransomware attack that took place on December 12. McMenamins is a family-owned chain of brewpubs, breweries, music...Security Affairs
January 04, 2022
Have I Been Pwned warns of DatPiff data breach impacting millions Full Text
Abstract
The cracked passwords for almost 7.5 million DatPiff members are being sold online, and users can check if they are part of the data breach through the Have I Been Pwned notification service.BleepingComputer
January 4, 2022
Broward Health suffered a data breach that impacted +1.3 million people Full Text
Abstract
The Broward Health public health system disclosed a massive data breach that has impacted more than 1.3 million individuals. The Broward Health public health system has suffered a data breach that impacted 1,357,879 individuals. Broward Health,...Security Affairs
January 03, 2022
Broward Health discloses data breach affecting 1.3 million people Full Text
Abstract
Florida's Broward Health healthcare system has disclosed a large-scale data breach incident impacting 1,357,879 individuals.BleepingComputer
January 3, 2022
SEGA Europe left AWS S3 bucket unsecured exposing data and infrastructure to attack Full Text
Abstract
SEGA Europe inadvertently left users' personal information publicly accessible on Amazon Web Services (AWS) S3 bucket. SEGA Europe inadvertently left users' personal information publicly accessible on Amazon Web Services (AWS) S3 bucket. At...Security Affairs
January 3, 2022
Israeli Media Outlets Hacked on Soleimani Killing Anniversary Full Text
Abstract
The website of the Jerusalem Post and Twitter account of Maariv were taken over with a picture of a fist firing a shell out of a ring with a red stone on a finger toward an exploded dome.Security Week
January 01, 2022
Popular Q&A app Curious Cat loses domain, posts bizarre tweets Full Text
Abstract
Popular social networking and anonymous Q&A app, Curious Cat has lost control of its domain. Soon after the platform announced losing control of their domain, a series of bizarre events and support responses have confused the app users who are now unable to trust Curious Cat.BleepingComputer
January 1, 2022
PulseTV discloses potential credit card breach Full Text
Abstract
U.S. online store PulseTV disclosed a potential credit card data breach, more than 200,000 customers have been impacted. U.S. online store PulseTV has disclosed a credit card data breach that has impacted more than 200,000 customers. According...Security Affairs
December 31, 2021
Confusing data breach in Rhode Island leads to AG investigation Full Text
Abstract
Earlier this week, the ACLU of Rhode Island asked RIPTA to explain why the personal information of people with no connection to the agency was included in the data breach.ZDNet
December 31, 2021
PulseTV discloses potential compromise of 200,000 credit cards Full Text
Abstract
PulseTV (pulsetv.com), an American e-store that uses TV as a medium to reach customers, has disclosed a large-scale customer credit card compromise.BleepingComputer
December 31, 2021
The Have I Been Pwned service now includes 441K accounts stolen by RedLine malware Full Text
Abstract
The Have I Been Pwned data breach notification service now includes credentials for 441K accounts that were stolen by RedLine malware. The Have I Been Pwned data breach notification service now allows victims of the RedLine malware to check if their...Security Affairs
December 31, 2021
Top 10 healthcare breaches in the U.S. exposed data of 19 million Full Text
Abstract
The healthcare sector has been the target of hundreds of cyberattacks this year. A tally of public data breach reports so far shows that tens of millions of healthcare records have been exposed to unauthorized parties.BleepingComputer
December 30, 2021
Have I Been Pwned adds 441K accounts stolen by RedLine malware Full Text
Abstract
The Have I Been Pwned data breach notification service now lets you check if your email and password are one of 441,000 accounts stolen in an information-stealing campaign using RedLine malware.BleepingComputer
December 30, 2021
University loses 77TB of research data due to backup error Full Text
Abstract
The Kyoto University in Japan has lost about 77TB of research data due to an error in the backup system of its Hewlett-Packard supercomputer.BleepingComputer
December 29, 2021
T-Mobile suffered a new data breach Full Text
Abstract
T-Mobile discloses a new data breach that impacted a "very small number of customers" who were victim of SIM swap attacks. T-Mobile has suffered another security breach, threat actors gained access to the accounts of “a small number of” customers.’...Security Affairs
December 29, 2021
Another T-Mobile cyberattack reportedly exposed customer info and SIMs Full Text
Abstract
According to the report, customers either fell victim to a SIM swapping attack (which could allow someone to bypass SMS-based 2FA), had personal plan information exposed, or both.The Verge
December 29, 2021
T-Mobile says new data breach caused by SIM swap attacks Full Text
Abstract
T-Mobile confirmed that recent reports of a new data breach are linked to notifications sent to a "very small number of customers" that they fell victim to SIM swap attacks.BleepingComputer
December 28, 2021
US Logistics Company Exposes Data of Fortune 500 Clients via Unsecured Storage Bucket Full Text
Abstract
An Amazon S3 bucket owned by D.W. Morgan was misconfigured, exposing more than 2.5 million files equating to over 100GB of data. These files relate to D.W. Morgan’s clients and their shipments.Website Planet
December 28, 2021
LastPass users warned their master passwords are compromised Full Text
Abstract
Many LastPass users report that their master passwords have been compromised after receiving email warnings that someone tried to use them to log into their accounts from unknown locations.BleepingComputer
December 28, 2021
Logistics giant D.W. Morgan exposed 100 GB worth of clients’ data, including Fortune 500 Clients Full Text
Abstract
The Website Planet security team discovered a data breach suffered by the multinational logistics giant D.W. Morgan. The Website Planet security team discovered an Amazon S3 bucket owned by logistics giant D.W. Morgan that was left unsecured...Security Affairs
December 23, 2021
Pro Wrestling Tees discloses data breach after credit cards stolen Full Text
Abstract
Popular wrestling t-shirt site Pro Wrestling Tees has disclosed a data breach incident that has resulted in the compromise of the financial details of tens of thousands of its customers.BleepingComputer
December 22, 2021
4-Year-Old Bug in Azure App Service Exposed Hundreds of Source Code Repositories Full Text
Abstract
A security flaw has been unearthed in Microsoft's Azure App Service that resulted in the exposure of source code of customer applications written in Java, Node, PHP, Python, and Ruby for at least four years since September 2017. The vulnerability, codenamed " NotLegit ," was reported to the tech giant by Wiz researchers on October 7, 2021, following which mitigations have been undertaken to fix the information disclosure bug in November. Microsoft said a "limited subset of customers" are at risk, adding "Customers who deployed code to App Service Linux via Local Git after files were already created in the application were the only impacted customers." The Azure App Service (aka Azure Web Apps) is a cloud computing-based platform for building and hosting web applications. It allows users to deploy source code and artifacts to the service using a local Git repository, or via repositories hosted on GitHub and Bitbucket. The insecure default beThe Hacker News
December 22, 2021
Ubisoft discloses unauthorized access to ‘Just Dance’ user data Full Text
Abstract
Video game company Ubisoft confirmed a security breach that resulted in unauthorized access to 'Just Dance' user data. Ubisoft discloses a data breach that resulted in unauthorized access to 'Just Dance' user data. The security breach was caused...Security Affairs
December 22, 2021
Microsoft Azure App Service flaw exposed customer source code Full Text
Abstract
A security flaw found in Azure App Service, a Microsoft-managed platform for building and hosting web apps, led to the exposure of PHP, Node, Python, Ruby, or Java customer source code for at least four years, since 2017.BleepingComputer
December 22, 2021
NVIDIA discloses applications impacted by Log4j vulnerability Full Text
Abstract
NVIDIA has released a security advisory detailing what products are affected by the Log4Shell vulnerability that is currently exploited in a wide range of attacks worldwide.BleepingComputer
December 21, 2021
Ubisoft Discloses Data Breach Involving Customer Information from Just Dance Video Game Full Text
Abstract
Ubisoft has announced a data breach after unknown actors targeted its popular video game franchise, Just Dance. The firm confirmed that customer information may have been accessed during the incident.The Daily Swig
December 21, 2021
800K WordPress sites still impacted by critical SEO plugin flaw Full Text
Abstract
Two critical and high severity security vulnerabilities in the highly popular "All in One" SEO WordPress plugin exposed over 3 million websites to takeover attacks.BleepingComputer
December 20, 2021
Clop Ransomware Operators Release Stolen Confidential Information Belonging to British Police Full Text
Abstract
The breach took place in October, Clop ransomware operators gained access to data managed by Dacoll, including that of the PNC, holding the personal information and records of 13 million people.Security Affairs
December 18, 2021
1.8 Million customers of four sports gear sites impacted by credit cards breach Full Text
Abstract
A cyber attack hit four affiliated online sports gear sites and resulted in the theft of credit cards for 1,813,224 customers. Threat actors have stolen credit cards belonging to 1,813,224 customers of four affiliated online sports gear sites. Below...Security Affairs
December 17, 2021
Credit card info of 1.8 million people stolen from sports gear sites Full Text
Abstract
Four affiliated online sports gear sites have disclosed a cyberattack where threat actors stole credit cards for 1,813,224 customers.BleepingComputer
December 17, 2021
Desjardins data breach: Class action lawsuit agreement reaches $201 million Full Text
Abstract
A class-action lawsuit against Canadian financial services firm Desjardins has provisionally settled for $156 million after a 2019 data breach exposed the personal information of 10 million customers.The Daily Swig
December 16, 2021
Gumtree classifieds site leaked personal info via the F12 key Full Text
Abstract
British classifieds site Gumtree.com suffered a data leak after a security researcher revealed that he could access sensitive personally identifiable data of advertisers simply by pressing F12 on the keyboard.BleepingComputer
December 16, 2021
After theft of $77.7 million, victim AscendEX to reimburse customers Full Text
Abstract
In a series of Tweets, the company said it is in the process of "standing up a new hot wallet infrastructure" and estimated that deposits and withdrawals would resume over the next two days.ZDNet
December 13, 2021
Malicious PyPI Code Packages Rack Up Thousands of Downloads Full Text
Abstract
The Python code repository was infiltrated by malware bent on data exfiltration from developer apps and more.Threatpost
December 10, 2021
Volvo Cars suffers a data breach. Is it a ransomware attack? Full Text
Abstract
Swedish automotive manufacturer Volvo Cars revealed that has suffered a cyberattack that resulted in the theft of R&D data. Swedish automotive manufacturer Volvo Cars revealed that threat actors have stolen R&D data from its systems. In...Security Affairs
December 10, 2021
Volvo Cars discloses security breach leading to R&D data theft Full Text
Abstract
Swedish carmaker Volvo Cars has disclosed that unknown attackers have stolen research and development information after hacking some of its servers.BleepingComputer
December 10, 2021
Data breach impacts 80,000 South Australian govt employees Full Text
Abstract
The South Australian government has admitted that the personal details of tens of thousands of its employees were compromised following a cyber-attack on an external payroll software provider.BleepingComputer
December 09, 2021
Cox discloses data breach after hacker impersonates support agent Full Text
Abstract
Cox Communications has disclosed a data breach after a hacker impersonated a support agent to gain access to customers' personal information.BleepingComputer
December 09, 2021
Fujitsu pins Japanese govt data breach on stolen ProjectWEB accounts Full Text
Abstract
Fujitsu says the attackers behind the May data breach used a vulnerability in the company's ProjectWEB information-sharing tool to steal accounts from legitimate users and access proprietary data belonging to multiple Japanese government agencies.BleepingComputer
December 9, 2021
Microsoft Vancouver leaking website credentials via overlooked DS_STORE file Full Text
Abstract
CyberNews researchers discovered a Desktop Services Store (DS_STORE) file left on a publicly accessible web server that belongs to Microsoft Vancouver. Original post @ https://cybernews.com/security/microsoft-vancouver-leaking-website-credentials-via-overlooked-ds-store-file/ The...Security Affairs
December 7, 2021
LINE Pay Exposed Japanese, Taiwanese, and Thai Users’ Payment Data on GitHub Full Text
Abstract
Smartphone payment provider LINE Pay announced yesterday that around 133,000 users' payment details were mistakenly published on GitHub between September and November of this year.The Register
December 06, 2021
Over $150 million stolen by hackers from cryptocurrency exchange BitMart Full Text
Abstract
Hackers stole at least $150 million from cryptocurrency exchange BitMart as part of what the company described Monday as a “large-scale security breach.”The Hill
December 03, 2021
State Department employee phones hacked through NSO Group spyware: report Full Text
Abstract
The phones of at least nine State Department employees were recently hacked through the use of spyware from Israeli company NSO Group, a report published Friday found.The Hill
December 03, 2021
US State Dept employees’ phones hacked using NSO spyware Full Text
Abstract
Apple has warned US Department of State employees that their iPhones have been hacked by unknown attackers using an iOS exploit dubbed ForcedEntry to deploy Pegasus spyware developed by Israeli surveillance firm NSO Group.BleepingComputer
December 2, 2021
Planned Parenthood Breach Opens Patients to Follow-On Attacks Full Text
Abstract
Cyberattackers made off with addresses, insurance information, dates of birth, and most worryingly, clinical information, such as diagnosis, procedures, and/or prescription information.Threatpost
December 01, 2021
Planned Parenthood LA discloses data breach after ransomware attack Full Text
Abstract
Planned Parenthood Los Angeles has disclosed a data breach after suffering a ransomware attack in October that exposed the personal information of approximately 400,000 patients.BleepingComputer
December 01, 2021
Data on thousands of Planned Parenthood Los Angeles patients breached Full Text
Abstract
Planned Parenthood Los Angeles (PPLA) announced Wednesday that it had been the target of a “cybersecurity incident” that compromised patient information.The Hill
November 30, 2021
Panasonic’s Data Breach Leaves Open Questions Full Text
Abstract
Cyberattackers had unfettered access to the technology giant’s file server for four months.Threatpost
November 30, 2021
2.1 Million People Affected by Breach at DNA Diagnostics Center Full Text
Abstract
The attackers accessed an archived database containing personal information collected between 2004 and 2012 for a national genetic testing organization system that was acquired by the firm in 2012.Security Week
November 30, 2021
Panasonic Suffers Data Breach After Hackers Hack Into Its Network Full Text
Abstract
Japanese consumer electronics giant Panasonic has disclosed a security breach wherein an unauthorized third-party broke into its network and potentially accessed data from one of its file servers. "As the result of an internal investigation, it was determined that some data on a file server had been accessed during the intrusion," the company said in a short statement published on November 26. Panasonic didn't reveal the exact nature of the data that was accessed, but TechCrunch reported that the breach began on June 22 and ended on November 3. The Osaka-based company said that immediately upon discovering the intrusion on November 11, it took steps to report the incident to the relevant authorities and that it implemented security countermeasures, including preventing external access to the network. Panasonic also noted it's currently working with an independent "specialist" organization to probe the extent of the leak and determine if the accessThe Hacker News
November 30, 2021
DNA testing firm discloses data breach affecting 2.1 million people Full Text
Abstract
DNA Diagnostics Center (DDC), an Ohio-based DNA testing company, has disclosed a hacking incident that affects 2,102,436 persons.BleepingComputer
November 29, 2021
Compromised Cloud Accounts Lead to Cryptomining Full Text
Abstract
Google’s Threat Horizons report claims that hackers were compromising cloud accounts used for storing files and data. Hackers also leverage cloud instances to perform other malicious activities.Cyware Alerts - Hacker News
November 29, 2021
Panasonic discloses data breach after network hack Full Text
Abstract
Japanese multinational conglomerate Panasonic disclosed a security breach after unknown threat actors gained access to servers on its network this month.BleepingComputer
November 25, 2021
UK government transport website caught showing porn Full Text
Abstract
A UK Department for Transport (DfT) website was caught serving porn earlier today. The particular DfT subdomain behind the mishap, on most days, provides vital DfT statistics for the public and the department's business plan.BleepingComputer
November 25, 2021
Philippines: Personal data of 22,000 S&R members compromised in cyberattack Full Text
Abstract
In a statement, NPC confirmed the receipt of a breach notification report on November 15 from S&R Membership Shopping concerning a cyberattack “that may have compromised its members’ personal data.”Manila Bulletin News
November 25, 2021
Several GoDaddy brands impacted in recent data breach Full Text
Abstract
Recently disclosed data breach impacted several of its brands, including Domain Factory, Heart Internet, Host Europe, Media Temple, tsoHost and 123Reg. Recently GoDaddy has disclosed a data breach that impacted up to 1.2 million of its customers,...Security Affairs
November 25, 2021
Huntington Hospital Issues Notice of Unauthorized Access to Personal Information of 13,000 Patients Full Text
Abstract
The hospital learned that a night shift employee improperly accessed electronic medical patient records in violation of its policies, leading to unauthorized access to 13,000 patients' data.Yahoo! Finance
November 25, 2021
Data Breach at New Mexico Healthcare Business Impacts 62,000 State Residents Full Text
Abstract
The personally identifiable information of more than 62,000 U.S. citizens may have been compromised following a cyber-attack against a New Mexico-based healthcare insurer.The Daily Swig
November 24, 2021
Digital Marketing Agency Cronin Exposed Financial, Employee, and Client Data Full Text
Abstract
The exposed server was named “Cronin-Main” and many of the records contained references to Cronin. These records included internal data such as employee and client information.Website Planet
November 24, 2021
GoDaddy data breach hits WordPress hosting services resellers Full Text
Abstract
GoDaddy says the recently disclosed data breach affecting roughly 1.2 million customers has also hit multiple Managed WordPress services resellers.BleepingComputer
November 24, 2021
WiFi Software Management Firm Exposed Millions of Users’ Data Full Text
Abstract
Security research firm SafetyDetectives discovered the leak and found that WSpot had a misconfigured Amazon Web Services S3 bucket. Around 226,000 files got exposed in this data leak.Hackread
November 22, 2021
GoDaddy Data Breach Exposes Over 1 Million WordPress Customers’ Data Full Text
Abstract
Web hosting giant GoDaddy on Monday disclosed a data breach that resulted in the unauthorized access of data belonging to a total of 1.2 million active and inactive customers, making it the third security incident to come to light since 2018. In a filing with the U.S. Securities and Exchange Commission (SEC), the world's largest domain registrar said that a malicious third-party managed to gain access to its Managed WordPress hosting environment on September 6 with the help of a compromised password, using it to obtain sensitive information pertaining to its customers. It's not immediately clear if the compromised password was secured with two-factor authentication. The Arizona-based company claims over 20 million customers, with more than 82 million domain names registered using its services. GoDaddy revealed it discovered the break-in on November 17. An investigation into the incident is ongoing and the company said it's "contacting all impacted custoThe Hacker News
November 22, 2021
GoDaddy says information on 1.2 million customers exposed in data breach Full Text
Abstract
Internet domain host GoDaddy on Monday disclosed a recent data breach that the company said impacted the customer data of around 1.2 million individuals.The Hill
November 22, 2021
New GoDaddy data breach impacted 1.2 million customers Full Text
Abstract
GoDaddy suffered a data breach that impacted up to 1.2 million of its managed WordPress customer accounts. GoDaddy discloses a data breach that impacted up to 1.2 million of its customers, threat actors breached the company's Managed WordPress...Security Affairs
November 22, 2021
Utah Imaging Associates data breach impacts 583,643 patients Full Text
Abstract
Utah-based radiology medical center Utah Imaging Associates discloses a data breach that impacted 583,643 former and current patients. Utah Imaging Associates (UIA) discloses a security breach, on September 4, 2021 the company claims to have detected...Security Affairs
November 22, 2021
Utah Imaging Associates Discloses Data Breach Impacting Over 580,000 Patients Full Text
Abstract
Farmington, Utah-based radiology medical center Utah Imaging Associates has started informing former and current patients that their information might have been compromised in a data breach.Security Week
November 22, 2021
GoDaddy hack causes data breach affecting 1.2 million customers Full Text
Abstract
GoDaddy said in a data breach notification published today that the data of up to 1.2 million of its customers was exposed after hackers gained access to the company's Managed WordPress hosting environment.BleepingComputer
November 22, 2021
Wind turbine giant Vestas’ data compromised in cyberattack Full Text
Abstract
Vestas Wind Systems, a leader in wind turbine manufacturing, has shut down its IT systems after suffering a cyberattack.BleepingComputer
November 21, 2021
Attackers compromise Microsoft Exchange servers to hijack internal email chains Full Text
Abstract
A malware campaign aimed at Microsoft Exchange servers exploits ProxyShell and ProxyLogon issues and uses stolen internal reply-chain emails. A malware campaign aimed at Microsoft Exchange servers exploits ProxyShell and ProxyLogon issues and uses...Security Affairs
November 19, 2021
California Pizza Kitchen discloses a data breach Full Text
Abstract
American pizza chain California Pizza Kitchen (CPK) suffered a data breach that might have exposed personal information of its employees. American pizza chain California Pizza Kitchen (CPK) suffered a data breach, the company has already notified...Security Affairs
November 19, 2021
Utah medical center hit by data breach affecting 582k patients Full Text
Abstract
Utah Imaging Associates (UIA), a Utah-based radiology center, has announced a data breach affecting 582,170 people after their personal information was exposed.BleepingComputer
November 18, 2021
RedCurl Breached at Least Four Companies in New Attacks This Year Full Text
Abstract
Besides discovering new attacks, Group-IB’s latest report also notes that RedCurl operators have done little to change their tactics besides a few updates to the tools they used during intrusions.The Record
November 16, 2021
200M Adult Cam Model, User Records Exposed in Stripchat Breach Full Text
Abstract
The leak included model information, chat messages and payment details.Threatpost
November 16, 2021
Adult cam site StripChat exposes the data of millions of users and cam models Full Text
Abstract
The popular adult cam site StripChat has suffered a security breach, the personal data of millions of users and adult models leaked online. The popular adult cam site StripChat has suffered a security breach that resulted in the leak of the personal...Security Affairs
November 15, 2021
7 million Robinhood user email addresses for sale on hacker forum Full Text
Abstract
The data for approximately 7 million Robinhood customers stolen in a recent data breach are being sold on a popular hacking forum and marketplace.BleepingComputer
November 15, 2021
Data of Millions of Customers of RedDoorz Hotel Booking Site Leaked in Singapore’s Largest Breach Full Text
Abstract
The personal data of nearly 5.9 million Singaporean and Southeast Asian customers of hotel booking site RedDoorz was found to have been leaked, in what has been called Singapore's largest data breach.Straits Times
November 14, 2021
FBI’s Email System Hacked to Send Out Fake Cyber Security Alert to Thousands Full Text
Abstract
The U.S. Federal Bureau of Investigation (FBI) on Saturday confirmed unidentified threat actors have breached one of its email servers to blast hoax messages about a fake "sophisticated chain attack." The incident, which was first publicly disclosed by threat intelligence non-profit SpamHaus, involved sending rogue warning emails with the subject line "Urgent: Threat actor in systems" originating from a legitimate FBI email address "[email protected][.]gov" that framed the attack on Vinny Troia, a security researcher and founder of dark web intelligence firms Night Lion Security and Shadowbyte, while also claiming him to be affiliated with a hacking outfit named TheDarkOverlord. SpamHaus cited its own telemetry data to point out that the email blasts happened over two "spam" waves, one shortly before 5:00 a.m. UTC and another one shortly after 7:00 a.m. UTC. However, according to Kryptos Logic researcher Marcus Hutchins, the goal appears to beThe Hacker News
November 13, 2021
FBI system hacked to email ‘urgent’ warning about fake cyberattacks Full Text
Abstract
The Federal Bureau of Investigation (FBI) email servers were hacked to distribute spam email impersonating FBI warnings that the recipients' network was breached and data was stolen.BleepingComputer
November 12, 2021
Costco discloses data breach after finding credit card skimmer Full Text
Abstract
Costco Wholesale Corporation has warned customers in notification letters sent this month that their payment card information might have been stolen while recently shopping at one of its stores.BleepingComputer
November 11, 2021
Threat actors hacked a server of a Queensland water supplier and remained undetected for 9 months Full Text
Abstract
Threat actors compromised a server managing customer data for a Queensland water supplier and remained undetected for nine months. A served used by the SunWater statutory Queensland (Australia) Government-owned water supplier was compromised and threat...Security Affairs
November 10, 2021
HPE says hackers breached Aruba Central using stolen access key Full Text
Abstract
HPE has disclosed that data repositories for their Aruba Central network monitoring platform were compromised, allowing a threat actor to access collected data about monitored devices and their locations.BleepingComputer
November 9, 2021
Robinhood Trading Platform Data Breach Hits 7M Customers Full Text
Abstract
The cyberattacker attempted to extort the company after socially engineering a customer service employee to gain access to email addresses and more.Threatpost
November 09, 2021
Robinhood says information on millions of customers stolen in data breach Full Text
Abstract
Trading platform Robinhood disclosed late Monday that an “unauthorized party” had stolen the data of over 7 million customers as part of a major data breach.The Hill
November 9, 2021
Robinhood data breach exposes 7 Million users’ information Full Text
Abstract
Robinhood disclosed a security breach, an unidentified threat actor gained unauthorized access to approximately 7 million customer records. Robinhood Markets, Inc. is an American commission-free stock trading and investing platform, it had 18 million...Security Affairs
November 9, 2021
UK’s Biggest Fishing Gear Seller’s Website Gets Hacked, Redirect Users to Adult Site Full Text
Abstract
The UK's biggest fishing shop has been hacked, with its website redirecting keen anglers to an adult website. Angling Direct said it was hit by the attack late on Friday.BBC
November 8, 2021
Lockean Group Cripples Multiple French Companies Full Text
Abstract
French officials identified Lockean, a group that works as an affiliate with other RaaS infrastructure, behind a series of attacks against French organizations over the past two years. Lockean’s average cut of paid ransoms stands at 70% while the rest goes to RaaS maintainers. O rganizations are s ... Read MoreCyware Alerts - Hacker News
November 08, 2021
Robinhood discloses data breach impacting 7 million customers Full Text
Abstract
Stock trading platform Robinhood has disclosed a data breach after their systems were hacked and a threat actor gained access to the personal information of approximately 7 million customers.BleepingComputer
November 8, 2021
Data Breach at Indian Securities Depository CDSL Allegedly Impacted Investors’ Personal Data Full Text
Abstract
A vulnerability at a CDSL subsidiary, CDSL Ventures Limited (CVL), has exposed personal and financial data of over 4 crore Indian investors twice in a period of 10 days, according to CyberX9.The Times Of India
November 08, 2021
State hackers breach defense, energy, healthcare orgs worldwide Full Text
Abstract
Cybersecurity firm Palo Alto Networks warned over the weekend of an ongoing hacking campaign that has already resulted in the compromise of at least nine organizations worldwide from critical sectors, including defense, healthcare, energy, technology, and education.BleepingComputer
November 07, 2021
Hackers breach nine global organizations in ongoing espionage campaign Full Text
Abstract
A hacking group with potential ties to China has breached nine global organizations as part of an ongoing espionage effort mostly targeting the defense sector, findings made public Sunday revealed.The Hill
November 7, 2021
Casinos of tribal communities are losing millions in Ransomware attacks Full Text
Abstract
The FBI issued a private industry notification (PIN) to warn of ransomware attacks that hit several tribal-owned casinos last year. A private industry notification issued by the FBI's Cyber Division revealed that ransomware attacks hit several tribal-owned...Security Affairs
November 5, 2021
US defense contractor Electronic Warfare Associates discloses data breach Full Text
Abstract
US defense contractor Electronic Warfare Associates (EWA) was hit by a cyber attack, threat actors stole personal information from its email system. US defense contractor Electronic Warfare Associates (EWA) has disclosed a data breach after threat...Security Affairs
November 05, 2021
US defense contractor Electronic Warfare hit by data breach Full Text
Abstract
US defense contractor Electronic Warfare Associates (EWA) has disclosed a data breach after threat actors hacked their email system and stole files containing personal information.BleepingComputer
November 3, 2021
The U.K. Labour Party discloses a data breach Full Text
Abstract
The U.K. Labour Party discloses a data breach after a ransomware attack hit a service provider that is managing its data. The U.K. Labour Party discloses a data breach after a service provider that manages its data was hit by a ransomware attack....Security Affairs
November 03, 2021
UK Labour Party discloses data breach after ransomware attack Full Text
Abstract
The UK Labour Party notified members that some of their information was impacted in a data breach after a ransomware attack hit a third-party organization that was managing the party's data.BleepingComputer
November 1, 2021
Pirate Sports Streamer Gets Busted, Pivots to MLB Extortion Full Text
Abstract
An alleged sports content pirate is accused of not only hijacking leagues’ streams but also threatening to tell reporters how he accessed their systems.Threatpost
November 01, 2021
Kaspersky’s stolen Amazon SES token used in Office 365 phishing Full Text
Abstract
Kaspersky said today that a legitimate Amazon Simple Email Service (SES) token issued to a third-party contractor was recently used by threat actors behind a spear-phishing campaign targeting Office 365 users.BleepingComputer
November 01, 2021
BlackShadow hackers breach Israeli hosting firm and extort customers Full Text
Abstract
The BlackShadow hacking group attacked the Israeli hosting provider Cyberserve to steal client databases and disrupt the company's services.BleepingComputer
October 31, 2021
Iranian Black Shadow hacking group breached Israeli Internet hosting firm Full Text
Abstract
Irananian hacking group Black Shadow breached the Israeli internet hosting company Cyberserve, taking down several of its sites. Iranian hacking group Black Shadow compromised the server of the Israeli internet hosting company Cyberserve, taking...Security Affairs
October 30, 2021
Hacker accessed medical info at UMass Memorial Health Full Text
Abstract
A cyber attack hit the UMass Memorial Health, threat actors had access to employee email system, potentially exposing patients info. Threat actors hacked into the employee email system of the UMass Memorial Health healthcare system, potentially accessing...Security Affairs
October 28, 2021
Crooks steal $130 million worth of cryptocurrency assets from Cream Finance Full Text
Abstract
Threat actors have stolen $130 million worth of cryptocurrency assets from the Cream Finance decentralized finance (DeFi) platform. C.R.E.A.M. Finance is a decentralized lending protocol for individuals, institutions and protocols to access financial...Security Affairs
October 28, 2021
Sensitive data of 400,000 German students exposed by API flaw Full Text
Abstract
Approximately 400,000 users of Scoolio, a student community app widely used in Germany, had sensitive information exposed due to an API flaw in the platform.BleepingComputer
October 26, 2021
Canadian Immigration Authority Leaked Some Vulnerable Afghan Citizens’ Details Full Text
Abstract
The names of several hundred vulnerable Afghans seeking refuge from the Taliban were recently leaked in emails sent in error by Immigration, Refugees and Citizenship Canada (IRCC), CBC News reported.CBC
October 25, 2021
Microsoft Says SolarWinds Hackers Compromised 14 Technology Providers to Piggyback on Customer Access Full Text
Abstract
This time, Nobelium attacking a different part of the supply chain: resellers and other technology service providers that customize, deploy and manage various technologies for their customers.Microsoft
October 23, 2021
Popular NPM library hijacked to install password-stealers, miners Full Text
Abstract
Hackers hijacked the popular UA-Parser-JS NPM library, with millions of downloads a week, to infect Linux and Windows devices with cryptominers and password-stealing trojans in a supply-chain attack.BleepingComputer
October 22, 2021
SCUF Gaming store hacked to steal credit card info of 32,000 customers Full Text
Abstract
SCUF Gaming International, a leading manufacturer of custom PC and console controllers, is notifying customers that its website was hacked in February to plant a malicious script used to steal their credit card information.BleepingComputer
October 22, 2021
Popular NPM Package Hijacked to Publish Crypto-mining Malware Full Text
Abstract
The U.S. Cybersecurity and Infrastructure Security Agency on Friday warned of crypto-mining malware embedded in " UAParser.js ," a popular JavaScript NPM library with over 6 million weekly downloads, days after the NPM repository moved to get rid of three rogue packages that were found to mimic the same library. The supply-chain attack targeting the open-source library saw three different versions — 0.7.29, 0.8.0, 1.0.0 — that were published with malicious code on Thursday following a successful takeover of the maintainer's NPM account. "I believe someone was hijacking my NPM account and published some compromised packages (0.7.29, 0.8.0, 1.0.0) which will probably install malware," UAParser.js's developer Faisal Salman said . The issue has been patched in versions 0.7.30, 0.8.1, and 1.0.1. The development comes days after DevSecOps firm Sonatype disclosed details of three packages — okhsa, klow, and klown — that masqueraded as the user-agent striThe Hacker News
October 22, 2021
Italian celebs’ data exposed in ransomware attack on SIAE Full Text
Abstract
The Italian data protection authority Garante per la Protezione dei Dati Personali (GPDP) has announced an investigation into a data breach of the country's copyright protection agency.BleepingComputer
October 21, 2021
Ransomware Sinks Teeth into Candy-Corn Maker Ahead of Halloween Full Text
Abstract
Chicago-based Ferrara acknowledged an Oct. 9 attack that encrypted some systems and disrupted production.Threatpost
October 20, 2021
YouTube creators’ accounts hijacked with cookie-stealing malware Full Text
Abstract
A Cookie Theft malware was employed in phishing attacks against YouTube creators, Google's Threat Analysis Group (TAG) warns. Financially motivated threat actors are using Cookie Theft malware in phishing attacks against YouTube creators since late...Security Affairs
October 20, 2021
LightBasin Hackers Breach at Least 13 Telecom Service Providers Since 2019 Full Text
Abstract
A highly sophisticated adversary named LightBasin has been identified as behind a string of attacks targeting the telecom sector with the goal of collecting "highly specific information" from mobile communication infrastructure, such as subscriber information and call metadata. "The nature of the data targeted by the actor aligns with information likely to be of significant interest to signals intelligence organizations," researchers from cybersecurity firm CrowdStrike said in an analysis published Tuesday. Known to be active as far back as 2016, LightBasin (aka UNC1945) is believed to have compromised 13 telecommunication companies across the world since 2019 by leveraging custom tools and their extensive knowledge of telecommunications protocols for scything through organizations' defenses. The identities of the targeted entities were not disclosed, nor did the findings link the cluster's activity to a specific country. Indeed, a recent incident inThe Hacker News
October 20, 2021
Acer suffers a second data breach in a week Full Text
Abstract
Tech giant Acer was hacked again in a few days, after the compromise of the servers in India, threat actors also breached some of its systems in Taiwan. Tech giant Acer was hacked twice in a week, the same threat actor (Desorden) initially breached...Security Affairs
October 20, 2021
Centre for Computing History apologises for data breach Full Text
Abstract
The Centre for Computing History (CCH) in Cambridge, England, has apologised for an "embarrassing" breach in its online customer datafile, though thankfully no payment card information was exposed.The Register
October 18, 2021
State-backed hackers breach telcos with custom malware Full Text
Abstract
A previously unknown state-sponsored actor is deploying a novel toolset in attacks targeting telecommunication providers and IT firms in South Asia.BleepingComputer
October 18, 2021
Update: Accenture Confirms Data Stolen in Ransomware Attack Full Text
Abstract
In a Form 10-K filing with the Securities and Exchange Commission (SEC) last week, the company confirmed that the attackers were able to steal some proprietary information from its servers.Security Week
October 17, 2021
Twitch security breach had minimal impact, the company states Full Text
Abstract
Twitch provided an update for the recent security breach, the company confirmed that it only had a limited impact on a small number of users. Twitch downplayed the recent security breach in an update, the company said it only impacted a small number...Security Affairs
October 16, 2021
Amazon-owned Twitch says source code exposed in last week’s data breach Full Text
Abstract
Amazon.com Inc-owned Twitch has said that last week’s data breach at the live streaming e-sports platform contained documents from its source code. Twitch said it was “confident” the incident affected only a small number of users.Reuters
October 15, 2021
Accenture discloses data breach after LockBit ransomware attack Full Text
Abstract
IT and consulting giant Accenture confirmed a data breach after the ransomware attack conducted by LockBit operators in August 2021. Global IT consultancy giant Accenture discloses a data breach after the LockBit ransomware attack that hit the company...Security Affairs
October 15, 2021
Accenture confirms data breach after August ransomware attack Full Text
Abstract
Global IT consultancy giant Accenture confirmed that LockBit ransomware operators stole data from its systems during an attack that hit the company's systems in August 2021.BleepingComputer
October 14, 2021
Data of 228,000 Subscribers of Thingiverse Circulated on Hacker Forum Full Text
Abstract
Thingiverse, a site for sharing user-created digital design files, has reportedly leaked a 36GB backup file that contains 228,000 unique email addresses and other personally identifiable information.Info Risk Today
October 14, 2021
Acer suffered the second security breach in a few months Full Text
Abstract
Taiwanese electronics technology giant Acer discloses a security breach suffered by its after-sales service systems in India after an isolated attack. Bad news for the Taiwanese electronics technology giant Acer, it disclosed a second security breach...Security Affairs
October 14, 2021
Acer confirms breach of after-sales service systems in India Full Text
Abstract
Taiwanese computer giant Acer has confirmed that its after-sales service systems in India were recently breached in what the company called "an isolated attack."BleepingComputer
October 11, 2021
Oregon Eye Specialists discloses data breach following employee email compromise Full Text
Abstract
The exposed data likely includes customers’ names, dates of birth, dates of service, medical record numbers, financial account information, and health insurance provider names and/or policy numbers.The Daily Swig
October 9, 2021
Sky.com servers exposed via misconfiguration Full Text
Abstract
CyberNews researchers found an exposed configuration file hosted on a Sky.com subdomain containing production data. Original post @ https://cybernews.com/news/sky-com-servers-exposed-via-misconfiguration/ CyberNews researchers found an exposed...Security Affairs
October 08, 2021
Twitch game page backgrounds defaced with Jeff Bezos’ face Full Text
Abstract
On Twitch's website's game pages today appeared a close up of Jeff Bezos' face, in what appears to be a mysterious defacement attack.BleepingComputer
October 08, 2021
BrewDog exposed data for over 200,000 shareholders and customers Full Text
Abstract
BrewDog, the Scottish brewery and pub chain famous for its crowd-ownership model and the tasty IPAs, has irreversibly exposed the details of 200,000 of its shareholders and customers.BleepingComputer
October 7, 2021
Twitch data breach updates: login credentials or card numbers not exposed Full Text
Abstract
An anonymous individual has leaked the source code and data of the popular video streaming platform Twitch via a torrent file posted on 4chan. An anonymous 4chan user has published a torrent link to a 128GB file on the 4chan discussion board, the leaked...Security Affairs
October 07, 2021
Twitch: No credentials or card numbers exposed in data breach Full Text
Abstract
Twitch says that no login credentials and credit card numbers belonging to users or streamers were exposed following yesterday's massive data leak.BleepingComputer
October 6, 2021
Twitch Gets Gutted: All Source Code Leaked Full Text
Abstract
An anonymous user posted a link to a 125GB torrent to 4chan yesterday, containing all of Twitch’s source code, comments going back to its inception and more.Threatpost
October 06, 2021
Twitch Suffers Massive 125GB Data and Source Code Leak Due to Server Misconfiguration Full Text
Abstract
Interactive livestreaming platform Twitch acknowledged a "breach" after an anonymous poster on the 4chan messaging board leaked its source code, an unreleased Steam competitor from Amazon Game Studios, details of creator payouts , proprietary software development kits, and other internal tools. The Amazon-owned service said it's "working with urgency to understand the extent of this," adding the data was exposed "due to an error in a Twitch server configuration change that was subsequently accessed by a malicious third party." "At this time, we have no indication that login credentials have been exposed," Twitch noted in a post published late Wednesday. "Additionally, full credit card numbers are not stored by Twitch, so full credit card numbers were not exposed." The forum user claimed the hack is designed to "foster more disruption and competition in the online video streaming space" because "their communiThe Hacker News
October 6, 2021
Twitch source code and sensitive data leaked online Full Text
Abstract
An anonymous individual has leaked the source code and data of the popular video streaming platform Twitch via a torrent file posted on 4chan. An anonymous individual has leaked online the source code and streamers and users data of the popular video...Security Affairs
October 6, 2021
UK newspaper The Telegraph exposed a 10TB database with subscriber data Full Text
Abstract
The UK media outlet The Telegraph has leaked 10 TB of subscriber data after failing to properly secure one of its databases. The UK newspaper The Telegraph’, one of the UK’s largest newspapers and online media outlets, has leaked 10 TB of data...Security Affairs
October 06, 2021
Massive Twitch hack: Source code and payment reports leaked Full Text
Abstract
Twitch source code, as well as streamers' and users' sensitive information, was allegedly leaked online by an anonymous user on the 4chan imageboard.BleepingComputer
October 6, 2021
US Clothing Brand Next Level Apparel Reports Phishing-related Data Breach Full Text
Abstract
Next Level Apparel, a wholesale producer and online retailer of blank apparel, said it “could not confirm that any individual's information was in fact viewed by an unauthorized person”.The Daily Swig
October 05, 2021
The Telegraph exposes 10 TB database with subscriber info Full Text
Abstract
'The Telegraph', one of UK's largest newspapers and online media outlets, has leaked 10 TB of data after failing to properly secure one of its databases.BleepingComputer
October 5, 2021
Misconfigured, Old Apache Airflow Instances Leak Slack, AWS Credentials Full Text
Abstract
On Monday, Intezer researchers said the instances, vulnerable to data theft, belong to industries including IT, cybersecurity, health, energy, finance, and manufacturing, among other sectors.ZDNet
October 5, 2021
Telco service provider giant Syniverse had unauthorized access since 2016 Full Text
Abstract
Syniverse service provider discloses a security breach, threat actors have had access to its databases since 2016 and gained some customers' credentials. Syniverse is a global company that provides technology and business services for a number of telecommunications...Security Affairs
October 5, 2021
OnionShare: Secure communications platform used by whistleblowers and journalists patches data exposure bug Full Text
Abstract
A tool used by whisteblowers and the media to securely send information has patched two vulnerabilities that could have impacted the anonymous nature of the file-sharing system.The Daily Swig
October 04, 2021
Largest mobile SMS routing firm discloses five-year-long breach Full Text
Abstract
Syniverse, a service provider for most telecommunications companies, disclosed that hackers had access to its databases over the past five years and compromised login credentials belonging to hundreds of customers.BleepingComputer
October 04, 2021
Misconfigured Apache Airflow servers leak thousands of credentials Full Text
Abstract
While investigating a misconfiguration flaw in Apache Airflow, researchers discovered many exposed instances over the web leaking sensitive information, including credentials, from well-known tech companies. Apache Airflow is a popular open-source workflow management platform for organizing and managing tasks.BleepingComputer
October 2, 2021
Mozilla: Superman, Batman, Spider-Man dominate list of passwords leaked in breaches Full Text
Abstract
Superhero-based passwords are increasingly showing up in datasets of breached information, according to a new blog post from Mozilla. Mozilla used data from haveibeenpwned.com to figure out the most common passwords found in breached datasets.ZDNet
October 1, 2021
MFA Glitch Leads to 6K+ Coinbase Customers Getting Robbed Full Text
Abstract
Coinbase suspects phishing led to attackers getting personal details needed to access wallets but also blamed a flaw in its SMS-based 2FA.Threatpost
October 01, 2021
Neiman Marcus notifying 4.6M customers of data breach Full Text
Abstract
Department store Neiman Marcus announced Friday that it was in the process of notifying 4.6 million online customers that some of their data had been compromised as part of a data breach that took place last year.The Hill
October 1, 2021
Neiman Marcus discloses data breach, payment card data exposed Full Text
Abstract
Luxury retail company Neiman Marcus Group has announced this week that it has suffered a data breach that impacted customer information. The attack against Neiman Marcus Group took place in May 2020, as a result of the attack, threat actors had access...Security Affairs
September 30, 2021
Popular Android apps with 142.5 million collective installs leak user data Full Text
Abstract
14 top Android apps with 142.5 million installs are misconfigured, leaving their data exposed to unauthorized parties Original post @ https://cybernews.com/security/research-popular-android-apps-with-142-5-million-collective-downloads-are-leaking-user-data/ 14...Security Affairs
September 30, 2021
Thousands of University Wi-Fi Networks Expose Log-In Credentials Full Text
Abstract
Certificate misconfigurations of the EAP protocol in Eduroam (and likely other networks globally) threaten Android and Windows users.Threatpost
September 29, 2021
Navistar confirms data breach involved employee healthcare information Full Text
Abstract
The potentially compromised data included the full names, addresses, dates of birth, and SSNs of an unspecified number of employees, according to an updated statement by Navistar on the breach.The Daily Swig
September 29, 2021
Trucking giant Forward Air reports ransomware data breach Full Text
Abstract
Trucking giant Forward Air has disclosed a data breach after a ransomware attack that allowed threat actors to access employees' personal information.BleepingComputer
September 28, 2021
Recognizing the Impact of a Multi-Party Data Breach Full Text
Abstract
The past three years witnessed 108 ripples or multi-party breaches. According to RiskRecon and Cyentia Institute, the financial damage incurred from the worst ripple events is 26 times more than a single-party breach.Cyware Alerts - Hacker News
September 27, 2021
Data from Oath Keepers leaked online after alleged hack Full Text
Abstract
The roughly 5GB of data, which was provided by the hacker to DDoSecrets, contains everything from emails and internal chats to details on the organization’s members and donors.Daily Dot
September 27, 2021
A multi-party data breach creates 26x the financial damage of single-party breach Full Text
Abstract
897 multi-party data breach incidents, also referred to as ripple events, have been observed since 2008. A median ripple breach event causes 10x financial loss than a traditional single-party breach.Help Net Security
September 25, 2021
Bitcoin.org hackers steal $17,000 in ‘double your cash’ scam Full Text
Abstract
This week, threat actors hijacked Bitcoin.org, the authentic website of the Bitcoin project, and altered parts of the website to push a cryptocurrency giveaway scam that unfortunately some users fell for. Although the hack lasted for less than a day, hackers seem to have walked away with a little over $17,000.BleepingComputer
September 24, 2021
3.8 billion Clubhouse and Facebook user records allegedly scraped and merged, put for sale online Full Text
Abstract
A user on a popular hacker forum is selling a database that purportedly contains 3.8 billion Clubhouse and Facebook user records. Original Post @CyberNews https://cybernews.com/security/3-8-billion-allegedly-scraped-and-merged-clubhouse-and-facebook-user-records-put-for-sale-online/ A...Security Affairs
September 24, 2021
African Bank warns of data breach with personal details compromised Full Text
Abstract
African Bank has confirmed that one of its appointed professional debt recovery partners, Debt-IN, was targeted by hackers in April 2021. The bank said that no data shared post April 1 is compromised.Business Tech
September 23, 2021
Hacking group used ProxyLogon exploits to breach hotels worldwide Full Text
Abstract
A newly discovered cyberespionage group has been targeting hotels worldwide around the world since at least 2019, as well as higher-profile targets such as governments, international organizations, law firms, and engineering companies.BleepingComputer
September 23, 2021
Microsoft Exchange Bug Exposes ~100,000 Windows Domain Credentials Full Text
Abstract
An unpatched design flaw in the implementation of Microsoft Exchange's Autodiscover protocol has resulted in the leak of approximately 100,000 login names and passwords for Windows domains worldwide. "This is a severe security issue, since if an attacker can control such domains or has the ability to 'sniff' traffic in the same network, they can capture domain credentials in plain text (HTTP basic authentication) that are being transferred over the wire," Guardicore's Amit Serper said in a technical report. "Moreover, if the attacker has DNS-poisoning capabilities on a large scale (such as a nation-state attacker), they could systematically syphon out leaky passwords through a large-scale DNS poisoning campaign based on these Autodiscover TLDs [top-level domains]." The Exchange Autodiscover service enables users to configure applications such as Microsoft Outlook with minimal user input, allowing just a combination of email addresses and pasThe Hacker News
September 23, 2021
A bug in Microsoft Exchange Autodiscover feature leaks +372K of domain credentials Full Text
Abstract
A flaw in the Microsoft Exchange Autodiscover feature can be exploited to harvest Windows domain and app credentials. Security researchers from Guardicore discovered a flaw in the Microsoft Exchange Autodiscover feature that can be exploited to harvest...Security Affairs
September 23, 2021
Colombian Real Estate Agency Leak Exposes Records of Over 100,000 Buyers Full Text
Abstract
More than one terabyte of data containing 5.5 million files has been left exposed, leaking personal information of over 100,000 customers of a Colombian real estate firm, according to cybersecurity company WizCase. The breach was discovered by Ata Hakçıl and his team in a database owned by Coninsa Ramon H, a company that specializes in architecture, engineering, construction, and real estate services. "There was no need for a password or login credentials to see this information, and the data was not encrypted," the researchers said in an exclusive report shared with The Hacker News. The data exposure is the result of a misconfigured Amazon Web Services (AWS) Simple Storage Service (S3) bucket, causing sensitive information such as clients' names, photos, and addresses to be disclosed. The details stored in the bucket range from invoices and income documents to quotes and account statements dating between 2014 and 2021. The complete list of information contained inThe Hacker News
September 22, 2021
Data breach at Texas behavioral health center affects more than 24,000 Full Text
Abstract
A data breach at Texas behavioral health provider Texoma Community Center affected more than 24,000 people and highlights how timelines for breach notification may lag behind security events.The Record
September 22, 2021
Hacking Incidents Lead to 2 Big Eye Care Provider Breaches Full Text
Abstract
New Jersey-based USV Optical Inc. - a subsidiary of U.S.Vision on Sept. 3 reported to HHS' Office for Civil Rights a hacking IT incident involving a network server and affecting 180,000 individuals.Gov Info Security
September 22, 2021
Microsoft Exchange Autodiscover bugs leak 100K Windows credentials Full Text
Abstract
Bugs in the implementation of Microsoft Exchange's Autodiscover feature have leaked approximately 100,000 login names and passwords for Windows domains worldwide.BleepingComputer
September 22, 2021
RaidForums data marketplace accidentally exposes private staff page Full Text
Abstract
Underground marketplace and hacker forum, Raidforums, recently exposed internal pages from its website, meant for staff members only. Raidforums is a data breach marketplace where threat actors often sell or leak illicitly obtained data dumps.BleepingComputer
September 21, 2021
Epik Confirms Hack, Gigabytes of Data on Offer Full Text
Abstract
“Time to find out who in your family secretly ran … [a] QAnon hellhole,” said attackers who affiliated themselves with the hacktivist collective Anonymous, noting that Epik had laughable security.Threatpost
September 21, 2021
US Optometry Provider Simon Eye Hit by Data Breach Impacting 144,000 Patients Full Text
Abstract
The possible compromise of sensitive personal data arose from unauthorized access to employee email accounts over a seven-day period between May 12-18, 2021, according to a data breach notice.The Daily Swig
September 21, 2021
Data of 106 million visitors to Thailand leaked online Full Text
Abstract
Security researchers discovered an unsecured database exposed online containing the personal information of millions of visitors to Thailand. The popular cybersecurity research Bob Diachenko discovered his personal data online stored on an unprotected...Security Affairs
September 20, 2021
Hacked sites push TeamViewer using fake expired certificate alert Full Text
Abstract
Threat actors are compromising Windows IIS servers to add expired certificate notification pages that prompt visitors to download a malicious fake installer.BleepingComputer
September 20, 2021
Republican Governors Association email server breached by state hackers Full Text
Abstract
The Republican Governors Association (RGA) revealed in data breach notification letters sent last week that its servers were breached during an extensive Microsoft Exchange hacking campaign that hit organizations worldwide in March 2021.BleepingComputer
September 17, 2021
Alaska Department of Health Reveals Data Breach Potentially Exposing Residents’ Financial, Health Information Full Text
Abstract
The Alaska Department of Health and Social Services (DHSS) has warned that a “highly sophisticated” cyber-attack may have exposed residents’ personal data, including financial information.The Daily Swig
September 15, 2021
Ransomware encrypts South Africa’s entire Dept of Justice network Full Text
Abstract
The justice ministry of the South African government is working on restoring its operations after a recent ransomware attack encrypted all its systems, making all electronic services unavailable both internally and to the public.BleepingComputer
September 15, 2021
CI/CD Platform Provider Travis CI Confirms Security Breach Impacting Public Repository Full Text
Abstract
It said that it has resolved the underlying problem with a series of security patches, adding that users should consider making changes to their passcodes and authentication tokens as a precaution.The Daily Swig
September 14, 2021
Massachusetts attorney general announces investigation into T-Mobile data breach Full Text
Abstract
Massachusetts Attorney General Maura Healey (D) on Tuesday announced that her office is undertaking an investigation into the recent data breach of T-Mobile that impacted more than 50 million individuals.The Hill
September 14, 2021
Over 60 Million Wearable, Fitness Tracking Records Exposed via Unsecured Database Full Text
Abstract
The researchers said that over 61 million records were contained in the data repository, including vast swathes of user information -- such as their names, dates of birth, weight, height, gender, and GPS logs, among other datasets.ZDNet
September 13, 2021
What’s Behind the Leaks of Customer Data From Retailer Databases? Full Text
Abstract
Retail data breaches involving customer data happen often today. However, they tend to be smaller in size than health care, finance, or government breaches. So, the general public notices them less. Yet, they happen more often than realized.Security Intelligence
September 11, 2021
Fujitsu Confirms Stolen Data Marketed By Cybercriminals in Marketo is Not Theirs Full Text
Abstract
Fujitsu released an official statement regarding the data being marketed by cybercriminals online. The company said that it is not related to a cyberattack on its systems.Tech Times
September 11, 2021
Healthcare orgs in California, Arizona send out breach letters for nearly 150 000 after SSNs accessed during ransomware attacks Full Text
Abstract
Two healthcare organizations have begun sending out breach notification letters to thousands of people in California and Arizona after both revealed that sensitive information were accessed during recent cyberattacks.ZDNet
September 10, 2021
MyRepublic discloses data breach exposing government ID cards Full Text
Abstract
MyRepublic Singapore has disclosed a data breach exposing the personal information of approximately 80,000 mobile subscribers.BleepingComputer
September 10, 2021
Stolen Credentials Led to Data Theft at United Nations Full Text
Abstract
Threat actors accessed the organization’s proprietary project management software, Umoja, in April, accessing the network and stealing info that can be used in further attacks.Threatpost
September 10, 2021
MyRepublic customer data compromised in third-party security breach Full Text
Abstract
MyRepublic says almost 80,000 of its mobile subscribers in Singapore have had their personal data compromised, following a security breach on a third-party data storage platform.ZDNet
September 09, 2021
United Nations confirms its systems were breached this year Full Text
Abstract
The United Nations (UN) on Thursday confirmed that it was the victim of a cyberattack earlier this year and that attacks related to the original breach were ongoing.The Hill
September 9, 2021
McDonald’s Email Blast Includes Password to Monopoly Game Database Full Text
Abstract
Usernames, passwords for database sent in prize redemption emails.Threatpost
September 8, 2021
Personal information of 7 million Israelis available for sale Full Text
Abstract
A threat actor that goes online with the moniker 'Sangkancil' claims to have stolen the personal information of 7 million Israelis. A threat actor that goes online with the moniker 'Sangkancil' claims to have stolen the personal information of 7 million...Security Affairs
September 08, 2021
Hackers leak passwords for 500,000 Fortinet VPN accounts Full Text
Abstract
A threat actor has leaked a list of almost 500,000 Fortinet VPN login names and passwords that were allegedly scraped from exploitable devices last summer.BleepingComputer
September 8, 2021
Texas Right to Life website exposed job applicants’ resumes Full Text
Abstract
“We are taking action to protect the concerned individuals,” said a spokesperson for Texas Right to Life, told TechCrunch, referring to those who “sought and circulated the information.”TechCrunch
September 7, 2021
Data Breach at US Restaurant and Gambling Chain Dotty’s Impacted Sensitive Customer Information Full Text
Abstract
A cyber-attack on US fast food and gambling chain Dotty’s, which provides services across 175 locations, has exposed the personal data of customers, the company has warned.The Daily Swig
September 7, 2021
Personal Data of Millions of Moroccan Citizens Leaked Online by Cybercriminal Full Text
Abstract
Cyber-snooping into people’s personal information is a very concerning matter. According to Zataz, the intentional release of private and personal data took place on Friday night.Morocco World News
September 07, 2021
McDonald’s leaks password for Monopoly VIP database to winners Full Text
Abstract
ug in the McDonald's Monopoly VIP game in the United Kingdom caused the login names and passwords for the game's database to be sent to all winners.BleepingComputer
September 7, 2021
Personal Details of 8,700 French Visa Applicants Gets Exposed by Attackers Full Text
Abstract
The French government said that the cyberattack was ‘quickly neutralised’ but that individuals’ names, dates of birth, passport and identity card numbers had been exposed.Connexion France
September 7, 2021
Jenkins Project Discloses Security Breach Involving Confluence Server Exploit Full Text
Abstract
Following the discovery of the hack, Jenkins developers said they permanently took down the hacked Confluence server, rotated privileged credentials, and reset passwords for developer accounts.The Record
September 2, 2021
Recruiting Firm Apparently Pays Ransom After Being Targeted by Hackers Full Text
Abstract
Administrative staffing agency Career Group, Inc. this week started sending notification letters to customers who were affected by a data breach that occurred in late June.Security Week
September 1, 2021
Accellion breach exposed data from patients at major Michigan hospital system Full Text
Abstract
A major Michigan hospital system on Friday notified roughly 1,500 patients that their information may have been exposed as a result of a hack against file-sharing service Accellion.Cyberscoop
August 31, 2021
Update: Leaked Guntrader firearms data file with UK gun owners’ home addresses shared online Full Text
Abstract
Names, home addresses, postcodes, phone numbers, email addresses, and IP addresses are included in the CSV file – along with geographic coordinates for many of the 111,295 people listed in the breach.The Register
August 31, 2021
Canada accepted 7,300 more immigration applications due to technical bug Full Text
Abstract
A bug in the Canadian immigration system led to the government accepting an additional 7,307 immigration applications, surpassing the imposed limit. This comprised files from international graduate stream applicants aspiring to change their temporary visa status to permanent residency.BleepingComputer
August 29, 2021
1 GB of data belonging to Puma available on Marketo Full Text
Abstract
The name of the sportswear manufacturer Puma appeared on the dark web marketplace of stolen data Marketo, threat actors claim to have stolen 1 GB of data from the company. The emerging underground marketplace of stolen data ‘Marketo’ available...Security Affairs
August 28, 2021
EskyFun data leak, over 1 million Android gamers impacted Full Text
Abstract
vpnMentor’s researchers reported that the Chinese mobile gaming company EskyFun suffered a data breach, over 1 million gamers impacted. vpnMentor’s researchers discovered that the Chinese mobile gaming company EskyFun suffered a data breach,...Security Affairs
August 27, 2021
Microsoft Warns Thousands of Azure Cloud Customers of Exposed Databases Full Text
Abstract
The vulnerability is in Microsoft Azure's flagship Cosmos DB database. A research team at security company Wiz discovered it was able to access keys that control access to databases.Reuters
August 27, 2021
US National from Virginia Admits to Orchestrating the Massive T-Mobile Breach Full Text
Abstract
A 21-year-old Virginia native living in Turkey has admitted to being the main force behind the massive T-Mobile hack that exposed the sensitive information of more than 50 million people.ZDNet
August 26, 2021
Chinese developers expose data belonging to Android gamers Full Text
Abstract
In a report shared with ZDNet, vpnMentor's cybersecurity team, led by Noam Rotem and Ran Locar, revealed EskyFun as the owner of a 134GB server exposed and made public online.ZDNet
August 26, 2021
Breach at Deep South Allergy Clinic Group Exposed 9,800 Patients’ Health Information Full Text
Abstract
Atlanta Allergy & Asthma (AAA), the largest allergy treatment healthcare business in the region, is notifying 9,800 patients that a January data breach involved protected health information.The Daily Swig
August 26, 2021
Personal Data and docs of Swiss town Rolle available on the dark web Full Text
Abstract
Documents and personal details of residents of the small Swiss town Rolle, on the shores of Lake Geneva, were stolen in a ransomware attack. The Swiss town Rolle disclosed the data breach after a ransomware attack, personal details of all its 6,200...Security Affairs
August 26, 2021
Personal Data and Documents of Swiss Town of Rolle Released on the Dark Web Full Text
Abstract
The Swiss town Rolle disclosed the data breach after a ransomware attack compromised some administrative servers, personal details of all its 6,200 inhabitants were stolen by threat actors.Security Affairs
August 24, 2021
Poly Network Recoups $610M Stolen from DeFi Platform Full Text
Abstract
The attacker returned the loot after being offered a gig as chief security advisor with Poly Network.Threatpost
August 24, 2021
Phishing attack exposes medical information for 12,000 patients at Revere Health Full Text
Abstract
The company doesn’t think it was the intent of the hacker to release patients’ medical information but rather as a way to launch more sophisticated phishing email attacks on other Revere employees.thespectrum
August 24, 2021
38 Million Records Exposed from Microsoft Power Apps of Dozens of Organisations Full Text
Abstract
More than 38 million records from 47 different entities that rely on Microsoft's Power Apps portals platform were inadvertently left exposed online, bringing into sharp focus a "new vector of data exposure." "The types of data varied between portals, including personal information used for COVID-19 contact tracing, COVID-19 vaccination appointments, social security numbers for job applicants, employee IDs, and millions of names and email addresses," UpGuard Research team said in a disclosure made public on Monday. Governmental bodies like Indiana, Maryland, and New York City, and private companies such as American Airlines, Ford, J.B. Hunt, and Microsoft are said to have been impacted. Among the most sensitive information that was left in the open were 332,000 email addresses and employee IDs used by Microsoft's own global payroll services, as well as more than 85,000 records related to Business Tools Support and Mixed Reality portals. Power Apps isThe Hacker News
August 23, 2021
Hillicon Valley: Millions exposed due to Microsoft misconfiguration Full Text
Abstract
Cybersecurity group UpGuard started out the week on a bang by revealing its findings that 38 million records were exposed online earlier this year due to a misconfiguration in a Microsoft application, including COVID-contact tracing information.The Hill
August 23, 2021
Data Brokers Are Advertising Data on U.S. Military Personnel Full Text
Abstract
The trend underscores the broader threats posed by the unregulated data brokerage ecosystem to civil rights and national security.Lawfare
August 23, 2021
Microsoft Spills 38 Million Sensitive Data Records Via Careless Power App Configs Full Text
Abstract
Data leaked includes COVID-19 vaccination records, social security numbers and email addresses tied to American Airlines, Ford, Indiana Department of Health and New York City public schools.Threatpost
August 23, 2021
New research finds 38 million records exposed online earlier this year Full Text
Abstract
Thirty-eight million records from dozens of organizations, including COVID-19 contact tracing information, were exposed online earlier this year due to a misconfiguration in a Microsoft product, according to research published Monday.The Hill
August 23, 2021
38M Records Exposed Online Including COVID-19 Contact-Tracing Info Full Text
Abstract
More than a thousand web apps mistakenly exposed 38 million records on the open internet, including data from a number of Covid-19 contact tracing platforms, vaccination sign-ups, job application portals, and employee databases.Wired
August 23, 2021
Nokia subsidiary discloses data breach after Conti ransomware attack Full Text
Abstract
SAC Wireless, a US-based and independently-operating Nokia company subsidiary, has disclosed a data breach following a ransomware attack where Conti operators were able to successfully breach its network, steal data, and encrypt systems.BleepingComputer
August 22, 2021
T-Mobile data breach could be worse than initially thought, 54 million customers impacted Full Text
Abstract
T-Mobile data breach could be worse than initially thought, an update to the investigation reveals that over 54 million individuals were impacted. T-Mobile data breach could be worse than initially thought, according to an update to the investigation...Security Affairs
August 21, 2021
Singapore real estate firm breached by ALTDOS Full Text
Abstract
The stolen data reportedly includes 969 databases from ACSystem, NewOrangeTee, OT_Analytics, OT_Leave, and ProjInfoListing, ranging from corporate/financial records to customer private personal and financial information.Data Breaches
August 20, 2021
T-Mobile data breach just got worse — now at 54 million customers Full Text
Abstract
The T-Mobile data breach keeps getting worse as an update to their investigation now reveals that cyberattack exposed over 54 million individuals' data.BleepingComputer
August 20, 2021
Update: T-Mobile probe into breach finds more customers hit, tally now at 53 mln Full Text
Abstract
T-Mobile said on Friday that an ongoing investigation revealed that hackers accessed information of an additional 5.3 million customers, bringing the total number to more than 53 million.Reuters
August 20, 2021
AT&T denies data breach after hacker auctions 70 million user database Full Text
Abstract
AT&T says that they did not suffer a data breach after a well-known threat actor claimed to be selling a database containing the personal information of 70 million customers.BleepingComputer
August 19, 2021
COVID-19 Contact-Tracing Data Exposed, Fake Vax Cards Circulate Full Text
Abstract
COVID-19-related exploitation and abuse is on the rise as vaccine data opens new frontiers for threat actors.Threatpost
August 19, 2021
Postmortem on U.S. Census Hack Exposes Cybersecurity Failures Full Text
Abstract
Government says cybersecurity failures were many within failed January hack of U.S. Census Bureau systems.Threatpost
August 18, 2021
T-Mobile data breach has impacted 48.6 million customers Full Text
Abstract
T-Mobile has confirmed that hackers have stolen records belonging to 48.6 million of current and former customers. Recently T-Mobile has launched an investigation into a possible security breach after a threat actor started offering for sale 100 million...Security Affairs
August 18, 2021
T-Mobile says hackers stole records belonging to 48.6 million individuals Full Text
Abstract
T-Mobile has confirmed that attackers who recently breached its servers stole files containing the personal information of tens of millions of individuals.BleepingComputer
August 17, 2021
Terrorist Watchlist Exposed Online with Nearly 1.9M Records Full Text
Abstract
A researcher discovered a data cache from the FBI’s Terrorist Screening Center left online without a password or authentication requirement.Threatpost
August 17, 2021
1.9 million+ records from the FBI’s terrorist watchlist available online Full Text
Abstract
A security researcher discovered that a secret FBI’s terrorist watchlist was accidentally exposed on the internet for three weeks between July 19 and August 9, 2021. A security researcher Bob Diachenko discovered a secret terrorist watchlist with 1.9...Security Affairs
August 17, 2021
Colonial Pipeline discloses data breach after May ransomware attack Full Text
Abstract
Colonial Pipeline discloses a data breach of the personal information of thousands of individuals after the ransomware attack that took place in May 2021. Colonial Pipeline has started notifying more than 5000 people that had their personal information...Security Affairs
August 17, 2021
Chase bank accidentally leaked customer info to other customers Full Text
Abstract
Chase Bank has admitted to the presence of a technical bug on its online banking website and app that allowed accidental leakage of customer banking information to other customers.BleepingComputer
August 16, 2021
100m T-Mobile Customer Records Purportedly Up for Sale Full Text
Abstract
UPDATE: T-Mobile confirmed the breach, but hasn’t confirmed whether customer data was involved. The offer: 30m records for ~1 penny each, with the rest being sold privately.Threatpost
August 16, 2021
T-Mobile confirms data breach that exposed customer personal info Full Text
Abstract
T-Mobile confirms a breach after threat actors claimed to have obtained records of 100 million of its customers and offered them for sale. T-Mobile has confirmed a data breach that exposed personal information from over 100 million of its US customers. Yesterday...Security Affairs
August 16, 2021
Cyberattack hits Israel’s Bar Ilan University: ‘Data is being erased right now’ Full Text
Abstract
A cyberattack targeted Israel’s Bar Ilan University Sunday, the school reported. An internal email by the IT department said the attack was ongoing and urged staff to shut down their computers.Haaretz
August 16, 2021
Education giant Pearson fined $1M for downplaying data breach Full Text
Abstract
The US Securities and Exchange Commission (SEC) announced today that Pearson, a British multinational educational publishing and services company, has settled charges of mishandling the disclosure process for a 2018 data breach discovered in March 2019.BleepingComputer
August 16, 2021
Secret terrorist watchlist with 2 million records exposed online Full Text
Abstract
A secret terrorist watchlist with 1.9 million records, including "no-fly" records was exposed on the internet. The list was left accessible on an Elasticsearch cluster that had no password on it.BleepingComputer
August 16, 2021
Data breach at New York university potentially affects 47,000 citizens Full Text
Abstract
The incident was discovered on July 14, and reportedly involved Social Security numbers. A total of more than 46,700 individuals are said to be impacted by the data breach.The Daily Swig
August 16, 2021
Colonial Pipeline reports data breach after May ransomware attack Full Text
Abstract
Colonial Pipeline, the largest fuel pipeline in the United States, is sending notification letters to individuals affected by the data breach resulting from the DarkSide ransomware attack that hit its network in May.BleepingComputer
August 15, 2021
Hacker claims to steal data of 100 million T-mobile customers Full Text
Abstract
T-Mobile is actively investigating a data breach after a threat actor claims to have hacked T-Mobile's servers and stolen databases containing the personal data of approximately 100 million customers.BleepingComputer
August 15, 2021
Ford bug exposed customer and employee records from internal systems Full Text
Abstract
A bug on Ford's website allowed for accessing sensitive systems and obtaining proprietary data, such as customer databases, employee records, internal tickets, etc. The data exposure stemmed from a misconfigured instance of Pega customer engagement system running on Ford's servers.BleepingComputer
August 14, 2021
Classified documents from Lithuanian Ministry of Foreign Affairs are available for sale Full Text
Abstract
Emails allegedly stolen from the Lithuanian Ministry of Foreign Affairs are available for sale in a cybercrime forum, some emails include high-sensitive info. An archive containing 1.6 million emails containing highly sensitive messages allegedly...Security Affairs
August 13, 2021
Emails from Lithuanian Ministry of Foreign Affairs for sale on data-trading forum Full Text
Abstract
The Lithuanian Ministry of Foreign Affairs has declined to comment about the authenticity of email files allegedly stolen from its network and offered for sale on a data-trading forum.LithBleepingComputer
August 13, 2021
Update: Months after the Accellion breach, more victims emerge Full Text
Abstract
The Accellion breach occurred last December, but more victims have come to light in recent weeks as investigations, notifications and disclosures stretch on through the summer.Tech Target
August 12, 2021
Data Breach at US Waste Management Firm Exposes Employees’ Healthcare Information Full Text
Abstract
A data breach at US waste management firm Waste Management Resources has apparently exposed the healthcare information of current and former employees, as well as their dependents.The Daily Swig
August 11, 2021
Kaseya’s ‘Master Key’ to REvil Attack Leaked Online Full Text
Abstract
The decryptor is of little use to other companies hit in the spate of attacks unleashed before the notorious ransomware group went dark, researchers said.Threatpost
August 11, 2021
Accenture confirms hack after LockBit ransomware data leak threats Full Text
Abstract
Accenture, a global IT consultancy giant has likely been hit by a ransomware cyberattack. The ransomware group LockBit is threatening to publish data on its leak site within hours, as seen by BleepingComputer.BleepingComputer
August 11, 2021
Kaseya’s universal REvil decryption key leaked on a hacking forum Full Text
Abstract
The universal decryption key for REvil's attack on Kaseya's customers has been leaked on hacking forums allowing researchers their first glimpse of the mysterious key.BleepingComputer
August 11, 2021
Hackers Steal Over $600 Million Worth of Cryptocurrencies from Poly Network Full Text
Abstract
Hackers have siphoned $611 million worth of cryptocurrencies from a blockchain-based financial network in what's believed to be one of the largest heists targeting the digital asset industry, putting it ahead of breaches targeting exchanges Coincheck and Mt. Gox in recent years. Poly Network, a China-based cross-chain decentralized finance (DeFi) platform for swapping tokens across multiple blockchains such as Bitcoin and Ethereum, on Tuesday disclosed unidentified actors had exploited a vulnerability in its system to plunder thousands of digital tokens such as Ether. "The hacker exploited a vulnerability between contract calls," Poly Network said. The stolen Binance Chain, Ethereum, and Polygon assets are said to have been transferred to three different wallets, with the company urging miners of affected blockchain and centralized crypto exchanges to blocklist tokens coming from the addresses. The three wallet addresses are as follows - Ethereum: 0xC8a65FadfThe Hacker News
August 10, 2021
$611 million stolen in Poly Network cross-chain hack Full Text
Abstract
The cross-chain protocol Poly Network has been hacked, threat actors stole $611 million making this hack the largest DeFi hack to date. $611 million has reportedly been stolen in one of the largest cryptocurrency hacks. The cross-chain protocol...Security Affairs
August 10, 2021
Crytek confirms Egregor ransomware attack, customer data theft Full Text
Abstract
Game developer and publisher Crytek has confirmed that the Egregor ransomware gang breached its network in October 2020, encrypting systems and stealing files containing customers' personal info later leaked on the gang's dark web leak site.BleepingComputer
August 10, 2021
FlyTrap, a new Android Trojan compromised thousands of Facebook accounts Full Text
Abstract
Experts spotted a new Android trojan, dubbed FlyTrap, that compromised Facebook accounts of over 10,000 users in at least 144 countries since March 2021. Zimperium's zLabs researchers spotted a new Android trojan, dubbed FlyTrap, that already compromised...Security Affairs
August 10, 2021
Companies Still Exposing Sensitive Data via Known Salesforce Misconfiguration Full Text
Abstract
While the misconfiguration has been known since at least last year and Salesforce has taken steps to prevent incidents, security company Varonis says it’s still seeing many affected organizations.Security Week
August 09, 2021
One million stolen credit cards leaked to promote carding market Full Text
Abstract
A threat actor is promoting a new criminal carding marketplace by releasing one million credit cards stolen between 2018 and 2019 on hacking forums.BleepingComputer
August 9, 2021
Chanel Korea apologizes for personal data leak Full Text
Abstract
The company said it had learned that the personal information of some customers from its database -- including names, birth dates, phone numbers, and shopping histories -- had been breached last week.Korea Herald
August 9, 2021
Data leak affects about 3,000 NYC students and 100 employees, officials confirm Full Text
Abstract
At least one student within the public school system managed to access a Google Drive that contained the private information of students and department employees across the city.districtadministration
August 8, 2021
1M compromised cards available for free in the underground market Full Text
Abstract
Group-IB detected an unconventional post on several carding forums containing links to a file containing 1 million compromised cards. On August 2, Group-IB Threat Intelligence & Attribution system detected an unconventional post on several carding...Security Affairs
August 7, 2021
University of Kentucky discovers data breach during scheduled pen-test Full Text
Abstract
The University of Kentucky said it discovered a security breach of one of its test-taking platforms during a scheduled security penetration test carried out by a third party in early June.The Record
August 6, 2021
Conti Leak Indicators – What to block, in your SOC…. Full Text
Abstract
Security expert provided leak indicators for Conti ransomware operations that were recently disclosed by a disgruntled affiliate. An affiliate of the Conti RaaS has leaked the training material provided by the group to the customers of its RaaS,...Security Affairs
August 5, 2021
Conti ransomware affiliate leaked gang’s training material and tools Full Text
Abstract
An affiliate of the Conti RaaS has leaked the training material shared by the group with its network along with the info about one of the operators. An affiliate of the Conti RaaS has leaked the training material provided by the group to the customers...Security Affairs
August 05, 2021
Angry Conti ransomware affiliate leaks gang’s attack playbook Full Text
Abstract
A disgruntled Conti affiliate has leaked the gang's training material when conducting attacks, including information about one of the ransomware's operators.BleepingComputer
August 5, 2021
Reindeer Leaked the Sensitive Data of Over 300,000 People Due to Misconfigured Amazon S3 Bucket Full Text
Abstract
The misconfigured S3 bucket compromised the details of over 300,000 customers from various Reindeer clients. Patrón was the client firm with the most customers’ PIIs exposed.Security Magazine
August 4, 2021
Advanced Technology Ventures discloses ransomware attack and data breach Full Text
Abstract
The American venture capital firm Advanced Technology Ventures (ATV) disclosed a ransomware attack, crooks also stole data of some private investors. Advanced Technology Ventures (ATV) is an American venture capital firm with...Security Affairs
August 4, 2021
92% of pharmaceutical companies have at least one exposed database Full Text
Abstract
According to Reposify, 46% of pharmaceutical companies had an exposed SMB service. SMB exposures were previously exploited in other infamous attacks, like WannaCry, NotPetya, Nachi, and Blaster worms.Help Net Security
August 3, 2021
Household Data of 35 Million US Residents Exposed in Database Misconfiguration Full Text
Abstract
The Elasticsearch database was left exposed without any security authentication which means it could have been accessed by anyone with access to a web browser, and a valid URL.Hackread
August 02, 2021
PwnedPiper critical bug set impacts major hospitals in North America Full Text
Abstract
Pneumatic tube system (PTS) stations used in thousands of hospitals worldwide are vulnerable to a set of nine critical security issues collectively referred to as PwnedPiper.BleepingComputer
August 2, 2021
Thailand’s Vaccine Appointment Registration Platform Leaks Over 20,000 Applicants’ Emails and Personal Details Full Text
Abstract
Screenshots of publicly accessible backdoors that revealed the emails and personal details of over 20,000 applicants started appearing online raising safety and privacy concerns.Thaiger
July 31, 2021
Threat actors leaked data stolen from EA, including FIFA code Full Text
Abstract
Threat actors that hacked Electronic Arts in June have leaked full data dump stolen from the company after the failure of the negotiation with the victim. In June, hackers have compromised the network of the gaming giant Electronic Arts (EA) and claimed...Security Affairs
July 31, 2021
SolarWinds hackers breached 27 state attorneys’ offices Full Text
Abstract
Microsoft Office 365 email accounts of employees at 27 US Attorneys' offices were breached by the Russia-linked SVR group as part of the SolarWinds hack, DoJ warns. The US Department of Justice revealed that the Microsoft Office 365 email accounts of...Security Affairs
July 31, 2021
DOJ: SolarWinds hackers breached emails from 27 US Attorneys’ offices Full Text
Abstract
The Russian hackers who orchestrated the SolarWinds supply chain attack pivoted to the internal network of the US DoJ, from where they gained access to Microsoft Office 365 email accounts belonging to employees at 27 state attorneys’ offices.The Record
July 30, 2021
DOJ: SolarWinds hackers breached emails from 27 US Attorneys’ offices Full Text
Abstract
The US Department of Justice says that the Microsoft Office 365 email accounts of employees at 27 US Attorneys' offices were breached by the Russian Foreign Intelligence Service (SVR) during the SolarWinds global hacking spree.BleepingComputer
July 30, 2021
The Life Cycle of a Breached Database – Krebs on Security Full Text
Abstract
When a website’s user database gets compromised, that information invariably turns up on hacker forums whereby cybercriminals can use their infrastructure to crack user passwords.Krebs on Security
July 30, 2021
Calgary’s parking authority exposed drivers’ personal data and tickets Full Text
Abstract
A logging server, containing technical logs, parking tickets, and payment and driver information, used to monitor the authority’s parking system for bugs and errors was left exposed on the internet.TechCrunch
July 29, 2021
UC San Diego Health Breach Tied to Phishing Attack Full Text
Abstract
Employee email takeover exposed personal, medical data of students, employees and patients.Threatpost
July 29, 2021
Chipotle’s marketing account hacked to send phishing emails Full Text
Abstract
Hackers have compromised an email marketing account belonging to the Chipotle food chain and used it to send out phishing emails luring recipients to malicious links.BleepingComputer
July 28, 2021
Olympics Broadcaster Announces His Computer Password on Live TV Full Text
Abstract
In what is, at least so far, the biggest cybersecurity blunder of the Tokyo Olympics, an Italian TV announcer did not realize he was on air when he asked the password for his computer.Vice
July 27, 2021
Indonesia’s BRI Life Probes Reported Data Leak of 2 Million Users Full Text
Abstract
BRI Life, the insurance arm of Indonesia's Bank Rakyat Indonesia (BRI), said that it was investigating claims that the personal details of over two million of its customers had been advertised for sale by unidentified hackers.Reuters
July 27, 2021
UC San Diego Health discloses data breach after phishing attack Full Text
Abstract
UC San Diego Health, the academic health system of the University of California, San Diego, has disclosed a data breach after the compromise of some employees' email accounts.BleepingComputer
July 27, 2021
Florida DEO Discloses Data Breach Affecting 58,000 Accounts Full Text
Abstract
The data breach has affected the unemployment benefits system and targeted 57,920 claimant accounts. The breach affected accounts within the Reemployment Assistance Claims and Benefits Information System, commonly known as CONNECT.Dark Reading
July 26, 2021
Mobile County Commission notifies employees of data breach Full Text
Abstract
The information that may have been exposed includes names, dates of birth, and Social Security numbers, as well as the health insurance contract numbers and routing numbers for direct deposit.WKRG News 5
July 23, 2021
CRM Database of Guntrader Website Gets Breached and Leaks Information of 110,000 Users Full Text
Abstract
Cybercriminals hacked into a website used for buying and selling firearms, making off with a 111,000-entry database containing partial information from a CRM product used by gun shops across the UK.The Register
July 23, 2021
Over 80 US Municipalities’ Sensitive Information, Including Resident’s Personal Data, Left Vulnerable in Massive Data Breach Full Text
Abstract
WizCase’s team of ethical hackers, led by Ata Hakçıl, has found a major breach exposing a number of US cities, all of them using the same web service provider aimed at municipalities. Original post at https://www.wizcase.com/blog/us-municipality-breach-report/ ...Security Affairs
July 23, 2021
Saudi Aramco Hit With $50 Million Cyber Extortion Demand over Stolen Data Full Text
Abstract
Saudi Aramco acknowledged that leaked data from the company being used in a cyber-extortion attempt involving a USD 50 million ransom demand likely came from one of its contractors.The Times Of India
July 22, 2021
Japanese Government Says Limited Number of Users Affected by Olympic Ticket Data Leak Full Text
Abstract
The news came one day after the FBI released a private industry alert urging organizations working with the Tokyo 2020 Summer Olympics to prepare for a wave of cyberattacks.ZDNet
July 22, 2021
Sensitive medical data of cancer patients at Jefferson Health potentially breached following third-party hack Full Text
Abstract
For some patients, a Social Security number was also included, the healthcare provider said in a statement. Financial account, insurance, and payment card information was not involved, it added.The Daily Swig
July 22, 2021
TicketClub Italy Database Offered in Dark Web Full Text
Abstract
A database belonging to TicketClub Italy, a company providing coupons platform for offline purchases, is available for sale on darkweb hacking forums. TicketClub is an Italian company providing a mobile-based coupons platform for offline purchases....Security Affairs
July 22, 2021
Thousands of Humana customers have their medical data leaked online by threat actors Full Text
Abstract
Experts found a DB containing sensitive health insurance data belonging to customers of US insurance giant Humana. An SQL database containing what appears to be highly sensitive health insurance data of more than 6,000 patients has been leaked on a popular...Security Affairs
July 21, 2021
Sensitive Information From Over 80 US Municipalities Left Vulnerable in Massive Data Breach at PeopleGIS Full Text
Abstract
WizCase’s team of ethical hackers, led by Ata Hakç?l, has found a major breach exposing a number of US cities, all of them using the same web service provider aimed at municipalities.WizCase
July 20, 2021
Federal agencies say dozens of pipeline companies breached by Chinese hackers in 2011 Full Text
Abstract
The FBI and the Cybersecurity and Infrastructure Security Agency (CISA) disclosed Tuesday that multiple U.S. natural gas and oil pipeline companies were successfully breached by Chinese hackers for two years beginning in 2011.The Hill
July 20, 2021
Online gamer spills classified docs in effort to win online argument Full Text
Abstract
A user of the Hungary-based game developer Gaijin Entertainment's combat simulator War Thunder tried to win an online argument by sharing classified documents in the company's game forums.The Register
July 20, 2021
Lake County Health Department announces two data breaches impacting nearly 25,000 patients Full Text
Abstract
Jefferson McMillan-Wilhoit, the Chief Health Informatics and Technology Officer for the Lake County Health Department, said the first breach was discovered on July 22, 2019.Lake & Mchenry County Scanner
July 19, 2021
Threat actor claims to have stolen 1 TB of data belonging to Saudi Aramco Full Text
Abstract
A hacker claims to have stolen 1 TB of sensitive data from the Saudi Arabian petroleum and natural gas giant, Saudi Aramco. Threat actors that goes online with the moniker ZeroX claim to have stolen 1 TB of sensitive data from the Saudi Arabian...Security Affairs
July 19, 2021
Saudi Aramco data breach sees 1 TB stolen data for sale Full Text
Abstract
Attackers have stolen 1 TB of proprietary data belonging to Saudi Aramco and are offering it for sale on the darknet. The Saudi Arabian Oil Company, better known as Saudi Aramco, is one of the largest public petroleum and natural gas companies in the world. The sales price, albeit negotiable, is set at $5 million.BleepingComputer
July 19, 2021
Cloud Storage Misconfiguration at Artwork Archive Exposed Over 420GB User Data Full Text
Abstract
Campbell Conroy & O'Neil, P.C. (Campbell), a US law firm counseling dozens of Fortune 500 and Global 500 companies, has disclosed a data breach following a February 2021 ransomware attack.ZDNet
July 16, 2021
Full Source Code Dump of DDoS-Guard Service Put for Sale Online Full Text
Abstract
Alleged customer data from DDoS-Guard, a Russia-based company that offers defenses against distributed denial-of-service attacks, has been offered for sale on a cybercrime forum.Gov Info Security
July 15, 2021
Forefront Dermatology Clinic Chain Notifies 2.4 Million Patients, Employees, and Clinicians of Data Breach Full Text
Abstract
Forefront Dermatology S.C, a dermatology practice with affiliated offices in 21 states plus Washington, D.C., is notifying 2.4 million patients, employees and clinicians of a recent hacking incident.DataBreach Today
July 15, 2021
Firm Hacked to Spread Ransomware Had Previous Security Flaws Full Text
Abstract
It turns out that the recent hack wasn’t the first major cybersecurity problem to hit Kaseya and its core product, which IT teams use to remotely monitor and administer workplace systems.Security Week
July 13, 2021
Guess Fashion Brand Deals With Data Loss After Ransomware Attack Full Text
Abstract
An attack on Guess compromised the personal and banking data of 1,300 victims.Threatpost
July 13, 2021
This couple lost £15,000 to scammers. We followed the money – and found millions in stolen crypto Full Text
Abstract
A CyberNews investigation uncovered a network of wallet addresses used by a scammer group to store and cash out millions in crypto stolen from thousands of victims. Original post @ https://cybernews.com/crypto/millions-of-stolen-crypto-found-investigation/ Mindaugas...Security Affairs
July 13, 2021
American retailer Guess discloses data breach after ransomware attack Full Text
Abstract
American clothing brand and retailer Guess discloses a data breach after the February ransomware attack and is notifying the affected customers. In February, American fashion brand Guess was hit by a ransomware attack, now the company is disclosing...Security Affairs
July 13, 2021
Call Details of all Nepali Users Stolen in Cyberattack by Chinese Hackers on Nepal Telecom Full Text
Abstract
It has also been found that the data stolen from the telecom server has been kept on the dark web for sale. The CDR call data record of the telco was put for selling on June 29.The Times Of India
July 12, 2021
Fashion retailer Guess discloses data breach after ransomware attack Full Text
Abstract
American fashion brand and retailer Guess is notifying affected customers of a data breach following a February ransomware attack that led to data theft.BleepingComputer
July 12, 2021
Security Incident at Spreadshop Impacts Customers’ Payment Details, Emails, and Passwords Full Text
Abstract
Spreadshop was the victim of a cyberattack on July 8, 2021. In an update posted to its website, the platform confirmed that personal user data, including bank account details, were compromised.Privacy Sharks
July 12, 2021
Threat actors scrape 600 million LinkedIn profiles and are selling the data online - again Full Text
Abstract
While not deeply sensitive, the information could still be used by malicious actors to quickly and easily find new targets based on the criminals’ preferred methods of social engineering.Cyber News
July 12, 2021
Cyberattack at Bank of Oak Ridge Exposes Customer Data and Certain Disrupts Banking Services Full Text
Abstract
Bank of Oak Ridge, a community bank in Piedmont-Triad, said an unauthorized actor accessed banking customer data in late April, leading the bank to launch an investigation into the incident.WFMY News2
July 11, 2021
Hackers accessed Mint Mobile subscribers’ data and ported some numbers Full Text
Abstract
Mint Mobile discloses a data breach, an unauthorized attacker gained access to subscribers' account information and ported phone numbers. Mint Mobile is an American telecommunications company which sells mobile phone services and operates as an MVNO...Security Affairs
July 10, 2021
Mint Mobile hit by a data breach after numbers ported, data accessed Full Text
Abstract
Mint Mobile has disclosed a data breach after an unauthorized person gained access to subscribers' account information and ported phone numbers to another carrier.BleepingComputer
July 9, 2021
Data of 1.2M patients stolen prior to third-party vendor ransomware attack Full Text
Abstract
This week’s health care data breach roundup includes attacks on Practicefirst, University Medical Center of Southern Nevada and Coastal Family Health Center.SCMagazine
July 09, 2021
Insurance giant CNA reports data breach after ransomware attack Full Text
Abstract
CNA Financial Corporation, a leading US-based insurance company, is notifying customers of a data breach following a Phoenix CryptoLocker ransomware attack that hit its systems in March.BleepingComputer
July 9, 2021
Insurance firm CNA discloses data breach after March ransomware attack Full Text
Abstract
Insurance giant CNA notifies customers of a data breach after the Phoenix CryptoLocker ransomware attack suffered in March. US insurance giant CNA is notifying customers of a data breach after the ransomware attack that it suffered in March. The...Security Affairs
July 8, 2021
Kroger reaches $5M settlement with breach victims, as Supreme Court defines ‘actual harm’ Full Text
Abstract
Health care providers are increasingly facing the risk of lawsuits amid the rise in data breaches. The recent Supreme Court decision on “actual harm” may curtail the financial impact.SCMagazine
July 8, 2021
Morgan Stanley discloses data breach after the hack of a third-party vendor Full Text
Abstract
The American multinational investment bank and financial services firm Morgan Stanley discloses a data breach caused by the hack of an Accellion FTA server of a third-party vendor. Investment banking firm Morgan Stanley has disclosed a data breach...Security Affairs
July 08, 2021
Morgan Stanley reports data breach after vendor Accellion hack Full Text
Abstract
Investment banking firm Morgan Stanley has reported a data breach after attackers stole personal information belonging to its customers by hacking into the Accellion FTA server of a third party vendor.BleepingComputer
July 7, 2021
Ransomware-hit law firm gets court order asking crooks not to publish the data they stole Full Text
Abstract
A legal services firm, 4 New Square Chambers, hit by a ransomware attack has responded by getting a British High Court order demanding the criminals do not share stolen data.The Register
July 7, 2021
Kremlin Hackers Reportedly Breached Republican National Committee Full Text
Abstract
Attempted holiday weekend raid came via third-party providerInfosecurity Magazine
July 7, 2021
Hacker leaks info of pro-Trump GETTR members online Full Text
Abstract
A hacker has leaked claims to have breached pro-Trump GETTR and leaked the private information of almost 90,000 members on a hacking forum. GETTR is a new pro-Trump social media platform created by Jason Miller, a former Trump advisor, the Twitter-like...Security Affairs
July 7, 2021
Data Breach at Third-party Provider Exposes Medical Data of Chicago-based Northwestern Memorial HealthCare Patients Full Text
Abstract
In its advisory, the healthcare provider said that the attackers made a copy of the datasets, which include patient names, dates of birth, SSNs, health insurance details, and medical record numbers.The Daily Swig
July 6, 2021
Pro-Trump ‘Gettr’ Social Platform Hacked On Day One Full Text
Abstract
The newborn platform was inundated by Sonic the Hedgehog-themed porn and had prominent users’ profiles defaced. Next, hackers posted its user database online.Threatpost
July 6, 2021
Official Formula 1 App Hacked Full Text
Abstract
Racing fans receive strange messages over holiday weekendInfosecurity Magazine
July 6, 2021
BA Settles with Data Breach Victims Full Text
Abstract
Victims of 2018 British Airways data breach to receive confidential settlementInfosecurity Magazine
July 06, 2021
RNC says contractor breached in hack, GOP data secure Full Text
Abstract
The Republican National Committee (RNC) on Tuesday acknowledged that one of its contractors had been breached by hackers linked to Russia but said its data had not been accessed.The Hill
July 06, 2021
Hacker dumps private info of pro-Trump GETTR social network members Full Text
Abstract
Newly launched social site GETTR suffered a data breach after a hacker claimed to use an unsecured API to scrape the private information of almost 90,000 members and then shared the data on a hacking forum.BleepingComputer
July 6, 2021
Dominion National reaches $2M settlement over nine-year data breach Full Text
Abstract
Dominion National reached a settlement with the 2.9 million patients impacted by a data breach that went undetected for nine years and was reported in 2019.SCMagazine
July 06, 2021
Up to 1,500 companies compromised by ransomware attack on Kaseya Full Text
Abstract
As many as 1,500 companies around the world were potentially compromised by a ransomware attack late last week on software company Kaseya, the group acknowledged on Monday.The Hill
July 6, 2021
Approximatively 1,500 businesses impacted by the ransomware attack that hit Kaseya Full Text
Abstract
Kaseya confirmed that the REvil supply-chain ransomware attack hit fewer than 60 of its customers and their customers. Software provider Kaseya announced that fewer than 60 of its customers and less than 1,500 businesses have been impacted by the...Security Affairs
July 5, 2021
Ransomware attack may have exposed information on over 16,000 workers, state says Full Text
Abstract
Pacific Market Research (PMR) “recently notified” the Washington state Department of Labor and Industries, one of its clients, about the May 22 attack, according to a Thursday L&I news release.The News Tribune
July 3, 2021
Hackers breached several MPs’ email accounts, Poland says Full Text
Abstract
The email accounts of about a dozen members of parliament were hacked recently, Polish counter-intelligence said on Friday, disclosing further details of one of the biggest cyberattacks on the country in recent years.Reuters
July 02, 2021
Mongolian Certificate Authority Hacked to Distribute Backdoored CA Software Full Text
Abstract
In yet another instance of software supply chain attack, unidentified hackers breached the website of MonPass , one of Mongolia's major certificate authorities, to backdoor its installer software with Cobalt Strike binaries. The trojanized client was available for download between February 8, 2021, and March 3, 2021, said Czech cybersecurity software company Avast in a report published Thursday. In addition, a public webserver hosted by MonPass was infiltrated potentially as many as eight separate times, with the researchers uncovering eight different web shells and backdoors on the compromised server. Avast's investigation into the incident began after it discovered the backdoored installer and the implant on one of its customers' systems. "The malicious installer is an unsigned [Portable Executable] file," the researchers said. "It starts by downloading the legitimate version of the installer from the MonPass official website. This legitimate versiThe Hacker News
July 02, 2021
US insurance giant AJG reports data breach after ransomware attack Full Text
Abstract
Arthur J. Gallagher (AJG), a US-based global insurance brokerage and risk management firm, is mailing breach notification letters to potentially impacted individuals following a ransomware attack that hit its systems in late September.BleepingComputer
July 1, 2021
Hacked Data for 69K LimeVPN Users Up for Sale on Dark Web Full Text
Abstract
LimeVPN has confirmed a data incident, and meanwhile its website has been knocked offline.Threatpost
July 1, 2021
Hackers breached a data server of the University Medical Center Full Text
Abstract
The University Medical Center hospital discloses a data breach after threat actors published online images of stolen personal information as proof of the hack. The University Medical Center hospital, in Nevada, discloses a security breach, the hackers...Security Affairs
July 1, 2021
Freshly scraped LinkedIn data of 88,000 US business owners shared online Full Text
Abstract
About a week after scraped data from more than 700 million LinkedIn profiles were put for sale online, it seems that threat actors have no intention of stopping their abuse of the social media platform’s scrape-friendly systems. Hours...Security Affairs
June 30, 2021
Babuk Locker’s Code Leak - More Trouble for Security Agencies Full Text
Abstract
The builder for the Babuk Locker ransomware was leaked online. This could allow any cybercriminal group to create their custom ransomware variants. The leak of such advanced ransomware is a grave cause of concern for cybersecurity experts. Thus, it is best for organizations to proactively apply sec ... Read MoreCyware Alerts - Hacker News
June 30, 2021
UK Arm of International Charity The Salvation Army Compromised by Ransomware Attackers Full Text
Abstract
The Salvation Army in the UK was hit with ransomware. The organization refused to give any further information, such as the identity of the attackers, or the volume and type of data accessed by them.The Register
June 30, 2021
Zero-Day Used to Wipe My Book Live Devices Full Text
Abstract
Threat actors may have been duking it out for control of the compromised devices, first using a 2018 RCE, then password-protecting a new vulnerability.Threatpost
June 30, 2021
Freshly Scraped LinkedIn Data of 88,000 US Business Owners Leaked on Hacker Forum Full Text
Abstract
The database includes full names, email addresses, workplace information, and other data available publicly on their LinkedIn profiles. The archive was posted on a hacker forum for anyone to access.Cyber News
June 30, 2021
SolarWinds Hackers Compromised Denmark’s Central Bank and Remained Hidden for Months Full Text
Abstract
The network intrusion was revealed by the technology outlet Version2, which obtained official documents from the Danish central bank through a freedom of information request.Security Affairs
June 29, 2021
New LinkedIn breach exposes data of 700 Million users Full Text
Abstract
A new massive LinkedIn breach made the headlines, the leak reportedly exposes the data of 700M users, more than 92% of the total 756M users. A new massive LinkedIn breach made the headlines, a database containing data of 700M users, more than 92% of the total...Security Affairs
June 29, 2021
Russian hackers had months-long access to Denmark’s central bank Full Text
Abstract
Russian state hackers compromised Denmark's central bank (Danmarks Nationalbank) and planted malware that gave them access to the network for more than half a year without being detected.BleepingComputer
June 29, 2021
Microsoft’s Halo dev site breached using dependency hijacking Full Text
Abstract
Microsoft has once again been successfully hit by a dependency hijacking attack. This month, another researcher found an npm internal dependency being used by an open-source project. After publishing a public dependency by the same name, he began receiving messages from Microsoft's Halo game dev servers.BleepingComputer
June 28, 2021
Data for 700M LinkedIn Users Posted for Sale in Cyber-Underground Full Text
Abstract
After 500 million LinkedIn enthusiasts were affected in a data-scraping incident in April, it’s happened again – with big security ramifications.Threatpost
June 28, 2021
Attackers Breach Microsoft Customer Service Accounts Full Text
Abstract
American IT companies and government have been targeted by the Nobelium state-sponsored group.Threatpost
June 28, 2021
Mercedes-Benz cloud data exposure shines spotlight on third-party risk Full Text
Abstract
The Mercedes-Benz leak highlights an issue that security teams keep seeing time and again: Private data that’s accidentally left publicly accessible on a cloud storage platform by a vendor.SCMagazine
June 28, 2021
Personal Details of Over 200,000 Students Leaked After Cyberattack on AcadeME Full Text
Abstract
The group claimed that they leaked emails, passwords, first and last names, addresses, and even phone numbers of over 200,000 students who were registered on AcadeME since 2014.The Jerusalem Post
June 28, 2021
Kentucky Healthcare System Exposes Patients’ PHI Full Text
Abstract
UofL Health sends PHI of 42,000 patients to incorrect email addressesInfosecurity Magazine
June 28, 2021
The builder for Babuk Locker ransomware was leaked online Full Text
Abstract
The builder for the Babuk Locker ransomware was leaked online, threat actors can use it to create their own ransomware strain. The Record first reported that the builder for the Babuk Locker ransomware was leaked online, threat actors could use it to create...Security Affairs
June 28, 2021
New Hive Ransomware Group Hive Leaks Stolen Files From Altus Group Full Text
Abstract
On June 14th, Altus Group, a commercial real estate software solutions company, has announced that its data was breached. A week later, they reported “no evidence of impact”.Security Affairs
June 28, 2021
Mercedes Benz Data Leak Includes Card and Social Security Details Full Text
Abstract
Customer data was exposed via an insecure cloud storage serviceInfosecurity Magazine
June 28, 2021
Sensitive Defense Documents Found at Bus Stop Full Text
Abstract
UK's Ministry of Defence launches investigation after worrying discoveryInfosecurity Magazine
June 27, 2021
SolarWinds Hackers Breach Microsoft Customer Support to Target its Customers Full Text
Abstract
In yet another sign that the Russian hackers who breached SolarWinds network monitoring software to compromise a slew of entities never really went away, Microsoft said the threat actor behind the malicious cyber activities used password spraying and brute-force attacks in an attempt to guess passwords and gain access to its customer accounts. "This recent activity was mostly unsuccessful, and the majority of targets were not successfully compromised – we are aware of three compromised entities to date," the tech giant's Threat Intelligence Center said Friday. "All customers that were compromised or targeted are being contacted through our nation-state notification process." The development was first reported by news service Reuters. The names of the victims were not revealed. The latest wave in a series of intrusions is said to have primarily targeted IT companies, followed by government agencies, non-governmental organizations, think tanks, and financThe Hacker News
June 26, 2021
Mercedes-Benz data breach impacted roughly 1000 individuals Full Text
Abstract
Mercedes-Benz USA disclosed a data breach that impacted 1.6 million customers, exposed data includes financial data and social security numbers (SSNs). Mercedes-Benz USA disclosed on Friday a data breach that impacted some of its customers and potential...Security Affairs
June 26, 2021
Microsoft: Russia-linked SolarWinds hackers breached three new entities Full Text
Abstract
Microsoft discovered that Russia-linked SolarWinds hackers, tracked as Nobelium, have breached the network of three new organizations. Microsoft revealed on Friday that Russia-linked SolarWinds hackers, tracked as Nobelium or APT29, have conducted...Security Affairs
June 26, 2021
Microsoft says new breach discovered in probe of suspected SolarWinds hackers Full Text
Abstract
Microsoft said on Friday an attacker had won access to one of its customer-service agents and then used information from that to launch hacking attempts against customers.Reuters
June 25, 2021
Mercedes-Benz data breach exposes SSNs, credit card numbers Full Text
Abstract
Mercedes-Benz USA has just disclosed a data breach impacting under 1,000 customers and potential buyers that exposed their credit card information, social security numbers, and driver license numbers.BleepingComputer
June 25, 2021
Data of 500K patients accessed, stolen after eye clinic ransomware attack Full Text
Abstract
This week’s breach roundup is led by a ransomware attack against Wolfe Eye Clinic in Iowa. An attacker accessed and likely stole the data of 500,000 patients.SCMagazine
June 25, 2021
My Book Live Users Wake Up to Wiped Devices, Active RCE Attacks Full Text
Abstract
“I am totally screwed,” one user wailed after finding years of data nuked. Western Digital advised yanking the NAS storage devices offline ASAP: There’s an exploit.Threatpost
June 25, 2021
Cloud Database Exposes 800M+ WordPress Users’ Records Full Text
Abstract
Misconfiguration at hosting provider DreamHost led to the privacy breachInfosecurity Magazine
June 25, 2021
Stolen Data of 3.4 Million Customers of Indian Trading Platform Sold Online Full Text
Abstract
The compromised information included Personal Identifiable Information (PII) such as names, customer IDs, contact numbers, email IDs, trade login IDs, branch IDs, city, and country.The Times Of India
June 25, 2021
Mercedes-Benz USA Accidentally Exposes Sensitive Personal Information of Nearly 1,000 Customers Full Text
Abstract
The data comprised self-reported credit scores, driver licenses, social security numbers, and credit card information which was entered by customers and interested buyers on dealer and company websites between January 2014 and June 2017.Reuters
June 24, 2021
WD My Book NAS devices are being remotely wiped clean worldwide Full Text
Abstract
Western Digital My Book NAS owners worldwide are finding that their devices have been mysteriously factory reset and all of their files deleted.BleepingComputer
June 24, 2021
Data Breach at WorkForce West Virginia Full Text
Abstract
Mountain State governor confirms data breach impacting jobseekers’ databaseInfosecurity Magazine
June 24, 2021
Hackers leak 260,000 accounts from Pakistani music streaming site Patari Full Text
Abstract
Patari.pk, a Pakistani music streaming site has suffered a data breach in which its database containing personal data and login credentials of over 257,000 users has been leaked on hacker forums.Hackread
June 24, 2021
Tulsa’s Police-Citation Data Leaked by Conti Gang Full Text
Abstract
A May 6 ransomware attack caused disruption across several of the municipality’s online services and websites.Threatpost
June 24, 2021
Fashion Firm French Connection Suffers Breach of Internal Data Due to REvil-linked Ransomware Attack Full Text
Abstract
French Connection has become the latest victim of ransomware, with a gang understood to be linked to REvil having penetrated its back-end - making off with a selection of private internal data.The Register
June 23, 2021
Cyber-attack Exposes Eye Clinic Patient Data Full Text
Abstract
Around 500k patient records may have been exposed in cyber-attack on Iowa’s Wolfe Eye ClinicInfosecurity Magazine
June 23, 2021
Tulsa warns of data breach after Conti ransomware leaks police citations Full Text
Abstract
The City of Tulsa, Oklahoma, is warning residents that their personal data may have been exposed after a ransomware gang published police citations online.BleepingComputer
June 23, 2021
Personal Information of 500,000 Patients of Iowa-based Wolfe Eye Clinic Accessed in Cyberattack Full Text
Abstract
The records of roughly 500,000 patients of an eye clinic with locations throughout Iowa may have been stolen as part of a ransomware attack on the business earlier this year.AP News
June 23, 2021
City of Tulsa Reports Cyber Incident Potentially Affecting Personal Information of Residents Full Text
Abstract
The city announced Tuesday that hackers obtained more than 18,000 city files. The leaked files are mostly police citations and internal department files, officials said in a press release.CNN Money
June 22, 2021
Asia Pacific Network Information Centre Leaves SQL Dump From Whois Database Publicly Exposed on Google Cloud Bucket Full Text
Abstract
The Asia Pacific Network Information Centre (APNIC) has admitted it left at least a portion of its Whois SQL database, which contains sensitive information, unsecured for three months.The Register
June 21, 2021
Wegmans Exposes Customer Data in Misconfigured Databases Full Text
Abstract
Cleanup in aisle “Oops”: The supermarket chain said that it misconfigured two cloud databases, exposing customer data to public scrutiny.Threatpost
June 21, 2021
Ragnar Locker ransomware leaked data stolen from ADATA chipmaker Full Text
Abstract
The Taiwanese memory and storage chip maker ADATA was hit by the Ragnar Locker ransomware gang that also published more than 700GB of stolen data. The Ragnar Locker ransomware gang has published on its leak sites more than 700GB of data stolen from...Security Affairs
June 21, 2021
OnlyFans, Twitter ban users for leaking politician’s BDSM video Full Text
Abstract
This week, Twitter and OnlyFans have banned user accounts that illicitly leaked a BSDM video featuring a New York City city council candidate. As reported by Motherboard, the video of 26-year old Zack Weiner began circulating on Twitter and OnlyFans via accounts with identical usernames and profile pictures.BleepingComputer
June 21, 2021
Embryology Data Breach Follows Fertility Clinic Ransomware Hit Full Text
Abstract
Approximately 38,000 of RBA’s customers had their embryology data stolen by a ransomware gang.Threatpost
June 21, 2021
OnlyFans, Twitter bans users for leaking politician’s BDSM video Full Text
Abstract
This week, Twitter and OnlyFans have banned user accounts that illicitly leaked a BSDM video featuring a New York City city council candidate. As reported by Motherboard, the video of 26-year old Zack Weiner began circulating on Twitter and OnlyFans via accounts with identical usernames and profile pictures.BleepingComputer
June 21, 2021
Ohio Medicaid Provider Suffers Data Breach Full Text
Abstract
Personal data could have been stolen in unauthorized access incident at MaximusInfosecurity Magazine
June 21, 2021
Millions of medical images, patient data remain exposed via PACS flaws Full Text
Abstract
U.S. health systems have failed to take action, two years after a report exposed potential privacy violations.SCMagazine
June 21, 2021
Millions of medical images, patient data remain exposed via PACS flaws Full Text
Abstract
U.S. health systems have failed to take action, two years after a report exposed potential privacy violations.SCMagazine
June 21, 2021
ADATA suffers 700 GB data leak in Ragnar Locker ransomware attack Full Text
Abstract
The Ragnar Locker ransomware gang have published download links for more than 700GB of archived data stolen from Taiwanese memory and storage chip maker ADATA.BleepingComputer
June 21, 2021
UK Parliamentary Staffers Lost 96 Devices in Past Two Years Full Text
Abstract
Fears have been raised that sensitive public data has fallen into the hands of cyber-criminalsInfosecurity Magazine
June 21, 2021
Over 30,000 Fertility Clinic Patients Hit by Ransomware Data Breach Full Text
Abstract
Atlanta-based Reproductive Biology Associates claims data has been deletedInfosecurity Magazine
June 21, 2021
Nuclear Research Institute Breached by Suspected North Korean Hackers Full Text
Abstract
South Korea’s KAERI investigating attack that exploited VPN bugInfosecurity Magazine
June 21, 2021
South Korea’s Nuclear Research Agency Breached by North Korea-affiliated Cyberattackers Full Text
Abstract
South Korean officials have admitted that the government nuclear think tank Korea Atomic Energy Research Institute was hacked in May 2021 by North Korea’s Kimsuky group. The Korean news outlet that broke the story has accused KAERI of a cover-up.The Register
June 20, 2021
Fertility clinic discloses data breach exposing patient info Full Text
Abstract
A Georgia-based fertility clinic has disclosed a data breach after files containing sensitive patient information were stolen during a ransomware attack.BleepingComputer
June 19, 2021
South Korea’s Nuclear Research agency hacked using VPN flaw Full Text
Abstract
South Korea's 'Korea Atomic Energy Research Institute' disclosed yesterday that their internal networks were hacked last month by North Korean threat actors using a VPN vulnerability.BleepingComputer
June 19, 2021
This Agency’s Computers Hold Secrets. Hackers Got In With One Password. Full Text
Abstract
New York City’s Law Department holds some of the city’s most closely guarded secrets. But all it took for a hacker to infiltrate the 1,000-lawyer agency’s network early this month was one worker’s pilfered email passwordNew York Times
June 18, 2021
Poland blames Russia for breach, theft of Polish officials’ emails Full Text
Abstract
Poland's deputy prime minister Jarosław Kaczyński says last week's breach of multiple Polish officials' private email accounts was carried out from servers within the Russian Federation.BleepingComputer
June 18, 2021
Carnival Cruise says customer data exposed in breach Full Text
Abstract
Carnival Cruise says customer and employee data may have been exposed in a data breach in March.The Hill
June 18, 2021
US supermarket chain Wegmans discloses data breach Full Text
Abstract
The supermarket chain Wegmans US Wegmans discloses a data breach, customers information was exposed on the Internet due to a misconfiguration issue. Wegmans Food Markets disclosed a data breach, the supermarket chain notified customers that some of their...Security Affairs
June 18, 2021
Cruise operator Carnival discloses a security breach Full Text
Abstract
Carnival Corp. said that the data breach it has suffered in March might have impacted its customers and employees. Carnival Corp. this week confirmed that the data breach that took place in March might have exposed personal information about customers...Security Affairs
June 18, 2021
Alina Lodge notifies patients of data breach tied to 2020 Blackbaud incident Full Text
Abstract
This week’s breach roundup is led by a Alina Lodge breach notice stemming from the massive 2020 Blackbaud security incident and data theft.SCMagazine
June 18, 2021
US supermarket chain Wegmans notifies customers of data breach Full Text
Abstract
Wegmans Food Markets notified customers that some of their information was exposed after the company became aware that two of its databases were publicly accessible on the Internet because of a configuration issue.BleepingComputer
June 18, 2021
Carnival Confirms Another Breach Impacting Staff and Passengers Full Text
Abstract
Cruise line giant reveals personal information may have been takenInfosecurity Magazine
June 17, 2021
Eggfree Cake Box suffer data breach exposing credit card numbers Full Text
Abstract
Eggfree Cake Box has disclosed a data breach after threat actors hacked their website to stole credit card numbers.BleepingComputer
June 17, 2021
Carnival discloses new data breach on email accounts Full Text
Abstract
Carnival has been hit by multiple cyberattacks since 2019, including a ransomware incident last summer.SCMagazine
June 17, 2021
Egg free Cake Box suffer data breach exposing credit card numbers Full Text
Abstract
Eggfree Cake Box has disclosed a data breach after threat actors hacked their website to stole credit card numbers.BleepingComputer
June 17, 2021
Over a billion records belonging to CVS Health exposed online Full Text
Abstract
Researchers discovered an unprotected database belonging to CVS Health that was exposed online containing over a billion records. This week WebsitePlanet along with the researcher Jeremiah Fowler discovered an unsecured database, belonging to the US healthcare...Security Affairs
June 17, 2021
Audi, Volkswagen customer data being sold on a hacking forum Full Text
Abstract
Audi and Volkswagen customer data is being sold on a hacking forum after allegedly being stolen from an exposed Azure BLOB container.BleepingComputer
June 17, 2021
A Billion CVS Records Exposed Full Text
Abstract
Misconfiguration error leaves CVS database without password protectionInfosecurity Magazine
June 17, 2021
Inside the Market for Cookies That Lets Hackers Pretend to Be You Full Text
Abstract
Genesis Market is an invite-only underground marketplace where cybercriminals can source cookies that have been lifted from hacked computers for a cornucopia of services.Vice
June 17, 2021
CVS Health Records for 1.1 Billion Customers Exposed Full Text
Abstract
A vendor exposed the records, which were accessible with no password or other authentication, likely because of a cloud-storage misconfiguration.Threatpost
June 17, 2021
Smoking Out a DARKSIDE Affiliate’s Supply Chain Software Compromise Full Text
Abstract
Mandiant determined the installers were malicious in early June and notified the victim of a potential website compromise, which may have allowed UNC2465 to replace the legitimate downloads.FireEye
June 17, 2021
Carnival Cruise hit by data breach, warns of data misuse risk Full Text
Abstract
Carnival Corporation, the world's largest cruise ship operator, has disclosed a data breach after attackers breached some email accounts and accessed personal, financial, and health information belonging to customers, employees, and crew.BleepingComputer
June 17, 2021
Cosmolog Kozmetik Data Breach: Hundreds of Thousands of Customers impacted Full Text
Abstract
The securWizCase experts found a major breach that affected the popular online retailer Cosmolog Kozmetik. WizCase’s security team, led by Ata Hakçıl, has found a major breach in popular online retailer Cosmolog Kozmetik’s database....Security Affairs
June 17, 2021
Amazon Web Services Misconfiguration Exposes Half a Million Cosmetics Customers Full Text
Abstract
Turkish firm Cosmolog Kozmetik's error leaks personal information en masseInfosecurity Magazine
June 16, 2021
IAB Tech Lab Accused of “World’s Largest Data Breach” Full Text
Abstract
Irish civil liberties group sues non-profit digital media consortium over real-time biddingInfosecurity Magazine
June 16, 2021
Over One Billion Records Belonging to CVS Health Exposed Online Full Text
Abstract
On Thursday, WebsitePlanet, together with researcher Jeremiah Fowler, revealed the discovery of an online database belonging to CVS Health that was not password-protected.ZDNet
June 16, 2021
Alibaba-owned Shopping Platform Falls Victim to Chinese Web Crawler in Large Data Leak Full Text
Abstract
A Chinese software developer trawled Alibaba’s popular Taobao shopping website for eight months, clandestinely collecting more than 1.1 billion pieces of user information.The Wall Street Journal
June 15, 2021
Largest US propane distributor discloses ‘8-second’ data breach Full Text
Abstract
America's largest propane provider, AmeriGas, has disclosed a data breach that lasted ephemerally but impacted 123 employees and one resident. AmeriGas servers over 2 million customers in all 50 U.S. states and has over 2,500 distribution locations.BleepingComputer
June 15, 2021
Cyber Analytics Firm Cognyte’s Unsecured Database Exposes 5 Billion Records Online Full Text
Abstract
A researcher recently discovered online an unsecured database operated by cybersecurity analytics firm Cognyte that left some 5 billion records collected from a range of data incidents exposed online.Dark Reading
June 15, 2021
Seattle-based SEIU 775 Benefits Group Reports Data Breach Affecting 140,000 Individuals Full Text
Abstract
SEIU 775, a Seattle-based benefits administrator for unionized home healthcare and nursing home workers has reported a hacking incident affecting 140,000 people that involved deleting certain data.Gov Info Security
June 12, 2021
Audi, Volkswagen data breach affects 3.3 million customers Full Text
Abstract
Audi and Volkswagen have suffered a data breach affecting 3.3 million customers after a vendor exposed unsecured data on the Internet.BleepingComputer
June 12, 2021
McDonald’s discloses data breach in US, Taiwan and South Korea Full Text
Abstract
McDonald's fast-food chain disclosed a data breach, hackers have stolen information belonging to customers and employees from the US, South Korea, and Taiwan. McDonald's, the world's largest restaurant chain by revenue, has disclosed a data breach...Security Affairs
June 12, 2021
Intuit notifies customers of hacked TurboTax accounts Full Text
Abstract
Financial software company Intuit has notified TurboTax customers that some of their personal and financial information was accessed by attackers following what looks like a series of account takeover attacks.BleepingComputer
June 12, 2021
Volkswagen discloses data breach, 3.3 million customers impacted Full Text
Abstract
Volkswagen America discloses a data breach at a third-party vendor that exposed the personal details of more than 3.3 million of its customers. Volkswagen America discloses a data breach suffered by a third-party vendor used by the car vendor for sales...Security Affairs
June 11, 2021
Notification no-nos: What to avoid when alerting customers of a breach Full Text
Abstract
Experts revealed to SC Media what they believe are some of the biggest errors companies can make when notifying the public of a breach, from revealing too little or too much, to scapegoating or downplaying the incident.SCMagazine
June 11, 2021
Hackers steal game source code from EA Full Text
Abstract
Popular video game maker Electronic Arts (EA) recently suffered a breach by hackers who stole data including game source code.The Hill
June 11, 2021
Baby Clothes Giant Carter’s Leaks 410K Customer Records Full Text
Abstract
Purchase automation software delivered shortened URLs without protections.Threatpost
June 11, 2021
McDonald’s Suffers Data Breach Full Text
Abstract
Burger chain breach impacts US operations and employees and diners in South Korea and TaiwanInfosecurity Magazine
June 11, 2021
McDonald’s discloses data breach after theft of customer, employee info Full Text
Abstract
McDonald's, the largest fast-food chain globally, has disclosed a data breach after hackers breached its systems and stole information belonging to customers and employees from the US, South Korea, and Taiwan.BleepingComputer
June 11, 2021
Cyberpunk 2077 Hacked Data Circulating Online Full Text
Abstract
CD Projekt Red confirmed that employee and game-related data appears to be floating around the cyber-underground, four months after a hack on the Witcher and Cyberpunk 2077 developer.Threatpost
June 11, 2021
Iranian Hackers Compromise Websites of a US Federal Library and an African Bank Full Text
Abstract
Hackers claiming to be from Iran attacked the websites of Sierra Leone Commercial African Bank and the United States Federal Depository Library Program and posted pro-Iranian comments and graphics.Softpedia
June 11, 2021
Cybercriminals Steal Some McDonald’s U.S. Business Information and Customer Data in South Korea and Taiwan Full Text
Abstract
Hackers stole data, including customer emails, phone numbers, and addresses, from McDonald’s computer systems in the U.S., South Korea, and Taiwan, according to the Wall Street Journal.Axios
June 11, 2021
Update: Internal data from breach circulating online -CD Projekt Full Text
Abstract
Internal company data leaked during a February security breach is now being circulated on the internet, Polish video games maker CD Projekt said in a statement published on Thursday.Reuters
June 11, 2021
Gaming Giant EA Suffers Major Data Breach Full Text
Abstract
Hackers stole 780GB of data, including source code for the popular football game FIFA 21Infosecurity Magazine
June 11, 2021
Mysterious custom malware used to steal 1.2TB of data from million PCs Full Text
Abstract
Experts spotted a new mysterious malware that was used to collect a huge amount of data, including sensitive files, credentials, and cookies. Researchers from NordLocker have discovered an unsecured database containing 1.2-terabyte of stolen data....Security Affairs
June 11, 2021
CoWIN not hacked, 150 million Indians’ data safe: Researcher Full Text
Abstract
A hacker group going by the name of "Dark Leak Market" had claimed that they have a database of about 150 million Indians who registered themselves on the CoWIN portal and are reselling it.The Times Of India
June 10, 2021
CD Projekt: Data stolen in ransomware attack now circulating online Full Text
Abstract
CD Projekt is warning today that internal data stolen during their February ransomware attack is circulating on the Internet.BleepingComputer
June 10, 2021
Hackers stole data from the network of the gaming giant Electronic Arts Full Text
Abstract
Hackers breached the network of the gaming giant Electronic Arts (EA) and have stolen roughly 780 GB of data, including game source code and tools. Hackers have compromised the network of the gaming giant Electronic Arts (EA) and claim to have...Security Affairs
June 10, 2021
Hackers breach gaming giant Electronic Arts, steal game source code Full Text
Abstract
Hackers have breached the network of gaming giant Electronic Arts (EA) and claim to have stolen roughly 750 GB of data, including game source code and debug tools.BleepingComputer
June 10, 2021
Russia-linked APT breached the network of Dutch police in 2017 Full Text
Abstract
Russia-linked cyberspies breached the internal network of Dutch police in 2017 while the authorities were investigating the crash of the MH-17. Russia-linked threat actors breached the internal network of Dutch police in 2017 during the investigation...Security Affairs
June 10, 2021
High Street Banks Exposing Customers to Phishing Attacks Full Text
Abstract
Banks should do more to protect their customers from criminals trying to steal sensitive information, Which? research findsInfosecurity Magazine
June 10, 2021
Hackers Linked to Russian Intelligence Agencies Breached Dutch Police Systems Full Text
Abstract
The intrusion was uncovered by the Dutch intelligence service AIVD after it saw a Dutch police IP address communicating with known malicious servers operated by Russian state-sponsored threat actors.The Record
June 9, 2021
DarkSide Pwned Colonial With Old VPN Password Full Text
Abstract
Attackers accessed a VPN account that was no longer in use to freeze the company’s network in a ransomware attack whose repercussions are still vibrating.Threatpost
June 9, 2021
Probe into Leak of Cuomo Accuser’s Personnel File Full Text
Abstract
New York Attorney General’s Office investigating legality of releasing Lindsey Boylan’s recordsInfosecurity Magazine
June 9, 2021
Nebraska Medicine Data Breach Settlement Approved Full Text
Abstract
Judge approves preliminary settlement in data breach lawsuit brought against Nebraska MedicineInfosecurity Magazine
June 8, 2021
Ransomware Operators Struck Another Pipeline Firm LineStar Integrity Services and Leaked 70GB of Data Full Text
Abstract
Xing Team posted to its dark web site a collection of files stolen from LineStar Integrity Services, which provides auditing, compliance, maintenance, and technology services to pipeline customers.Wired
June 7, 2021
RockYou2021: largest password compilation of all time leaked online with 8.4 billion entries Full Text
Abstract
RockYou2021, the largest password compilation of all time has been leaked on a popular hacker forum, it contains 8.4 billion entries of passwords. Original post at: https://cybernews.com/security/rockyou2021-alltime-largest-password-compilation-leaked/ What...Security Affairs
June 07, 2021
US truck and military vehicle maker Navistar discloses data breach Full Text
Abstract
Navistar International Corporation (Navistar), a US-based maker of trucks and military vehicles, says that unknown attackers have stolen data from its network following a cybersecurity incident discovered at the end of last month.BleepingComputer
June 07, 2021
Hackers Breached Colonial Pipeline Using Compromised VPN Password Full Text
Abstract
The ransomware cartel that masterminded the Colonial Pipeline attack early last month crippled the pipeline operator's network using a compromised virtual private network (VPN) account password, the latest investigation into the incident has revealed. The development, which was reported by Bloomberg on Friday, involved gaining an initial foothold into the networks as early as April 29 through the VPN account, which allowed employees to access the company's networks remotely. The VPN login was unused but active at the time of the attack, the report said, adding the password has since been discovered inside a batch of leaked passwords on the dark web, suggesting that an employee of the company may have reused the same password on another account that was previously breached. It's, however, unclear how the password was obtained, Charles Carmakal, senior vice president at the cybersecurity firm Mandiant, was quoted as saying to the publication. The FireEye-owned subsidiThe Hacker News
June 5, 2021
Hackers Breached Colonial Pipeline Using Compromised Password Full Text
Abstract
The hack that took down the largest fuel pipeline in the U.S. and led to shortages across the East Coast was the result of a single compromised password, according to a cybersecurity consultant who responded to the attack.Bloomberg Quint
June 4, 2021
Chinese Actors Reportedly Breached America’s Largest Transport Network Full Text
Abstract
The attack compromised three computer systems belonging to New York's Metropolitan Transporation Authority's (MTA).Infosecurity Magazine
June 4, 2021
Health Data for Millions Deleted From Cloud Bucket Full Text
Abstract
20/20 Hearing Care Network is notifying nearly 3.3 million individuals that their personal and health information was accessed or downloaded - and then deleted - by an "unknown" actor in January.Info Risk Today
June 4, 2021
UK Special Forces soldiers’ personal data was floating around WhatsApp in a leaked Army spreadsheet Full Text
Abstract
The file leaked details of 1,182 UK soldiers recently promoted from corporal to sergeant – including those in the Special Air Service, Special Boat Service, and the Special Reconnaissance Regiment.The Register
June 3, 2021
‘Battle for the Galaxy’ Mobile Game Leaks 6M Gamer Profiles Full Text
Abstract
Unprotected server exposes AMT Games server containing user emails and purchase information.Threatpost
June 03, 2021
Scripps Health notifies patients of data breach after ransomware attack Full Text
Abstract
Nonprofit healthcare provider, Scripps Health in San Diego, has disclosed a data breach exposing patient information after suffering a ransomware attack last month.BleepingComputer
June 3, 2021
Customer Data from Electronics Retailer Audio House Reports Possibly Stolen by Hackers Full Text
Abstract
The Altdos hacker group claimed to have accessed the retailer's membership database, stolen information from it, and used the data to blackmail Audio House, the retailer added.Straits Times
June 3, 2021
Ransomware Disrupts Largest Ferry Service in Massachusetts Full Text
Abstract
Wednesday's attack is the latest cyber assault affecting logistics and services in the U.S.Infosecurity Magazine
June 3, 2021
AMT Games data breach: Millions of Users’ Messages, Account IDs, and IP Addresses Exposed Full Text
Abstract
WizCase’s security team discovered an unsecured ElasticSearch server owned by AMT Games which exposed 1.47 TB of data. This leak exposed users’ email addresses, IP addresses, Facebook data, and more to potential attack. The leaked data...Security Affairs
June 3, 2021
New York’s Metropolitan Transportation Authority Breached by China-linked Hackers Full Text
Abstract
The hackers did not gain access to systems that control train cars and rider safety was not at risk, transit officials said, adding that the intrusion appeared to have done little, if any, damage.New York Times
June 2, 2021
Scripps Notifying 147K People of Data Breach Full Text
Abstract
Healthcare provider shares news of ransomware attack that exposed patient dataInfosecurity Magazine
June 2, 2021
Database, source code allegedly related to bulletproof hosting, once Parler’s service provider, up for sale on hacker forum Full Text
Abstract
Group-IB discovered a database allegedly belonging to a bulletproof hosting provider DDoS-Guard posted for sale on a cybercrime forum. Group-IB, a global threat hunting and adversary-centric cyber intelligence company specializing in investigating...Security Affairs
June 2, 2021
Update: Scripps begins notifying more than 147,000 people of ransomware records breach Full Text
Abstract
Scripps Health announced that it has begun notifying nearly 150,000 individuals that their personal information was stolen by hackers during the ransomware attack on May 1.San Diego Union Tribune
June 2, 2021
Battle for the Galaxy: 6 Million Gamers Hit by Data Leak Full Text
Abstract
1.5TB of data exposed, including users’ email addresses, IP addresses, Facebook data, and more.Infosecurity Magazine
June 1, 2021
Model Sues Law Firm Over Data Breach Full Text
Abstract
Goldberg Segalla accused of leaking fashion model’s personal information on PACERInfosecurity Magazine
June 1, 2021
New Zeeland’s Reserve Bank Taking Action to Respond to Data Breach Reports Full Text
Abstract
The Reserve Bank of New Zealand has announced the findings of two independent investigations into an illegal data breach related to a third-party application and the handling of sensitive information.Softpedia
May 31, 2021
US nuclear weapon bunker security secrets spill from online flashcards since 2013 Full Text
Abstract
The leak was revealed by investigative journalism website Bellingcat, which described the findings after “simply searching online for terms publicly known to be associated with nuclear weapons.”The Register
May 28, 2021
Russian hackers seized email system used by State Department aid agency, human rights groups Full Text
Abstract
Russian hackers seized the email system used by the State Department’s international agency and other human rights groups, Microsoft announced.The Hill
May 27, 2021
Canada Post hit by data breach after supplier ransomware attack Full Text
Abstract
Canada Post has informed 44 of its large commercial customers that a ransomware attack on a third-party service provider exposed shipping information for their customers.BleepingComputer
May 27, 2021
Data Breach at Canada Post Full Text
Abstract
Malware attack on third-party supplier leads to data breach at Canada PostInfosecurity Magazine
May 27, 2021
Hackers compromised Japanese government offices via Fujitsu ‘s ProjectWEB tool Full Text
Abstract
Threat actors have compromised offices of multiple Japanese agencies via Fujitsu 's ProjectWEB information sharing tool. Threat actors have breached the offices of multiple Japanese agencies after they have gained access to projects that uses the Fujitsu...Security Affairs
May 27, 2021
Japanese government agencies suffer data breaches after Fujitsu hack Full Text
Abstract
Offices of multiple Japanese agencies were breached via Fujitsu's "ProjectWEB" information sharing tool. Fujitsu states that attackers gained unauthorized access to projects that used ProjectWEB, and stole some customer data.BleepingComputer
May 26, 2021
Nearly 50,000 IPs compromised in Kubernetes clusters by TeamTNT Full Text
Abstract
Researchers discovered about 50,000 IPs across multiple Kubernetes clusters that were compromised by the TeamTNT.threat actors. Researchers from Trend Micro reported that about 50,000 IPs were compromised across multiple Kubernetes clusters in a cryptojacking...Security Affairs
May 26, 2021
UK Police Suffered Thousands of Data Breaches in 2020 Full Text
Abstract
Lancashire Constabulary was the worst offenderInfosecurity Magazine
May 25, 2021
Domino’s India discloses data breach after hackers sell data online Full Text
Abstract
Domino's India has disclosed a data breach after a threat actor hacked their systems and sold their stolen data on a hacking forum.BleepingComputer
May 25, 2021
Mobile Apps Exposing Personal Data of Millions of Users Full Text
Abstract
Insecure data storage is the most common security flaw in Android apps. Recently, security analysts listed down 23 Android applications leaking personal data of over 100 million users due to misconfigurations in third-party cloud services.Cyware Alerts - Hacker News
May 25, 2021
US Healthcare Non-Profit RMCHCS Reports Data Breach Affecting 200,000 Patients, Employees Full Text
Abstract
The potentially exposed information includes names, dates of birth, postal addresses, telephone numbers, and email addresses, SSNs, driver’s license, passport, and tribal ID numbers.The Daily Swig
May 25, 2021
Bose Admits Ransomware Hit: Employee Data Accessed Full Text
Abstract
The consumer-electronics stalwart was able to recover without paying a ransom, it said.Threatpost
May 25, 2021
13 Million Users’ Personal Details Leaked Online After DailyQuiz Data Breach Full Text
Abstract
The personal details of 13 million DailyQuiz users have been leaked online earlier this year after a hacker breached the quiz builder’s database and stole its content, which he later put up for sale.The Record
May 24, 2021
Audio maker Bose discloses data breach after ransomware attack Full Text
Abstract
Bose Corporation (Bose) has disclosed a data breach following a ransomware attack that hit the company's systems in early March.BleepingComputer
May 24, 2021
Logistics giant exposes customer data for over five months Full Text
Abstract
According to researchers, the company’s data has been exposed on an Elasticsearch server and comprises two sectors including login credentials and shipment details (including PII).Hackread
May 24, 2021
Air India: Supplier Breach Hit 4.5 Million Passengers Full Text
Abstract
Fallout from the SITA incident in March continuesInfosecurity Magazine
May 24, 2021
Australia-based TPG TrustedCloud Hosting Service Discloses Unauthorized Access to Two Customers’ Data Full Text
Abstract
TPG Telecom said on Monday that it had the data of two customers accessed on its legacy TrustedCloud hosting service. It added it did not believe any other customers were impacted by the breach.ZDNet
May 24, 2021
User Information Linked to 180 Million Orders from Domino’s India Leaked Online Full Text
Abstract
In a major data leak, customer information related to 180 million orders placed with Domino’s India has been made public by a hacker who claims to have breached the pizza major’s servers.The Times Of India
May 24, 2021
Indonesia’s National Health Insurance Scheme Potentially Leaks One Million Citizens’ Records Full Text
Abstract
A post on Raidforums offered to sell a million records leaked from the Badan Penyelenggara Jaminan Sosial (BPJS), an agency that runs national health insurance scheme Jaminan Kesehatan Nasional (JKN).The Register
May 24, 2021
FSB NKTsKI: Foreign ‘cyber mercenaries’ breached Russian federal agencies Full Text
Abstract
Rostelecom and NKTsKI said the attackers used spear-phishing, vulnerabilities in web applications, and targeted the IT infrastructure of government contractors to breach Russian federal agencies.The Record
May 22, 2021
Foreign hackers breached Russian federal agencies, said FSB Full Text
Abstract
FSB National Coordination Center for Computer Incidents (NKTsKI) revealed that foreign hackers have breached networks of Russian federal agencies. A joint report published by Rostelecom-Solar and the FSB National Coordination Center for Computer Incidents...Security Affairs
May 22, 2021
Air India suffered a data breach, 4.5 million customers impacted Full Text
Abstract
Air India disclosed a data breach that impacted roughly 4.5 million of its customers, two months after its Passenger Service System provider SITA was hacked. Air India has disclosed a data breach that impacted 4.5 million of its customers, exposed...Security Affairs
May 22, 2021
Mobile App Developers Exposed 100 Million Android Users’ Data Full Text
Abstract
The Check Point Research team has recently discovered that in the last few months, mobile app developers potentially exposed the private data of over 100 million Android users, by not following best security practices.Heimdal Security
May 21, 2021
Air India Hack Exposes Credit Card and Passport Info of 4.5 Million Passengers Full Text
Abstract
India's flag carrier airline, Air India, has disclosed a data breach affecting 4.5 million of its customers over a period stretching nearly 10 years after its Passenger Service System (PSS) provider SITA fell victim to a cyber attack earlier this year. The breach involves personal data registered between Aug. 26, 2011 and Feb. 3, 2021, including details such as names, dates of birth, contact information, passport information, ticket information, Star Alliance, and Air India frequent flyer data as well as credit card data. But Air India said neither CVV/CVC numbers associated with the credit cards nor passwords were affected. The airline had previously acknowledged the breach on March 19, stating that "its Passenger Service System provider has informed about a sophisticated cyber attack it was subjected to in the last week of February 2021." In March, Swiss aviation information technology company SITA disclosed it suffered a "highly sophisticated attack&quoThe Hacker News
May 21, 2021
Air India data breach impacts 4.5 million customers Full Text
Abstract
Air India disclosed a data breach after personal information belonging to roughly 4.5 million of its customers was leaked two months following the hack of Passenger Service System provider SITA in February 2021.BleepingComputer
May 21, 2021
E-commerce giant suffers major data breach in Codecov incident Full Text
Abstract
E-commerce platform Mercari has disclosed a major data breach incident that occurred due to exposure from the Codecov supply-chain attack. Mercari is a publicly traded Japanese company and an online marketplace that has recently expanded its operations to the United States and the United Kingdom.BleepingComputer
May 21, 2021
Cloud Misconfiguration Exposes 100M+ Android Users Full Text
Abstract
Check Point reveals series of mistakes by developersInfosecurity Magazine
May 20, 2021
Misconfigurations may have exposed data on 100 million Android users Full Text
Abstract
CheckPoint Research explained how the misuse of a real-time database, notification managers, and storage exposed the personal data of users, leaving corporate resources vulnerable to bad threat actors.SCMagazine
May 20, 2021
23 Android Apps Expose Over 100,000,000 Users’ Personal Data Full Text
Abstract
Misconfigurations in multiple Android apps leaked sensitive data of more than 100 million users, potentially making them a lucrative target for malicious actors. "By not following best-practices when configuring and integrating third-party cloud-services into applications, millions of users' private data was exposed," Check Point researchers said in an analysis published today and shared with The Hacker News. "In some cases, this type of misuse only affects the users, however, the developers were also left vulnerable. The misconfigurations put users' personal data and developer's internal resources, such as access to update mechanisms, storage, and more at risk." The findings come from a study of 23 Android applications available in the official Google Play Store, some of which have downloads ranging from 10,000 to 10 million, such as Astro Guru , iFax, Logo Maker , Screen Recorder , and T'Leva . According to Check Point, the issues stem from mThe Hacker News
May 20, 2021
A dozen Android apps exposed data of 100M+ users Full Text
Abstract
Check Point researchers found 23 Android apps that exposed the personal data of more than 100 million users. Security researchers from Check Point have discovered 23 Android applications that exposed the personal data of more than 100 million users...Security Affairs
May 20, 2021
Data of 100+ million Android users exposed via misconfigured cloud services Full Text
Abstract
A banking trojan named Bizarro that originates from Brazil has crossed the borders and started to target customers of 70 banks in Europe and South America.BleepingComputer
May 20, 2021
UK recruitment firm exposed sensitive applicants data for months Full Text
Abstract
This data breach majorly affected the applicants whose CVs containing personal information were leaked due to misconfigured AWS S3 buckets, reports the research team at Website Planet.Hackread
May 19, 2021
UHS Data Breach Lawsuit Proceeds Full Text
Abstract
Data breach lawsuit against healthcare provider gets the go-ahead but only for one patientInfosecurity Magazine
May 19, 2021
Recruiter’s Cloud Snafu Exposes 20,000 CVs and ID Documents Full Text
Abstract
Misconfigured AWS bucket again to blameInfosecurity Magazine
May 18, 2021
‘How would I feel if that was posted in Times Square?’ Lawyers warn to watch what you say about breaches Full Text
Abstract
Law firm partner advises RSA Conference attendees to practice “communication hygiene” when emailing or messaging.SCMagazine
May 18, 2021
Codecov hackers gained access to Monday.com source code Full Text
Abstract
Monday.com has recently disclosed the impact of the Codecov supply-chain attack that affected multiple companies. As reported by BleepingComputer last month, popular code coverage tool Codecov had been a victim of a supply-chain attack that lasted for two months.BleepingComputer
May 17, 2021
Student health insurance carrier Guard.me suffers a data breach Full Text
Abstract
Student health insurance carrier guard.me has taken their website offline after a vulnerability allowed a threat actor to access policyholders' personal information.BleepingComputer
May 17, 2021
Student names, vendor bank account info exposed in Buffalo Public Schools cyberattack Full Text
Abstract
Personal information about an unknown number of students, parents, and employees has been exposed, along with bank account information for an unknown number of vendors, the district revealed recently.Buffalo News
May 16, 2021
Herff Jones credit card breach impacts college students across the US Full Text
Abstract
Graduating students from several universities in the U.S. have been reporting fraudulent transactions after using payment cards at popular cap and gown maker Herff Jones.BleepingComputer
May 16, 2021
Colonial breach underscores concerns over paying hackers Full Text
Abstract
Colonial Pipeline's decision to pay the cyber criminals behind a ransomware attack that forced the company to temporarily shut down operations has reignited the debate around whether victims of such attacks should pay to regain access to their networks.The Hill
May 14, 2021
Rapid7 Source Code Accessed in Cyber-attack Full Text
Abstract
Cybersecurity company’s source code compromised during supply-chain attack on CodecovInfosecurity Magazine
May 14, 2021
Rapid7 Source Code Breached in Codecov Supply-Chain Attack Full Text
Abstract
Cybersecurity company Rapid7 on Thursday revealed that unidentified actors improperly managed to get hold of a small portion of its source code repositories in the aftermath of the software supply chain compromise targeting Codecov earlier this year. "A small subset of our source code repositories for internal tooling for our [Managed Detection and Response] service was accessed by an unauthorized party outside of Rapid7," the Boston-based firm said in a disclosure. "These repositories contained some internal credentials, which have all been rotated, and alert-related data for a subset of our MDR customers." On April 15, software auditing startup Codecov alerted customers that its Bash Uploader utility had been infected with a backdoor as early as January 31 by unknown parties to gain access to authentication tokens for various internal software accounts used by developers. The incident didn't come to light until April 1. "The actor gained access becThe Hacker News
May 13, 2021
Rapid7 source code, credentials accessed in Codecov supply-chain attack Full Text
Abstract
US cybersecurity firm Rapid7 has disclosed that some source code repositories were accessed in a security incident linked to the supply-chain attack that recently impacted customers of the popular Codecov code coverage tool.BleepingComputer
May 13, 2021
Rapid7: Attackers got ‘limited access’ to source code, customer data after Codecov breach Full Text
Abstract
The company claims no other systems or parts of its corporate network were compromised after using Codecov’s corrupted Bash Uploader script.SCMagazine
May 13, 2021
Manchester City Council Exposes Number Plates of Over 60,000 Cars Charged with Parking Tickets Full Text
Abstract
Drivers who picked up parking tickets during April-July 2020 had their identities exposed, thanks to the council forgetting to delete the number plates from the uploaded spreadsheets.The Register
May 12, 2021
Companies’ 5 Million Personal identifiable information records detected on an AWS service due to misconception of users Full Text
Abstract
During this research, CPR detected several SSM documents that led to the discovery of over 5 million Personally identifiable information records and credit card transactions for several companies.Check Point Research
May 11, 2021
AWS configuration issues lead to exposure of 5 million records Full Text
Abstract
Amazon Web Services System Manager misconfigurations led to the potential exposure of more than 5 million documents with personally identifiable information and credit card transactions on more than 3,000 SSM documents.SCMagazine
May 11, 2021
Kansas Identity Theft Spike Could Be Linked to Data Breach Full Text
Abstract
Alleged data breach at Kansas Department of Labor may account for state leading national unemployment fraud statsInfosecurity Magazine
May 11, 2021
Cycode raises $20M to secure DevOps pipelines Full Text
Abstract
Israeli security startup Cycode, which specializes in securing the DevOps pipeline, today announced that it has raised a $20 million Series A funding round led by Insight Partners.TechCrunch
May 11, 2021
University of California Confirms Theft of Personal Information in Cyberattack Involving Accellion FTA Service Full Text
Abstract
The University of California (UC) this week confirmed that personal information was stolen in a cyberattack involving the Accellion File Transfer Appliance (FTA) service.Security Week
May 10, 2021
Data Breach at Law Firm Jones Day Impacts Employee Emails at City of Chicago Full Text
Abstract
On Friday, the city of Chicago revealed that some employee emails that were given to Jones Day “as part of an independent inquiry being conducted by the firm” were compromised in the incident.Security Week
May 08, 2021
Ransomware gangs have leaked the stolen data of 2,100 companies so far Full Text
Abstract
Since 2019, ransomware gangs have leaked the stolen data for 2,103 companies on dark web data leaks sites.BleepingComputer
May 8, 2021
19 petabytes of data exposed across 29,000+ unprotected databases Full Text
Abstract
CyberNews researchers found more than 29,000 unprotected databases worldwide that are still publicly accessible, leaving close to 19,000 terabytes of data exposed to anyone, including threat actors.Security Affairs
May 7, 2021
US Physics Laboratory Exposed Documents, Credentials Full Text
Abstract
The Fermilab has tidied up its systems after security researchers found weaknesses exposing documents, proprietary applications, personal information, project details, and credentials.Gov Info Security
May 7, 2021
19 petabytes of data exposed across 29,000+ unprotected databases Full Text
Abstract
Researchers found that over 29,000 databases worldwide are still completely unprotected and publicly accessible, leaving close to 19,000 terabytes of data exposed to anyone, including threat actors.Cyber News
May 7, 2021
19 petabytes of data exposed across 29,000+ unprotected databases Full Text
Abstract
CyberNews researchers found more than 29,000 unprotected databases worldwide that are still publicly accessible, leaving close to 19,000 terabytes of data exposed to anyone, including threat actors. Most organizations use databases to store sensitive...Security Affairs
May 7, 2021
ShinyHunters leak database of Indian wedding portal WedMeGood Full Text
Abstract
It is worth noting that apparently, WedMeGood suffered a data breach back in October 2020 when a threat actor published a list of several compromised sites and offered their database for price.Hackread
May 7, 2021
Misconfigured Database Exposes 200K Fake Amazon Reviewers Full Text
Abstract
Mass scheme designed to trick e-commerce customersInfosecurity Magazine
May 06, 2021
Peloton user data exposed by newly patched vulnerabilities Full Text
Abstract
Recently patched vulnerabilities in Peloton’s bike software may have allowed unauthorized users to view sensitive user data, new security research published this week found.The Hill
May 6, 2021
CaptureRx Data Breach Impacts Healthcare Providers Full Text
Abstract
US healthcare providers affected by cyber-attack on third-party administrative services vendorInfosecurity Magazine
May 6, 2021
Faxton St. Luke’s Healthcare vendor faces data breach; potentially exposing information on thousands of patients Full Text
Abstract
Faxton St. Luke’s Healthcare (FSLH) was notified on March 30, 2021, that Capture RX, a third-party business associate, experienced a data breach on February 6, 2021, affecting 17,655 patients of FSLH.WKTV
May 6, 2021
East London Council Accidentally Exposes Thousands of Residents’ Email Addresses Full Text
Abstract
A local authority in East London has committed a privacy blunder by emailing what appear to be thousands of residents – while forgetting to use the BCC field and exposing all of the email addresses.The Register
May 4, 2021
Hacker leaks 150 million user records from Iranian Raychat app Full Text
Abstract
The alleged data breach which has been seen and analyzed by Hackread.com includes full names, IP addresses, email addresses, Bcrypt passwords, Telegram messenger IDs, etc.Hackread
May 3, 2021
Codecov’s Code Coverage Tool Hacked Full Text
Abstract
The attackers started to target Bash Uploader on January 31, when they modified the script to deliver the info from the customers’ environment to a server outside Codecov’s infrastructure.Cyware Alerts - Hacker News
May 03, 2021
Over 40 Apps With More Than 100 Million Installs Found Leaking AWS Keys Full Text
Abstract
Most mobile app users tend to blindly trust that the apps they download from app stores are safe and secure. But that isn't always the case. To demonstrate the pitfalls and identify vulnerabilities on a large scale, cybersecurity and machine intelligence company CloudSEK recently provided a platform called BeVigil where individuals can search and check app security ratings and other security issues before installing an app. A latest report shared with The Hacker News detailed how the BeVigil search engine identified over 40 apps - with more than a cumulative 100 million downloads - that had hardcoded private Amazon Web Services (AWS) keys embedded within them, putting their internal networks and their users' data at risk of cyberattacks. BeVigil finds popular apps leaking AWS keys The AWS key leakage was spotted in some of the major apps such as Adobe Photoshop Fix, Adobe Comp, Hootsuite, IBM's Weather Channel, and online shopping services Club Factory and Wholee.The Hacker News
May 3, 2021
Contact Tracer Breach Hits the Keystone State Full Text
Abstract
PHI of 72,000 Pennsylvanians exposed after Insight Global employees allegedly ignored security protocolsInfosecurity Magazine
May 3, 2021
Most Common Causes of Data Breach and How to Prevent It Full Text
Abstract
Which are the most common causes of a Data Breach and how to prevent It? How can organizations prevent it? Data breaches are highly damaging and equally embarrassing for businesses andconsumers. If you look at Verizon’s 2020 Data Breach Investigations...Security Affairs
May 3, 2021
Toronto hit by ‘potential cyber breach’ from Accellion file transfer software Full Text
Abstract
The City of Toronto says it suffered a “potential cyber breach” from its use of its Accellion FTA file transfer server in January that may have involved the health information of individuals.IT World Canada
May 3, 2021
Experian API exposed credit scores of tens of millions of Americans Full Text
Abstract
Experian API exposed credit scores of tens of millions of Americans due to a weakness with a partner website. Anyone was able to look up the credit score of tens of millions of Americans just by providing their name and mailing address. The issue...Security Affairs
May 3, 2021
345,000 Legal and Operational Documents from Filipino Solicitor-General’s Office Accessed by Unknown Third Party Full Text
Abstract
The files were publicly available since at least February, when TurgenSec said it first discovered the breach and emailed the solicitor-general and the Philippines government about the files.ZDNet
May 3, 2021
COVID-19 Contact Tracing Breach Impacts Private Information of 72,000 People in Pennsylvania Full Text
Abstract
Employees of a vendor conducting COVID-19 contact tracing in Pennsylvania may have compromised the information of at least 72,000 people, including their exposure status and their sexual orientation.6ABC
April 30, 2021
British Prime Minister’s Cell Phone Number Exposed Full Text
Abstract
Boris Johnson’s personal cell phone number reportedly available online since 2006Infosecurity Magazine
April 30, 2021
First Horizon bank online accounts hacked to steal customers’ funds Full Text
Abstract
Bank holding company First Horizon Corporation disclosed the some of its customers had their online banking accounts breached by unknown attackers earlier this month.BleepingComputer
April 30, 2021
Contact-tracing apps: Android phones were leaking sensitive data, find researchers Full Text
Abstract
Hundreds of third-party apps in Android devices were given access to sensitive data logged by contact-tracing apps built on Google and Apple's API, according to security researchers.ZDNet
April 30, 2021
Paleo Lifestyle Brand Exposes Customers to Fraud in Massive Data Breach Full Text
Abstract
The data breach originated from an unsecured cloud storage account Paleohacks was using to store the private data and personal details of over 70,000 customers and users.VPN Mentor
April 30, 2021
Paleo Lifestyle Site Found Leaking PII on 70,000 Users Full Text
Abstract
Paleohacks misconfigured an AWS S3 bucketInfosecurity Magazine
April 30, 2021
Financial services firm First Horizon suffers data breach with customer funds stolen Full Text
Abstract
Disclosed in a filing with the SEC, the breach is described as involving an authorized third party obtaining login credentials from an unknown source and then attempting to access customer accounts.Silicon Angle
April 29, 2021
DoppelPaymer Gang Leaks Files from Illinois AG After Ransom Negotiations Break Down Full Text
Abstract
Information stolen in April 10 ransomware attack was posted on a dark web portal and includes private documents not published as part of public records.Threatpost
April 29, 2021
Experian API Leaks Most Americans’ Credit Scores Full Text
Abstract
Researchers fear wider exposure, amidst a tepid response from Experian.Threatpost
April 29, 2021
Experian API Exposed Credit Scores of Most Americans – Krebs on Security Full Text
Abstract
Experian fixed a weakness with a partner website that let anyone look up the credit score of tens of millions of Americans just by supplying their name and mailing address, KrebsOnSecurity reported.Krebs on Security
April 29, 2021
First Horizon Bank Customers Have Account Funds Drained Full Text
Abstract
Attackers stole less than $1 million after breaching internal securityInfosecurity Magazine
April 28, 2021
DigitalOcean data breach exposes customer billing information Full Text
Abstract
Cloud hosting provider DigitalOcean has disclosed a data breach after a flaw exposed customers' billing information.BleepingComputer
April 28, 2021
Sensitive source codes exposed in Microsoft Azure Blob account leak Full Text
Abstract
The data included files that appeared to originate from a series of pitches made to Microsoft Dynamics from numerous companies vying for a project or partnership with the company.Hackread
April 28, 2021
Security Spending Doubles but Two-Fifths of Firms Suffer Breaches Full Text
Abstract
Hiscox claims just a fifth of organizations are cyber “experts”Infosecurity Magazine
April 27, 2021
HashiCorp reveals exposure of private code-signing key after Codecov compromise Full Text
Abstract
HashiCorp, a software company making automated cloud deployment tools, has revealed a private code-signing key was exposed thanks to the compromised Codecov script discovered earlier this month.The Register
April 27, 2021
MangaDex discloses data breach after stolen database shared online Full Text
Abstract
Manga scanlation site MangaDex disclosed a data breach last week after learning that the site's user database was privately circulating among threat actors.BleepingComputer
April 27, 2021
Online Music Marketplace Suffers Data Breach Full Text
Abstract
Cybersecurity researcher finds millions of Reverb.com records on unprotected serverInfosecurity Magazine
April 26, 2021
Reverb discloses data breach exposing musicians’ personal info Full Text
Abstract
Popular musical instrument marketplace Reverb has suffered a data breach after an unsecured database containing customer information was exposed online.BleepingComputer
April 26, 2021
Accellion data breaches drive up average ransom price Full Text
Abstract
The data breaches caused by the Clop ransomware gang exploiting a zero-day vulnerability have led to a sharp increase in the average ransom payment calculated for the first three months of the year.BleepingComputer
April 26, 2021
Threat Actor Leaks 263GB Data Containing Sensitive Household Records of 250 Million Americans on Hacker Forum Full Text
Abstract
As seen by Hackread.com, the database was leaked on a prominent hacker forum and comprises 263 GB worth of records including 1,255 CSV subfiles each with 200,000 listings.Hackread
April 26, 2021
US Drilling Giant Gyrodata Reveals Employee Data Breach Full Text
Abstract
Ransomware attack earlier this year to blameInfosecurity Magazine
April 26, 2021
Volunteer-run pirate Manga website attacked, loses hashed passwords, has ‘nobody’ to fix the mess Full Text
Abstract
An email to members seen by The Register says that as of April 22, MangaDex operators “have identified that a partial database leak” of members' information has been detected.The Register
April 26, 2021
3.2 Billion Leaked Passwords Contain 1.5 Million Records with Government Emails Full Text
Abstract
A staggering number of 3.28 billion passwords linked to 2.18 billion unique email addresses were exposed in what's one of the largest data dumps of breached usernames and passwords. In addition, the leak includes 1,502,909 passwords associated with email addresses from government domains across the world, with the U.S. government alone taking up 625,505 of the exposed passwords, followed by the U.K (205,099), Australia (136,025), Brazil (68,535), and Canada (50,726). The findings come from an analysis of a massive 100GB data set called "COMB21" — aka Compilation of Many Breaches — that was published for free in an online cybercrime forum earlier this February by putting together data from multiple leaks in different companies and organizations that occurred over the years. It's worth noting that a leak doesn't imply a breach of public administration systems. The passwords are said to have been obtained via techniques such as password hash cracking after beingThe Hacker News
April 25, 2021
Hacker leaks 20 million alleged BigBasket user records for free Full Text
Abstract
A threat actor has leaked approximately 20 million BigBasket user records containing personal information and hashed passwords on a popular hacking forum.BleepingComputer
April 24, 2021
Passwordstate Password Manager Update Hijacked to Install Backdoor on Thousands of PCs Full Text
Abstract
Click Studios, the Australian software company behind the Passwordstate password management application, has notified customers to reset their passwords following a supply chain attack. The Adelaide-based firm said a bad actor used sophisticated techniques to compromise the software's update mechanism and used it to drop malware on user computers. The breach is said to have occurred between April 20, 8:33 PM UTC, and April 22, 0:30 AM UTC, for a total period of about 28 hours. "Only customers that performed In-Place Upgrades between the times stated above are believed to be affected," the company said in an advisory. "Manual Upgrades of Passwordstate are not compromised. Affected customers password records may have been harvested." The development was first reported by the Polish tech news site Niebezpiecznik . It's not immediately clear who the attackers are or how they compromised the password manager's update feature. Click Studios said an iThe Hacker News
April 24, 2021
HashiCorp is the latest victim of Codecov supply-chain attack Full Text
Abstract
Open-source software tools and Vault maker HashiCorp has disclosed a security incident that occurred due to the recent Codecov attack. HashiCorp, a Codecov customer, has stated that the recent Codecov supply-chain attack aimed at collecting developer credentials led to the exposure of HashiCorp's GPG signing key.BleepingComputer
April 23, 2021
Lockdown Hotel Bookings at Risk Due to DMARC Fail Full Text
Abstract
Proofpoint claims half of UK hotels not using anti-phishing protocolInfosecurity Magazine
April 21, 2021
Data Breach at New England’s Largest Energy Provider Full Text
Abstract
Misconfigured data storage folders expose data of EversourceInfosecurity Magazine
April 20, 2021
Dating Service Suffers Data Breach Full Text
Abstract
Cyber-attackers gain access to Manhunt’s accounts databaseInfosecurity Magazine
April 20, 2021
Multiple agencies breached by hackers using Pulse Secure vulnerabilities Full Text
Abstract
Federal authorities announced Tuesday that hackers breached multiple government agencies and other critical organizations by exploiting vulnerabilities in products from a Utah-based software company.The Hill
April 20, 2021
GEICO Alerts Customers Hackers Stole Driver License Data for Two Months Full Text
Abstract
The second-largest auto insurance provider in the U.S. has since fixed the vulnerability that exposed information from its website.Threatpost
April 20, 2021
Eversource Energy data breach caused by unsecured cloud storage Full Text
Abstract
Eversource, the largest power supplier in New England, has suffered a data breach after customers' personal information was exposed on an unsecured cloud server.BleepingComputer
April 20, 2021
Geico customers’ driver’s license numbers exposed in breach Full Text
Abstract
A Geico data breach that lasted over a month earlier this year exposed customers’ driver’s license numbers to hackers, according to a notice filed with California’s attorney general earlier this month.The Hill
April 20, 2021
120 Compromised Ad Servers Target Millions of Internet Users Full Text
Abstract
An ongoing malvertising campaign tracked as "Tag Barnakle" has been behind the breach of more than 120 ad servers over the past year to sneakily inject code in an attempt to serve malicious advertisements that redirect users to rogue websites, thus exposing victims to scamware or malware. Unlike other operators who set about their task by infiltrating the ad-tech ecosystem using "convincing personas" to buy space on legitimate websites for running the malicious ads, Tag Barnakle is "able to bypass this initial hurdle completely by going straight for the jugular — mass compromise of ad serving infrastructure," said Confiant security researcher Eliya Stein in a Monday write-up. The development follows a year after the Tag Barnakle actor was found to have compromised nearly 60 ad servers in April 2020, with the infections primarily targeting an open-source advertising server called Revive. The latest slew of attacks is no different, although the adveThe Hacker News
April 19, 2021
Geico data breach exposed customers’ driver’s license numbers Full Text
Abstract
Car insurance provider Geico has suffered a data breach where threat actors stole the driver's licenses for policyholders for over a month.BleepingComputer
April 19, 2021
Credit Card Data of Nearly 1 Million Domino’s Pizza India Customers Allegedly Sold Online Full Text
Abstract
A cybersecurity researcher claimed that credit card details of nearly 1 million people who purchased online on Domino's Pizza India, is allegedly being sold for around $550,000 on the dark web.The Times Of India
April 19, 2021
Major data breach at cleaning and catering company Spotless Full Text
Abstract
The potentially exposed data could have included the names, email addresses, phone numbers, and residential addresses as well as passport details and tax numbers of current and former employees.Stuff NZ
April 19, 2021
Codecov was a victim of a supply chain attack Full Text
Abstract
The software company Codecov suffered a security breach, threat actors compromised the supply chain of one of its tools. A new supply chain attack made the headlines, the software company Codecov recently disclosed a major security breach after a threat...Security Affairs
April 18, 2021
U.S. Investigators Are Reportedly Looking Into Codecov Breach Full Text
Abstract
U.S. federal investigators are purportedly looking into a security breach at Codecov, a platform used to test software code with more 29,000 customers worldwide, Reuters reported on Saturday.Gizmodo
April 16, 2021
Will the CodeCov breach become the next big software supply chain hack? Full Text
Abstract
Knowing the identity of the group behind the attack would help shed light on their possible goals, but several observers said the length of time the attackers spent in Codecov’s network and the focus on credentials indicate that they were more interested in getting access to customers’ code than the company itself.SCMagazine
April 16, 2021
Over 5,000 Individuals Affected in Security Breach at Melbourne-based Swinburne University Full Text
Abstract
Swinburne University said that the leaked data, including personal information on staff, students, and external parties, was event registration information from multiple events from 2013 onwards.ZDNet
April 15, 2021
Indian Supply-Chain Giant Bizongo Exposed 643GB of Sensitive Data Full Text
Abstract
Bizongo, an online packaging marketplace has suffered a data leak in which the company left highly sensitive customer information unsecured and potentially exposed to hackers and other malicious individuals.Hackread
April 15, 2021
ParkMobile Breach Leaves 21M User Data Exposed Full Text
Abstract
The account information of 21 million customers of ParkMobile, a very popular mobile parking app from North America, is now being sold online due to a data breach. The information includes a whole range of sensitive details including phone numbers.Heimdal Security
April 14, 2021
Risk startup LogicGate confirms data breach Full Text
Abstract
An email sent by LogicGate to customers earlier this month said on February 23 an unauthorized third party obtained credentials to its AWS-hosted cloud storage servers storing customer backup files for its flagship platform Risk Cloud.TechCrunch
April 13, 2021
Brokerage Firm Upstox Exposes 2.5 Million Customers Sensitive Information Full Text
Abstract
Upstox suffers a security breach, resulting in the exposure of 2.5 million users' sensitive information online from unsecured AWS S3 Bucket.Cyber Security News
April 12, 2021
Indian Brokerage Firm Upstox Suffers Data Breach Leaking 2.5 Millions Users’ Data Full Text
Abstract
Online trading and discount brokerage platform Upstox has become the latest Indian company to suffer a security breach of its systems, resulting in the exposure of sensitive information of approximately 2.5 million users on the dark web. The leaked information includes names, email addresses, dates of birth, bank account information, and about 56 million know your customer (KYC) documents pulled from the company's server. The breach was first disclosed by independent researcher Rajshekhar Rajaharia on April 11. It's not immediately clear when the incident occurred. Reacting to the development, the company, however, said it had recently upgraded its security systems following reports of "unauthorized access into our database" while stressing that users' funds and securities remained protected. As a precaution, besides initiating a secure password reset of users' accounts, Upstox said it restricted access to the impacted database, implying it was a caThe Hacker News
April 12, 2021
Hackers Compromised APKPure Android App Store to Deliver Malware Full Text
Abstract
APKPure is a popular third-party Android app store and an alternative to Google's official Play Store was infected with malware this week,...Cyber Security News
April 11, 2021
Personal data of 1.3 million Clubhouse users leaked online Full Text
Abstract
An SQL database containing the personal data of 1.3 million Clubhouse users was leaked online for free, a few days after LinkedIn and Facebook suffered similar leaks. Researchers from Cyber News have discovered that the personal data of 1.3 million...Security Affairs
April 10, 2021
Hackers compromised APKPure client to distribute infected Apps Full Text
Abstract
APKPure, one of the largest alternative app stores, was the victim of a supply chain attack, threat actors compromised client version 3.17.18 to deliver malware. Multiple security experts discovered threat actors tampered with the APKPure client version...Security Affairs
April 09, 2021
World’s largest pathologists association discloses credit card incident Full Text
Abstract
The American Society for Clinical Pathology (ASCP) disclosed a payment card incident that impacted customers who entered payment info on its e-commerce website.BleepingComputer
April 9, 2021
70,000 SSNs, 600,000 Credit Card Records Leaked After Swarmshop Gets Hacked Full Text
Abstract
On March 17, a huge cache of the site’s user and administrator data was leaked online to a different underground forum, a new report published Thursday by threat research firm Group-IB shows.Gizmodo
April 9, 2021
Update: Belden Says Health-Related Information Exposed in Data Breach Full Text
Abstract
Specialty networking solutions provider Belden on Wednesday shared an update on the data breach disclosed in November 2020, and said health-related information was also exposed.Security Week
April 9, 2021
Hackers Hacked as Underground Carding Site is Breached Full Text
Abstract
Swarmshop admins, buyers and sellers on the receiving end of cyber-attackInfosecurity Magazine
April 9, 2021
330K stolen payment cards and 895K stolen gift cards sold on dark web Full Text
Abstract
A threat actor has sold almost 900,000 gift cards and over 300,000 payment cards on a cybercrime forum on the dark web. A crook has sold 895,000 gift cards and over 300,000 payment cards, for a total of US$38 million, on a top-tier Russian-language...Security Affairs
April 8, 2021
Hackers hit nine countries, expose 623,036 payment card records Full Text
Abstract
Hackers hacking hackers: User data of the Swarmshop card shop – which trades in stolen personal and payment records – was leaked online on March 17 and posted on a different underground forum.SCMagazine
April 8, 2021
Moodle flaw exposed users to account takeover Full Text
Abstract
Wizcase experts discovered a security flaw in the open-source learning platform Moodle that could allow accounts takeover. At the beginning of October 2020, the Wizcase cyber research team, led by Ata Hakcil, discovered a security vulnerability...Security Affairs
April 08, 2021
Over 600,000 stolen credit cards leaked after Swarmshop hack Full Text
Abstract
The hacking spree targeting underground marketplaces has claimed another victim as a database from card shop Swarmshop emerged on another forum.BleepingComputer
April 08, 2021
Belden says health benefits data stolen in 2020 cyberattack Full Text
Abstract
Belden has disclosed that additional data was accessed and copied during their November 2020 cyberattack related to employees' healthcare benefits and family members covered under their plan.BleepingComputer
April 08, 2021
Belden finds more personal data stolen in 2020 cyberattack Full Text
Abstract
Belden has disclosed that additional data was accessed and copied during their November 2020 cyberattack related to employees' healthcare benefits and family members covered under their plan.BleepingComputer
April 8, 2021
Hackers Compromised a Popular Carding Site Exposing 300,000 User Account Details Full Text
Abstract
The data breach on Card Mafia, a forum for stealing and trading credit cards, exposed email addresses, hashed passwords, usernames, and IP addresses of 297,744 carding site users.CPO Magazine
April 8, 2021
Swarmshop – What goes around comes around: hackers leak other hackers’ data online Full Text
Abstract
Group-IB, a global threat hunting and adversary-centric cyber intelligence company, discovered that user data of the Swarmshop card shop have been leaked online on March 17, 2021. The database was posted on a different underground forum...Security Affairs
April 8, 2021
Scraped data of 500 million LinkedIn users being sold online, 2 million records leaked as proof Full Text
Abstract
Days after a massive Facebook data leak made the headlines, 500 million LinkedIn users are being sold online, seller leaked 2 million records as proof. Original Post at https://cybernews.com/news/stolen-data-of-500-million-linkedin-users-being-sold-online-2-million-leaked-as-proof-2/ An...Security Affairs
April 8, 2021
Office Depot Europe Exposed Customer Data Online: Report Full Text
Abstract
The records were labeled “Production” and contained customer PIIs such as names, phone numbers, physical addresses (home and/or office), @members.ebay addresses, and hashed passwords.Website Planet
April 8, 2021
User database was also hacked in the recent hack of PHP ‘s Git Server Full Text
Abstract
The maintainers of the PHP programming language confirmed that threat actors may have compromised a user database containing their passwords. The maintainers of the PHP programming language have provided an update regarding the security breach that...Security Affairs
April 07, 2021
PHP Site’s User Database Was Hacked In Recent Source Code Backdoor Attack Full Text
Abstract
The maintainers of the PHP programming language have issued an update regarding the security incident that came to light late last month, stating that the actors may have gotten hold of a user database containing their passwords to make unauthorized changes to the repository. "We no longer believe the git.php.net server has been compromised. However, it is possible that the master.php.net user database leaked," Nikita Popov said in a message posted on its mailing list on April 6. On March 28, unidentified actors used the names of Rasmus Lerdorf and Popov to push malicious commits to the "php-src" repository hosted on the git.php.net server that involved adding a backdoor to the PHP source code in an instance of a software supply chain attack. While this was initially treated as a compromise of the git.php.net server, further investigation into the incident has revealed that the commits were a result of pushing them using HTTPS and password-based authenticatThe Hacker News
April 7, 2021
Consulting Firm Data Breach Impacts MSU Full Text
Abstract
Michigan State University affected by ransomware attack on contractor’s law firmInfosecurity Magazine
April 07, 2021
Facebook attributes 533 million users’ data leak to “scraping” not hacking Full Text
Abstract
Facebook has now released a public statement clarifying the cause of and addressing some of the concerns related to the recent data leak. As reported last week, information of about 533 million Facebook profiles surfaced on a hacker forum.BleepingComputer
April 7, 2021
Facebook: Stolen Data Scraped from Platform in 2019 Full Text
Abstract
The flaw that caused the leak of personal data of more than 533 million users over the weekend no longer exists; however, the social media giant still faces an investigation by EU regulators.Threatpost
April 7, 2021
Over 1 Million People Affected by Newly Revealed Accellion Health Data Breaches Full Text
Abstract
Months after the December cyberattack on Accellion's File Transfer Appliance, the identities of more healthcare sector entities that were affected continue to come to light.Gov Info Security
April 7, 2021
Office Depot Configuration Error Exposes One Million Records Full Text
Abstract
Researchers say Elasticsearch database may have been open for 10 daysInfosecurity Magazine
April 6, 2021
Scraped data of 500 million LinkedIn users being sold online, 2 million records leaked as proof Full Text
Abstract
The leaked files contain information of the LinkedIn users whose data has been allegedly scraped, including their full names, email addresses, phone numbers, workplace information, and more.Cyber News
April 06, 2021
Have I Been Pwned adds search for leaked Facebook phone numbers Full Text
Abstract
Facebook users can now use the Have I Been Pwned data breach notification site to check if their phone number was exposed in the social site's recent data leak.BleepingComputer
April 6, 2021
Third-party security breach compromises data of Singapore job-matching service Full Text
Abstract
Personal details of 30,000 individuals in Singapore may have been illegally accessed, following a security breach that targeted a third-party vendor of a job-matching organization on March 12.ZDNet
April 6, 2021
AddSecure Acquires Telia Finland’s Alerta Business Full Text
Abstract
The deal will act as a platform for AddSecure to grow its businessInfosecurity Magazine
April 6, 2021
This service allows checking if your mobile is included in the Facebook leak Full Text
Abstract
Security researcher implemented a service to verify if your mobile number is included in the recent Facebook data leak. Security researcher Yaser Alosefer developed a new tool to help users to determine if their mobile numbers are included within...Security Affairs
April 05, 2021
Adult content from hundreds of OnlyFans creators leaked online Full Text
Abstract
After a shared Google Drive was posted online containing the private videos and images from many OnlyFans accounts, a researcher has created a tool allowing content creators to check if they are part of the leak.BleepingComputer
April 5, 2021
533M Facebook Accounts Leaked Online: Check if You Are Exposed Full Text
Abstract
An estimated 32 million, of the half-billion of Facebook account details posted online, were tied to US-based accounts.Threatpost
April 5, 2021
Altdos Claims to Steal 300,000 Customers’ Data from Furniture Retailer Vhive Full Text
Abstract
In an e-mail to affected customers on Saturday, Altdos said it managed to hack into Vhive three times in nine days and claimed to have stolen information related to over 300,000 customers.Straits Times
April 5, 2021
“Engineering Oversight” Costs ForceDAO $367k Full Text
Abstract
Exploitation by hackers of 183 ETH from newly launched DeFi aggregator was preventableInfosecurity Magazine
April 5, 2021
Data of Half a Billion Facebook Users Leaked Full Text
Abstract
Cyber-intelligence firm finds personal data of 533 million Facebook users posted onlineInfosecurity Magazine
April 5, 2021
2,5M+ users can check whether their data were exposed in Facebook data leak Full Text
Abstract
You can check if your personal information is included in the Facebook data leak by querying the data breach notification service Have I Been Pwned. The news of the availability on a hacking forum of the personal information for 533,313,128 Facebook...Security Affairs
April 5, 2021
533 Million Facebook Users Personal Data Leaked that Includes Mark Zuckerberg’s Cell Phone Number – How to check that your Data Exposed? Full Text
Abstract
Facebook gets hacked to reveal its founder and CEO, Mark Zuckerberg’s cell phone number! However, Mark Zuckerberg’s details aren’t the only ones...Cyber Security News
April 5, 2021
533 million Facebook users’ phone numbers and personal data have been leaked online Full Text
Abstract
The exposed data includes personal information of over 533 million Facebook users from 106 countries, including over 32 million users in the US, 11 million in the UK, and 6 million in India.Business Insider
April 04, 2021
How to check if your info was exposed in the Facebook data leak Full Text
Abstract
Data breach notification service Have I Been Pwned can now be used to check if your personal information was exposed in yesterday's Facebook data leak that contains the phone numbers and information for over 500 million users.BleepingComputer
April 04, 2021
533 Million Facebook Users’ Phone Numbers and Personal Data Leaked Online Full Text
Abstract
In what's likely to be a goldmine for bad actors, personal information associated with approximately 533 million Facebook users worldwide has been leaked on a popular cybercrime forum for free—which was harvested by hackers in 2019 using a Facebook vulnerability. The leaked data includes full names, Facebook IDs, mobile numbers, locations, email addresses, gender, occupation, city, country, marital status broken, account creation date, and other profile details down by country, with over 32 million records belonging to users in the U.S., 11 million users the U.K., and six million users in India, among others. In total, the data being offered includes user information from 106 countries. Additionally, the data seems to have been obtained by exploiting a vulnerability that enabled automated scripts to scrape Facebook users' public profiles and associated private phone numbers en masse. The flaw has since been fixed by Facebook. "This is old data that was previouslyThe Hacker News
April 03, 2021
533 million Facebook users’ phone numbers leaked on hacker forum Full Text
Abstract
The mobile phone numbers and other personal information for approximately 533 million Facebook users worldwide has been leaked on a popular hacker forum for free.BleepingComputer
April 3, 2021
Data of 533 million Facebook users leaked in a hacking forum for free Full Text
Abstract
On April 3, a user has leaked the phone numbers and personal data of 533 million Facebook users in a hacking forum for free online. Bad news for Facebook, a user in a hacking forum has published the phone numbers and personal data of 533 million Facebook...Security Affairs
April 3, 2021
Capital One discovered more customers’ SSNs exposed in 2019 hack Full Text
Abstract
More clients of Capital One have been impacted in the 2019 data breach, the US bank is notifying them of their SSNs exposure. US bank Capital One notified a number of additional customers that their Social Security numbers were exposed in the data...Security Affairs
April 2, 2021
Qualys: Breach limited to 3rd-party vendor, but attackers trying to make exposure seem worse Full Text
Abstract
In a detailed update posted on the Qualys website April 2, CISO Ben Carr said that an independent, third-party forensic firm has verified the company’s initial determination that the attack did not jump from Accellion’s file transfer appliance server to Qualys’ larger corporate network.SCMagazine
April 02, 2021
GitHub Arctic Vault likely contains leaked MedData patient records Full Text
Abstract
GitHub Arctic Code Vault has likely inadvertently captured sensitive patient medical records from multiple healthcare facilities. The private data was leaked on GitHub repositories last year that are now part of a collection of open-source contributions bound to last a 1,000 years.BleepingComputer
April 02, 2021
Qualys says Accellion hackers did not breach production systems Full Text
Abstract
Cybersecurity firm Qualys said today that the attackers who breached its Accellion FTA server didn't infiltrate the company's production and corporate environments.BleepingComputer
April 02, 2021
Capital One notifies more clients of SSNs exposed in 2019 data breach Full Text
Abstract
US bank Capital One notified additional customers that their Social Security numbers were exposed in a data breach announced in July 2019.BleepingComputer
April 2, 2021
Leaker Dismisses MobiKwik’s Not-So-Nimble Breach Denial Full Text
Abstract
A broker of breached data claims via dedicated .onion leak site to have deleted 8TB of stolen MobiKwik customer data that the company denies was stolen. The listing for 8.2TB of stolen data was withdrawn by a cybercrime forum seller.Gov Info Security
April 02, 2021
GitHub Arctic Vault likely has leaked MedData patient records Full Text
Abstract
GitHub Arctic Code Vault has likely inadvertently captured sensitive patient medical records from multiple healthcare facilities. The private data was leaked on GitHub repositories last year that are now part of a collection of open-source contributions bound to last a 1,000 years.BleepingComputer
April 2, 2021
Ubiquiti Shares Dive After Reportedly Downplaying ‘Catastrophic’ Data Breach Full Text
Abstract
Shares of New York City-based IoT device maker Ubiquiti (NYSE: UI) fell significantly this week following a report claiming that the recently disclosed data breach was “catastrophic” and that its impact was downplayed.Security Week
April 02, 2021
GitHub Arctic Vault captures leaked patient medical data for 1,000 years Full Text
Abstract
GitHub Arctic Code Vault has inadvertently captured sensitive patient medical records from multiple healthcare facilities. The private data was leaked on GitHub repositories last year that are now part of a collection of open-source contributions bound to last a 1,000 years.BleepingComputer
April 2, 2021
Mobile providers exposing sensitive data to leakage and theft Full Text
Abstract
Data exposure is a significant, unaddressed problem for Europe’s top mobile providers and, by extension, more than 253 million customers who sign up for their services and share sensitive personal data, according to research by Tala Security.Help Net Security
April 1, 2021
Forensic Audit of MobiKwik Ordered Full Text
Abstract
Reserve Bank of India orders audit of country's largest mobile payment network after alleged data breachInfosecurity Magazine
April 01, 2021
Ubiquiti confirms extortion attempt following security breach Full Text
Abstract
Networking device maker Ubiquiti has confirmed that it was the target of an extortion attempt following a January security breach, as revealed by a whistleblower earlier this week.BleepingComputer
April 01, 2021
Ubiquiti cyberattack may be far worse than originally disclosed Full Text
Abstract
The data breach report from Ubiquiti in January is allegedly a cover-up of a massive incident that put at risk customer data and devices deployed on corporate and home networks.BleepingComputer
April 1, 2021
Multiple Healthcare Providers Report Patient Data Breaches in Wake of Netgain Security Incident Full Text
Abstract
Months after an apparent ransomware attack against cloud hosting and MSP Netgain Technology, the list of healthcare entities reporting major health data breaches linked to the incident is growing.Info Risk Today
April 1, 2021
Ubiquiti security breach may be a catastrophe Full Text
Abstract
The data breach disclosed by Ubiquiti in January could be just the tip of the iceberg, a deeper incident could have hit the company. In January, American technology vendor Ubiquiti Networks suffered a data breach, it sent out notification emails to its customers...Security Affairs
March 31, 2021
In Yet Another Supply Chain Attack, PHP’s Git Server Gets Compromised Full Text
Abstract
To compromise the PHP codebase, two malicious commits were pushed to a Git repository maintained by the PHP development team.Cyware Alerts - Hacker News
March 31, 2021
New York charity leaves sensitive patients’ data unsecured Full Text
Abstract
The unsecured database contained over 2,000 CSV and TXT files, each with thousands of entries on medical records, children’s legal guardians, caseworkers, doctors, and other child welfare specialists.Cyber News
March 31, 2021
Whistleblower claims Ubiquiti Networks data breach was ‘catastrophic’ Full Text
Abstract
A whistleblower involved in the response to a data breach suffered by networking equipment provider Ubiquiti Networks has claimed the incident was downplayed and could be described as "catastrophic."ZDNet
March 31, 2021
Email accounts of DHS members were compromised in the SolarWinds hack Full Text
Abstract
Russian hackers accessed the email accounts of US Department of Homeland Security (DHS) officials as a result of the SolarWinds hack. Russia-linked hackers were able to access email accounts belonging to US Department of Homeland Security (DHS) officials...Security Affairs
March 30, 2021
US: DeKalb County schools notify parents about data breach Full Text
Abstract
Some students at the DeKalb County School District may have their personal information exposed in a 2019 security breach at PCS Revenue Control Systems, a school nutrition technology services firm.AJC
March 30, 2021
Leading Indian fintech platform MobiKwik denies data breach Full Text
Abstract
Indian digital financial services platform Mobikwik denies claims that almost 8 TB of data put up for sale was allegedly stolen from its servers.BleepingComputer
March 30, 2021
MobiKwik Data Breach – Hackers Selling Over 8TB of Users Personal and Financial Data Full Text
Abstract
Threat actor offers to sell 8 TB of MobiKwik’s personal and financial data on almost 100M consumers. MobiKwik is India’s leading fintech...Cyber Security News
March 30, 2021
PHP Git Server Hacked – Attackers Insert Secret Backdoor to Its Source Code Full Text
Abstract
Threat actors have recently managed to gain control of PHP's Git repository by implementing two back doors to the code. However, the...Cyber Security News
March 29, 2021
MobiKwik Suffers Major Breach — KYC Data of 3.5 Million Users Exposed Full Text
Abstract
Popular Indian mobile payments service MobiKwik on Monday came under fire after 8.2 terabytes (TB) of data belonging to millions of its users began circulating on the dark web in the aftermath of a major data breach that came to light earlier this month. The leaked data includes sensitive personal information such as: customer names, hashed passwords, email addresses, residential addresses, GPS locations, list of installed apps, partially-masked credit card numbers, connected bank accounts and associated account numbers, and know your customer (KYC) documents of 3.5 million users. Even worse, the leak also shows that MobiKwik does not delete the card information from its servers even after a user has removed them, in what's likely a breach of government regulations. New guidelines issued by India's apex banking institution, the Reserve Bank of India, prohibit online merchants, e-commerce websites, and payment aggregators from storing card details of a customer online.The Hacker News
March 29, 2021
Hackers accessed emails of top DHS officials as part of SolarWinds breach: report Full Text
Abstract
Hackers involved in what has become known as the SolarWinds breach accessed email accounts of top officials at the Department of Homeland Security (DHS) along with other personal information of senior federal officials, the Associated Press reported Monday.The Hill
March 29, 2021
Call Center Provider Experiences Major Data Leak Full Text
Abstract
From the time when it was exposed till when it was secured again, the database logged 1.48 million robocalls altogether and the majority of the calls were outgoing but some callbacks were also logged.Hackread
March 29, 2021
Hackers breached the PHP ‘s Git Server and inserted a backdoor in the source code Full Text
Abstract
Threat actors hacked the official Git server of the PHP programming language and pushed unauthorized updates to insert a backdoor into the source code. Unknown attackers hacked the official Git server of the PHP programming language and pushed unauthorized...Security Affairs
March 29, 2021
BackBlaze Mistakenly Shared Backup Meta Data with Facebook Full Text
Abstract
Earlier this month, a user reported to Backblaze the fact that the B2 web UI looked like it was submitting all of the names and sizes of his files in the B2 bucket to Facebook.Heimdal Security
March 28, 2021
PHP’s Git Server Hacked to Insert Secret Backdoor to Its Source code Full Text
Abstract
In yet another instance of a software supply chain attack, unidentified actors hacked the official Git server of the PHP programming language and pushed unauthorized updates to insert a secret backdoor into its source code. The two malicious commits were pushed to the self-hosted "php-src" repository hosted on the git.php.net server, illicitly using the names of Rasmus Lerdorf, the author of the programming language, and Nikita Popov, a software developer at Jetbrains. The changes are said to have been made yesterday on March 28. "We don't yet know how exactly this happened, but everything points towards a compromise of the git.php.net server (rather than a compromise of an individual git account)," Popov said in an announcement. The changes, which were committed as " Fix Typo " in an attempt to slip through undetected as a typographical correction, involved provisions for execution of arbitrary PHP code. "This line executes PHP code froThe Hacker News
March 26, 2021
Feedzai Lands $200M in Series C Funding Full Text
Abstract
Feedzai, a late-stage fintech startup, is the latest entrant into cybersecurity’s unicorn club after snagging a new $200 million funding round that values the company at more than $1 billion.Security Week
March 26, 2021
Digital Marketing Company Apollo Hit by Breach Impacting 11 Million French Users Full Text
Abstract
The archive, containing the purportedly stolen data of 10,930,000 France-based users, includes their names, phone numbers, location coordinates, workplace information, social media profiles, and more.Cyber News
March 26, 2021
Air Charter Firm Solairus Aviation Suffers Data Breach Full Text
Abstract
Private aviation services provider Solairus Aviation on Tuesday announced that some employee and customer data was compromised in a security incident at third-party vendor Avianis.Security Week
March 25, 2021
30 million Americans affected by the Astoria Company data breach Full Text
Abstract
Researchers discovered the availability in the DarK Web of 30M of records of Americans affected by the Astoria Company data breach Astoria Company LLC is a lead generation company that leverages on a network of websites to collect information on a person...Security Affairs
March 25, 2021
BackBlaze mistakenly shared backup metadata with Facebook Full Text
Abstract
Backblaze has removed Facebook tracking code (also known as an advertising pixel) accidentally added to web UI pages only accessible to logged-in customers.BleepingComputer
March 25, 2021
FatFace Faces Customer Anger After Controversial Breach Response Full Text
Abstract
Retailer urges those affected to keep it quietInfosecurity Magazine
March 24, 2021
Lessons Learned from the Accellion Breaches Full Text
Abstract
At the end of 2020, Accellion fell victim to a two-phase SQL injection attack, and the following months have been rife with data breach disclosures.Cyware Alerts - Hacker News
March 24, 2021
Breach at California State Controller’s Office Full Text
Abstract
Phishing attack exposes unclaimed property holder report dataInfosecurity Magazine
March 24, 2021
New Threat Actor Leaks Voter Registration Data of 6.5 Million Israeli Citizens Online Full Text
Abstract
The voter registration and personal details of millions of Israeli citizens were leaked online on Monday, just two days before the country held general elections for its unicameral parliament.The Record
March 24, 2021
Billions of FBS Records Exposed in Online Trading Broker Data Leak Full Text
Abstract
Ata Hakcil led the team of white hat hackers from WizCase in identifying a major data leak on online trading broker FBS’ websites. The data from FBS.com and FBS.eu comprised millions of confidential records including names, passwords, email addresses,...Security Affairs
March 24, 2021
British Clothing Retailer Fat Face Discloses Data Breach Full Text
Abstract
The organization says that some employee and customer information was exposed, including names, addresses, email addresses and the last four digits of credit card numbers, plus the expiration dates.Info Risk Today
March 24, 2021
Forex Broker Leaks Billions of Customer Records Online Full Text
Abstract
Misconfigured Elasticsearch server exposes payment and identity dataInfosecurity Magazine
March 24, 2021
A day before elections, hackers leaked details of millions of Israeli voters Full Text
Abstract
Hackers have exposed personal and voter registration details of over 6.5 million Israeli voters, less than 24 hours before the election. A few hours before the election in Israel, hackers exposed the voter registration and personal details of millions...Security Affairs
March 23, 2021
Shell Suffers Data Breach – Hackers Accessed Confidential Data Full Text
Abstract
Shell is the global group of energy and petrochemical companies with more than 80,000 employees in more than 70 countries. They use...Cyber Security News
March 23, 2021
Hobby Lobby Exposes Customer Data in Cloud Misconfiguration Full Text
Abstract
The arts-and-crafts retailer left 138GB of sensitive information open to the public internet.Threatpost
March 23, 2021
Thousands of Exchange servers breached prior to patching, CISA boss says Full Text
Abstract
A CISA official on Monday warned organizations about vulnerabilities in Microsoft Exchange Server software, noting that “thousands” of computer servers with updated software had already been breached.Cyberscoop
March 23, 2021
Energy giant Shell discloses data breach caused by Accellion FTA hack Full Text
Abstract
Oil and gas giant Royal Dutch Shell (Shell) discloses a data breach resulting from the compromise of its Accellion File Transfer Appliance (FTA) file sharing service. Energy giant Shell disclosed a data breach resulting from the compromise of an Accellion...Security Affairs
March 22, 2021
Energy giant Shell discloses data breach after Accellion hack Full Text
Abstract
Energy giant Shell has disclosed a data breach after attackers compromised the company's secure file-sharing system powered by Accellion's File Transfer Appliance (FTA).BleepingComputer
March 22, 2021
MangaDex website taken offline following cyber-attack, data breach Full Text
Abstract
The site’s maintainers said the attacker was able to access the account through “the reuse of a session token found in an old database leak through faulty configuration of session management”.The Daily Swig
March 18, 2021
Zoom Screen-Sharing Glitch ‘Briefly’ Leaks Sensitive Data Full Text
Abstract
A glitch in Zoom’s screen-sharing feature shows parts of presenters’ screens that they did not intend to share – potentially leaking emails or passwords.Threatpost
March 17, 2021
Data Breaches Tracker monitor unsecured ElasticSearch servers online Full Text
Abstract
Cybersecurity research at WizCase, an online security and privacy portal, built a tool to track accessible ElasticSearch servers on the internet. Cybersecurity research at WizCase, an online security and privacy portal, developed a tool...Security Affairs
March 17, 2021
SolarWinds threat actor gains access to Mimecast’s production grid environment Full Text
Abstract
The company earned kudos from security researchers for transparency and swift response, with one saying “I would have hoped to see more companies to be this responsive and forthcoming.”SCMagazine
March 17, 2021
Mimecast: SolarWinds Attackers Stole Source Code Full Text
Abstract
A new Mimecast update reveals the SolarWinds hackers accessed several “limited” source code repositories.Threatpost
March 17, 2021
Mimecast Finds SolarWinds Hackers Stole Some of Its Source Code Full Text
Abstract
Email security firm Mimecast on Tuesday revealed that the state-sponsored SolarWinds hackers who broke into its internal network also downloaded source code out of a limited number of repositories. "The threat actor did access a subset of email addresses and other contact information and hashed and salted credentials," the company said in a write-up detailing its investigation, adding the adversary "accessed and downloaded a limited number of our source code repositories, as the threat actor is reported to have done with other victims of the SolarWinds Orion supply chain attack." But Mimecast said the source code downloaded by the attackers was incomplete and would be insufficient to build and run any aspect of the Mimecast service and that it did not find signs of any tampering made by the threat actor to the build process associated with the executables that are distributed to its customers. On January 12, Mimecast disclosed that that "a sophisticatThe Hacker News
March 17, 2021
Microsoft’s Azure SDK site tricked into listing fake package Full Text
Abstract
A security researcher was able to add a counterfeit test package to the official list of Microsoft Azure SDK latest releases. The simple trick if abused by an attacker can give off the impression that their malicious package is part of the Azure SDK suite.BleepingComputer
March 17, 2021
Sensitive data from US shipping management software firm exposed online Full Text
Abstract
The data, which belonged to New Jersy based Descartes Aljex Software, was exposed by a misconfigured AWS S3 Bucket which left it unsecured and vulnerable to intrusion by attackers.Hackread
March 16, 2021
Hacker leaks payment data from defunct WeLeakInfo breach site Full Text
Abstract
WeLeakInfo was a website that offered paid subscriptions that provides searchable access to a database containing 12.5 billion user records stolen during data breaches. This data included email addresses, names, phone numbers, addresses, and in many cases, passwords.BleepingComputer
March 16, 2021
Mimecast: SolarWinds hackers stole some of our source code Full Text
Abstract
Email security company Mimecast has confirmed today that the state-sponsored SolarWinds hackers who breached its network earlier this year used the Sunburst backdoor during the initial intrusion.BleepingComputer
March 16, 2021
Hacker leak payment data from defunct WeLeakInfo breach site Full Text
Abstract
WeLeakInfo was a website that offered paid subscriptions that provides searchable access to a database containing 12.5 billion user records stolen during data breaches. This data included email addresses, names, phone numbers, addresses, and in many cases, passwords.BleepingComputer
March 16, 2021
Hackers leak payment data from defunct WeLeakInfo breach site Full Text
Abstract
WeLeakInfo was a website that offered paid subscriptions that provides searchable access to a database containing 12.5 billion user records stolen during data breaches. This data included email addresses, names, phone numbers, addresses, and in many cases, passwords.BleepingComputer
March 16, 2021
Fastway Couriers Confirms Security Breach Full Text
Abstract
Investigation launched after data breach puts 450k Fastway Couriers customers at riskInfosecurity Magazine
March 16, 2021
Hacker Dumps Guns.com Database Containing Customer and Admin Data Full Text
Abstract
The actor behind the data dump claimed that it includes a complete database of Guns.com along with its source code. They further added that the breach took place somewhere around the end of 2020.Hackread
March 16, 2021
Users of NFT Digital Art Marketplace Nifty Gateway Suffer Account Takeover and Theft Attacks Full Text
Abstract
Many users of the digital art marketplace Nifty Gateway reported that hackers had taken over their accounts and stolen artwork worth thousands of dollars over the weekend.Cyberscoop
March 15, 2021
Vulnerable Australian Kids Impacted by Data Breach Full Text
Abstract
Former caseworker accessed sensitive data of children hundreds of times after leaving their jobInfosecurity Magazine
March 13, 2021
10,000+ WeLeakInfo customer records leaked Full Text
Abstract
WeLeakInfo.com was a data breach notification service that was allowing its customers to verify if their credentials been compromised in data breaches. The service was claiming a database of over 12 billion records from over 10,000 data breaches.Security Affairs
March 12, 2021
Settlement Reached Over Data Breach Impacting 24 Million Americans Full Text
Abstract
Retrieval-Masters Creditors Bureau reaches multi-state settlement over AMCA data breachInfosecurity Magazine
March 12, 2021
10,000+ WeLeakInfo customer records leaked Full Text
Abstract
An actor claimed to have registered one of the domains of WeLeakInfo, accessed details of 10000+ WeLeakInfo' s customers, and leaked it. WeLeakInfo.com was a data breach notification service that was allowing its customers to verify if their credentials...Security Affairs
March 10, 2021
Massive Security Camera Breach – Hackers Accessed Security Cameras at Tesla, Cloudflare, Banks & More Full Text
Abstract
The group of hackers viewed live and archived surveillance footage from hundreds of businesses including Tesla, Equinox, healthcare clinics, jails, and banks...Cyber Security News
March 10, 2021
Breach Exposes Verkada Security Camera Footage at Tesla, Cloudflare Full Text
Abstract
Surveillance footage from companies such as Tesla as well as hospitals, prisons, police departments and schools was accessed in the hack.Threatpost
March 10, 2021
Exposed Password Gave Hackers Access to 150,000 Cameras Full Text
Abstract
Report suggests major security fail from a familiar sourceInfosecurity Magazine
March 9, 2021
West Ham Supporters’ Personal Details Leaked on Club Website Full Text
Abstract
Personal details of supporters of the Premier League side leaked on the official club siteInfosecurity Magazine
March 09, 2021
Microsoft Exchange Hackers Also Breached European Banking Authority Full Text
Abstract
The European Banking Authority (EBA) on Sunday said it had been a victim of a cyberattack targeting its Microsoft Exchange Servers, forcing it to temporarily take its email systems offline as a precautionary measure. "As the vulnerability is related to the EBA's email servers, access to personal data through emails held on that servers may have been obtained by the attacker," the Paris-based regulatory agency said . EBA said it's launched a full investigation into the incident in partnership with its information and communication technology (ICT) provider, a team of forensic experts, and other relevant entities. In a second update issued on Monday, the agency said it had secured its email infrastructure and that it found no evidence of data extraction, adding it has "no indication to think that the breach has gone beyond our email servers." Besides deploying extra security measures, EBA also noted it's closely monitoring the situation after restorThe Hacker News
March 08, 2021
Flagstar Bank hit by data breach exposing customer, employee data Full Text
Abstract
US bank and mortgage lender Flagstar has disclosed a data breach after the Clop ransomware gang hacked their Accellion file transfer server in January.BleepingComputer
March 8, 2021
Flagstar Bank customer data breached through Accellion hack Full Text
Abstract
While now discontinued and supplanted by other software such as Kiteworks, a zero-day vulnerability in the legacy software was found in December and has since been exploited by attackers in the wild.ZDNet
March 7, 2021
Hackers breach thousands of Microsoft customers around the world Full Text
Abstract
A sophisticated attack on Microsoft Corp.’s widely used business email software is morphing into a global cybersecurity crisis, as hackers race to infect as many victims as possible before companies can secure their computer systems.Livemint
March 6, 2021
Hackers breached four prominent underground cybercrime forums Full Text
Abstract
A suspicious wave of attacks resulted in the hack of four cybercrime forums Verified, Crdclub, Exploit, and Maza since January. Since January, a series of mysterious cyberattacks that resulted in the hack of popular Russian-language cybercrime forums. Unknown...Security Affairs
March 5, 2021
Millions of travelers of several airlines impacted by SITA data breach Full Text
Abstract
SITA, a multinational IT company that provides services to the air transport industry was the victim of cyberattack that impacted multiple airlines. SITA is a multinational information technology company providing IT and telecommunication...Security Affairs
March 5, 2021
Airline IT provider confirms passenger data leaked after major ‘cyberattack’ Full Text
Abstract
In a public disclosure, the Swiss outfit confirmed it had last month fallen victim to a wide-ranging data security incident that ensnared passengers from some of the world’s largest airlines.The Register
March 5, 2021
Massive Supply-Chain Cyberattack Breaches Several Airlines Full Text
Abstract
The cyberattack on SITA, a nearly ubiquitous airline service provider, has compromised frequent-flyer data across many carriers.Threatpost
March 05, 2021
SITA data breach affects millions of travelers from major airlines Full Text
Abstract
Passenger data from multiple airlines around the world has been compromised after hackers breached servers belonging to SITA, a global information technology company.BleepingComputer
March 5, 2021
11,877 Android Apps and 6,608 iOS Apps Leak Data Due to Cloud Misconfigurations Full Text
Abstract
Researchers found misconfigurations in 14 percent of analyzed apps—11,877 Android apps and 6,608 iOS apps—exposing users' personal information, passwords, and even medical information.Wired
March 5, 2021
Someone Is Hacking Cybercrime Forums and Leaking User Data Full Text
Abstract
At least four cybercrime forums have been breached since the beginning of the year, namely Verified in January, Crdclub in February, and Exploit and Maza in March, by an unknown threat actor.Security Week
March 5, 2021
Singapore Airlines Frequent Flyer Members Impacted by Third-Party Security Breach Full Text
Abstract
Data belonging to 580,000 Singapore Airlines' frequent flyer members have been compromised in a cybersecurity attack that originally hit air transport communications and IT vendor, SITA.ZDNet
March 5, 2021
SITA Supply Chain Breach Hits Multiple Airlines Full Text
Abstract
Malaysia Airlines, Singapore Airlines and others affectedInfosecurity Magazine
March 4, 2021
5 million Adecco.com users’ data leaked Full Text
Abstract
A user on a popular hacking forum was purportedly selling the stolen credentials from 6 South American countries for the Swiss-based Adecco Group, the second-largest staffing provider in the world.Cyber News
March 4, 2021
Maza Russian cybercriminal forum suffers data breach Full Text
Abstract
The community has been connected to carding -- the trafficking of stolen financial data and payment card info -- and the discussion of topics like malware, exploits, spam, money laundering, and more.ZDNet
March 04, 2021
Extortion Gang Breaches Cybersecurity Firm Qualys Using Accellion Exploit Full Text
Abstract
Enterprise cloud security firm Qualys has become the latest victim to join a long list of entities to have suffered a data breach after zero-day vulnerabilities in its Accellion File Transfer Appliance (FTA) server were exploited to steal sensitive business documents. As proof of access to the data, the cybercriminals behind the recent hacks targeting Accellion FTA servers have shared screenshots of files belonging to the company's customers on a publicly accessible data leak website operated by the CLOP ransomware gang. Confirming the incident, Qualys Chief Information Security Officer Ben Carr said a detailed probe "identified unauthorized access to files hosted on the Accellion FTA server" located in a DMZ (aka demilitarized zone ) environment that's segregated from the rest of the internal network. "Based on this investigation, we immediately notified the limited number of customers impacted by this unauthorized access," Carr added. "The inThe Hacker News
March 3, 2021
Nine-year Malaysia Airlines breach gave attackers lots of time to misuse data Full Text
Abstract
The incident is another example of why businesses must assess and manage third-party vendor risk.SCMagazine
March 3, 2021
Microsoft Exchange Server breaches more widespread than originally thought Full Text
Abstract
In its blog post on critical Exchange Server patches Tuesday, Microsoft pointed to “limited and targeted” exploitation of the vulnerabilities in the wild. But new data suggests that the breaches may not be limited or targeted at all.SCMagazine
March 3, 2021
Telemarketing Biz Exposes 114,000 in Cloud Config Error Full Text
Abstract
Call recordings of clients and customers on unsecured bucketInfosecurity Magazine
March 3, 2021
Data Breach: Millions of Phone Numbers, Recordings, and Call Logs Compromised in Ringostat Data Leak Full Text
Abstract
WizCase experts found a major breach in phone-tracking service Ringostat ’s database, millions of Phone Numbers, Recordings, and Call Logs Compromised WizCase security team has found a major breach in phone-tracking service Ringostat ’s database....Security Affairs
March 02, 2021
Malaysia Airlines discloses a nine-year-long data breach Full Text
Abstract
Malaysia Airlines has suffered a data breach spanning nine years that exposed the personal information of members in its Enrich frequent flyer program.BleepingComputer
March 2, 2021
Malaysia Airlines Suffers Data Security ‘Incident’ Spanning Nine Years Full Text
Abstract
Malaysia Airlines has suffered a data security "incident" that compromised personal information belonging to some of its members. The breach is purported to involve a third-party IT service provider.ZDNet
March 02, 2021
Oxfam Australia confirms data breach after stolen info sold online Full Text
Abstract
Oxfam Australia has confirmed a data breach after suffering a cyberattack and their donor databases put up for sale on a hacker forum in January.BleepingComputer
March 2, 2021
Fitness Studio Management Platform Leaks Over 1.5 Million User Records Due to Unsecured Server Full Text
Abstract
The exposed bucket contained 36,951 files, including 633 CSV files containing 1,522,740 records of users who signed up for fitness and wellness activities with businesses that use the Mariana Tek API.Cyber News
March 01, 2021
European e-ticketing platform Ticketcounter extorted in data breach Full Text
Abstract
A Dutch e-Ticketing platform has suffered a data breach after a user database containing 1.9 million unique email addresses was stolen from an unsecured staging server.BleepingComputer
March 1, 2021
T-Mobile Data Breach – Some of its Customers Affected by SIM Swap Attacks Full Text
Abstract
Recently, in an investigation, cybersecurity experts have detected a data breach after an unknown number of customers got attacked by SIM swap...Cyber Security News
March 1, 2021
Data of 21 million users from 3 Android VPNs put for sale online Full Text
Abstract
A user on a popular hacker forum is selling three databases purportedly containing user credentials and device data stolen from three different Android VPN services – SuperVPN, GeckoVPN, and ChatVPN.Cyber News
February 26, 2021
T-Mobile discloses data breach after SIM swapping attacks Full Text
Abstract
American telecommunications provider T-Mobile has disclosed a data breach after an unknown number of customers were apparently affected by SIM swap attacks.BleepingComputer
February 26, 2021
Data Breach: Turkish legal advising company exposed over 15,000 clients Full Text
Abstract
Data Breach: WizCase team uncovered a massive data leak containing private information about Turkish Citizens through a misconfigured Amazon S3 bucket. The server contained 55,000 court papers regarding over 15,000 legal cases, which affected hundreds...Security Affairs
February 26, 2021
French Regulator Lambasts Health Firms Over Mass Data Leak Full Text
Abstract
The extensive document was published on Feb. 12 under the mention “500,000 French hospital records” and it was shortly after posted on other dark web sites, including a Russian forum.Bloomberg
February 25, 2021
Health Website Leaks 8 Million COVID-19 Test Results Full Text
Abstract
A teenaged ethical hacker discovered a flawed endpoint associated with a health-department website in the state of Bengal, which exposed personally identifiable information related to test results.Threatpost
February 25, 2021
VC giant Sequoia Capital discloses data breach after failed BEC attack Full Text
Abstract
American VC firm Sequoia Capital has disclosed a data breach following what looks like a failed business email compromise (BEC) attack from January.BleepingComputer
February 25, 2021
VC giant Sequoia discloses data breach after failed BEC attack Full Text
Abstract
American venture capital firm Sequoia has disclosed a data breach following what looks like a failed business email compromise (BEC) attack from January.BleepingComputer
February 25, 2021
Michigan-based Covenant HealthCare Discloses Data Breach Impacting Personal Data of 45,000 People Full Text
Abstract
Covenant said an unauthorized party gained access to two Covenant employee email accounts. Around 45,000 people's information could have potentially been compromised in the data breach.WNEM
February 24, 2021
Medical Data of 500,000 French Residents Leaked Online Full Text
Abstract
Stolen data that hackers planned to sell was allegedly leaked following a disagreementInfosecurity Magazine
February 24, 2021
NASA and the FAA were also breached by the SolarWinds hackers Full Text
Abstract
NASA and the US Federal Aviation Administration (FAA) have also been compromised by the nation-state hackers behind the SolarWinds supply-chain attack, according to a& Washington Post report.BleepingComputer
February 24, 2021
Legal Firm Leaks 15,000 Cases Via the Cloud Full Text
Abstract
Misconfiguration of AWS S3 bucket to blameInfosecurity Magazine
February 24, 2021
Aircraft-Maker Bombardier Breached by Accellion FTA Hackers Full Text
Abstract
Data on customers, employees and suppliers compromisedInfosecurity Magazine
February 24, 2021
Airplane manufacturer Bombardier has disclosed a security breach, data leaked online Full Text
Abstract
Hackers posted data stolen from manufacturer of business jets Bombardier on Clop ransomware leak site following alleged FTA hack. Hackers exploited vulnerabilities in Accellion FTA file-sharing legacy servers to steal data from the airplane maker...Security Affairs
February 23, 2021
FireEye and Microsoft execs, senators dissect mandatory breach disclosure in wake of SolarWinds Full Text
Abstract
There is no rule mandating a company to disclose a breach to the federal government, even when national security is a concern. That could change, however. In the words of Microsoft President Brad Smith, “this is about moving information fast, to the right place, so it can be put to good use.”SCMagazine
February 23, 2021
Microsoft, FireEye push for breach reporting rules after SolarWinds hack Full Text
Abstract
Top executives from Microsoft and FireEye on Tuesday urged Congress to create mandatory breach reporting requirements for companies following the massive Russian hack of the federal government that extended to the private sector.The Hill
February 23, 2021
Daycare Webcam Service Exposes 12,000 User Accounts Full Text
Abstract
NurseryCam suspends service across 40 daycare centers until a security fix is in place.Threatpost
February 23, 2021
Transport for NSW confirms data taken in Accellion breach Full Text
Abstract
The Accellion system was widely used to share and store files by organizations around the world, including Transport for NSW, the government entity said on Tuesday afternoon.ZDNet
February 23, 2021
Filipino Credit App Cashalo Hit by Data Breach Impacting Users’ Personally Identifiable Information Full Text
Abstract
Cashalo, which offers cash loans and other financial services in the Philippines, confirmed that “illegal access” of a database has resulted in the leak of some personally identifiable information.The Daily Swig
February 23, 2021
NurseryCam daycare cam service shut down after security breach Full Text
Abstract
Daycare camera product NurseryCam was hacked last week, the company was forced to shut down its IoT camera service. On Friday, The Register become aware of the compromise of the NurseryCam network. NurseryCam is produced by the companies FootfallCam...Security Affairs
February 22, 2021
Kroger warns pharmacy customers’ personal data may have been stolen in hack Full Text
Abstract
Some Kroger pharmacy customers’ data may have been stolen after hackers accessed a vendor’s file-transfer service, the grocery store chain said on Friday.The Hill
February 22, 2021
US Retailer Kroger Admits Accellion Breach Full Text
Abstract
FTA platform exploited to compromise dataInfosecurity Magazine
February 22, 2021
Parents alerted to NurseryCam security breach Full Text
Abstract
NurseryCam said it did not believe the incident had involved any youngsters or staff being watched without their permission, but had shut down its server as a precautionary measure.Yahoo! Finance
February 20, 2021
Kroger data breach exposes pharmacy and employee data Full Text
Abstract
Supermarket giant Kroger has suffered a data breach after a service used to transfer files securely was hacked, and threat actors stole files.BleepingComputer
February 20, 2021
Sequoia Capital Venture Capital firm discloses a data breach Full Text
Abstract
Sequoia Capital, one of the most prominent venture capital firms, told its investors that an unauthorized third party had access to their information. Sequoia Capital, one of the most prominent venture capital firms that focus on the technology...Security Affairs
February 20, 2021
Kroger advises customers of data breach affecting pharmacy Full Text
Abstract
The Kroger Co. has advised customers of its pharmacy and Little Clinic of a data security breach in which patient names and sensitive personal information was illegally accessed.AJC
February 19, 2021
Jamaica’s Immigration Website Exposed Personal Data and COVID-19 Test Results of Thousands of Travelers Full Text
Abstract
A security lapse by a Jamaican government contractor has exposed immigration records and COVID-19 test results for hundreds of thousands of travelers who visited the island over the past year.TechCrunch
February 18, 2021
California DMV Halts Data Transfers After Vendor Breach Full Text
Abstract
California drivers warned of data breach after Seattle verification company suffers ransomware attackInfosecurity Magazine
February 18, 2021
Sensitive data of Over 257,000 Online Gamblers Put for Sale on Hacker Forum Full Text
Abstract
A user on a popular hacking forum is selling a database that purportedly contains more than 257,000 user records from orakulas.lt (now known as Olybet.lt), a Lithuanian online betting service.Cyber News
February 18, 2021
California DMV halts data transfers with third-party company after security breach Full Text
Abstract
The California Department of Motor Vehicles announced Wednesday that a third-party company it shares data with has had a security breach. It is unclear if any DMV information was compromised.KCRA
February 18, 2021
California Medical Imaging Group Leaks Info of 100,000 Patients Due to Flawed PACS System Full Text
Abstract
A California medical imaging group practice says vulnerabilities in its picture archiving and communications system left patient data at risk of unauthorized access for more than a year.Gov Info Security
February 18, 2021
Breach Caused Due to Third-party File Sharing Service Impacts 129,000 Singtel Customers’ Data Full Text
Abstract
Singtel has confirmed that the personal details of 129,000 customers, as well as the financial information of its former employees, have been compromised in a recent security breach.ZDNet
February 18, 2021
Singtel Breach Hits 129,000 Customers Full Text
Abstract
Telco was compromised via legacy Accellion FTA productInfosecurity Magazine
February 17, 2021
Stolen Jones Day Law Firm Files Posted on Dark Web Full Text
Abstract
Jones Day, which represented Trump, said the breach is part of the Accellion attack from December.Threatpost
February 17, 2021
Jones Day Denies Network Breach Full Text
Abstract
America’s tenth-largest law firm says its network was not compromised following Accellion data breachInfosecurity Magazine
February 17, 2021
14 Million Accounts of Amazon and eBay Users From 18 Countries Sold Online in New Leak Full Text
Abstract
The database, which was being sold for $800, included the full names, postal codes, delivery addresses, and shop names, and 1.6 million phone records of customers from 18 countries.Cyber News
February 17, 2021
Over 110,000 User Records From Lithuania’s CityBee Car Sharing Service Leaked on Hacker Forum Full Text
Abstract
The first part of the database was posted on February 15 and includes 110,000 CityBee user IDs, usernames, hashed passwords, full names, as well as personal codes (national identification numbers) that belong to mostly Lithuanian CityBee users.Cyber News
February 17, 2021
Hoffman Construction shores up its defense systems after employee healthcare data breach Full Text
Abstract
In a breach notification statement, Hoffman said that as soon as it discovered the problem it “disabled the affected systems, took steps to secure our network, and began an investigation”.The Daily Swig
February 17, 2021
Clubhouse may be leaking data to Chinese govt: Stanford report Full Text
Abstract
The Stanford Internet Observatory (SIO) has confirmed that Agora, a Shanghai-based provider of real-time engagement software, supplies back-end infrastructure to the Clubhouse app.The Times Of India
February 16, 2021
Adorcam App Leaks 124 Million User Records via Unsecured ElasticSearch Database Full Text
Abstract
An unsecured ElasticSearch database belonging to the Adorcam app exposed credentials, hostname, and port for the MQTT server, allowing threat actors to download, delete, or modify the data.CISO MAG
February 13, 2021
Web cam app Adorcom leaks 124M rows of customers’ data Full Text
Abstract
The expose included live details such as location, whether the microphone was active, and the name of the WiFi network that the camera is connected to, along with information about the webcam owner such as email addresses.The Times Of India
February 12, 2021
Yandex Data Breach Exposes 4K+ Email Accounts Full Text
Abstract
In a security notice, Yandex said an employee had been providing unauthorized access to users’ email accounts “for personal gain.”Threatpost
February 12, 2021
KeepChange said it stopped hackers from stealing user funds, but not personal data Full Text
Abstract
KeepChange, a Bitcoin exchange portal that launched last year, said it was hacked over the weekend but that security safeguards it had in place stopped the intruders from stealing user funds.ZDNet
February 12, 2021
Romania’s biggest real estate portal suffers major data breach Full Text
Abstract
The largest real estate portal in Romania, Imobiliare.ro, has suffered a data breach that could potentially affect its entire client database, reports Website Planet quoted by Profit.ro.Romania Insider
February 11, 2021
Singtel, QIMR Berghofer report Accellion-related data breaches Full Text
Abstract
Singtel and the QIMR Berghofer Medical Research Institute are the latest companies to disclose data breaches caused by a vulnerability in the Accellion FTA secure file transfer software.BleepingComputer
February 11, 2021
Australian Research Institute QIMR Berghofer Confirms Likely Data Breach Due to Third-party Accellion Hack Full Text
Abstract
On February 2, the organization said it was told that it had been affected by the data breach. The institute’s investigation revealed that around 4% of its data held by Accellion had been accessed.The Daily Swig
February 11, 2021
Researchers Discover 30 Popular Mobile Health Apps Exposing Millions of Patient Records Full Text
Abstract
With people increasingly relying on mHealth apps during the COVID-19 pandemic, researchers observed that such apps are now generating more user activities compared to other mobile apps.Security Week
February 11, 2021
Singapore Telecom Firm Singtel Discloses Breach Potentially Impacting Customer Data Full Text
Abstract
The attack had affected a file-sharing system developed two decades ago by a third-party vendor Accellion, which the Singapore telco had used internally and with external stakeholders.ZDNet
February 11, 2021
Syracuse University data breach exposes nearly 10,000 names, Social Security numbers Full Text
Abstract
The names and Social Security numbers of about 9,800 Syracuse University students, alumni and applicants have been exposed after someone gained unauthorized access to an employee’s email account.The Daily Orange
February 10, 2021
Anti-malware firm Emsisoft accidentally exposes internal DB Full Text
Abstract
Antivirus firm Emsisoft discloses a data breach, a third-party had access to a publicly exposed database containing technical logs. The anti-malware solutions provider Emsisoft disclosed last week a data breach. The company revealed that a third-party...Security Affairs
February 9, 2021
Tokyo Gas discloses data breach impacting anime-style dating simulation game Full Text
Abstract
Around 10,000 email addresses belonging to players of an online, anime-style game were exposed during a data breach, according to Tokyo Gas, the game’s developer and Japanese utility giant.The Daily Swig
February 9, 2021
Experian says investigating if involved in Brazil data breach Full Text
Abstract
Experian said it was investigating whether the personal data of millions of Brazilians that was found to be illegally offered for sale online could be connected with its Brazilian business Serasa.Reuters
February 8, 2021
Law Firm Data Breach Impacts UPMC Patients Full Text
Abstract
PHI of more than 36k UPMC patients may have been exposed following attack on law firmInfosecurity Magazine
February 8, 2021
Emsisoft Suffers System Breach Full Text
Abstract
Configuration error allows unauthorized third party to access anti-malware solution maker’s technical logsInfosecurity Magazine
February 7, 2021
COMB breach: 3.2B email and password pairs leaked online Full Text
Abstract
The Largest compilation of emails and passwords (COMB), more than 3.2 billion login credentials, has been leaked on a popular hacking forum. More than 3.2 billion unique pairs of cleartext emails and passwords have been leaked on a popular hacking...Security Affairs
February 7, 2021
Web developers SitePoint discloses a data breach Full Text
Abstract
The website, and publisher of books, courses and articles for web developers, SitePoint discloses a data breach that impacted 1M users. SitePoint is an Australian-based website, and publisher of books, courses and articles for web developers. The company...Security Affairs
February 6, 2021
Webdev tutorials site SitePoint discloses data breach Full Text
Abstract
SitePoint, a website that provides access to a wealth of web development tutorials and books, has disclosed a security breach this week in emails sent to some of its users.ZDNet
February 05, 2021
SitePoint discloses data breach after stolen info used in attacks Full Text
Abstract
The SitePoint web professional community has disclosed a data breach after their user database was sold and eventually leaked for free on a hacker forum.BleepingComputer
February 5, 2021
BA Data Breach Victims Granted Extension to File Claims Full Text
Abstract
Breach victims who have not filed their claim encouraged to do soInfosecurity Magazine
February 5, 2021
Government Security Supplier Suffers Double Breach Full Text
Abstract
French security company warns of customer data and source code theftInfosecurity Magazine
February 4, 2021
Data Breach at Security Firm Stormshield Impacts Client Information, Source Code Full Text
Abstract
Stormshield is a major provider of network security products to the French government, some used on sensitive networks, so it is being treated as a major security breach inside the French government.ZDNet
February 4, 2021
Vermont labor commissioner apologizes for tax data bungle Full Text
Abstract
Vermont Labor Department officials remain on damage control a day after revealing a massive data breach involving tens of thousands of 1099-G unemployment tax forms sent to the wrong people.Wcax
February 03, 2021
Oxfam Australia investigates data breach after database sold online Full Text
Abstract
Oxfam Australia investigates a suspected data breach after a threat actor claimed to be selling their database belonging on a hacker forum.BleepingComputer
February 3, 2021
Largest Compilation of User Emails and Passwords Leaked for Free on Hacker Forum Full Text
Abstract
More than 3.2 billion unique pairs of cleartext emails and passwords have just been leaked on a popular hacking forum, aggregating past leaks from Netflix, LinkedIn, Exploit.in, Bitcoin, and more.Cyber News
February 3, 2021
Data of 2.5 million Airtel customers in J-K allegedly leaked; telco claims no breach in server Full Text
Abstract
Data of around 2.5 million Bharti Airtel subscribers of Jammu and Kashmir circle, including Aadhaar numbers, address, and date of birth, has reportedly been leaked by hackers.The Times Of India
February 3, 2021
Data on Thousands of Foxtons Customers Posted Online Full Text
Abstract
Report claims trove was first discovered in October 2020Infosecurity Magazine
February 03, 2021
Female escort review site data breach affects 470,000 members Full Text
Abstract
An online community promoting female escorts and reviews of their services has suffered a data breach after a hacker downloaded the site's database.BleepingComputer
February 3, 2021
Over Three Million US Drivers Exposed in Data Breach Full Text
Abstract
Dealership service provider appears to have been targetedInfosecurity Magazine
February 2, 2021
Police Exam Database Exposes 500K Indian Citizens ’ PII Full Text
Abstract
CloudSEK has discovered a post on a well-known database sharing forum advertising the PII of 500,000 Indian citizens. While the threat actor does not mention the name of an organization, the data provided in the sample is clearly associated with...Security Affairs
February 02, 2021
Data Breach Exposes 1.6 Million Jobless Claims Filed in the Washington State Full Text
Abstract
The Office of the Washington State Auditor (SAO) on Monday said it's investigating a security incident that resulted in the compromise of personal information of more than 1.6 million people who filed for unemployment claims in the state in 2020. The SAO blamed the breach on a software vulnerability in Accellion's File Transfer Appliance (FTA) service, which allows organizations to share sensitive documents with users outside their organization securely. "During the week of January 25, 2021, Accellion confirmed that an unauthorized person gained access to SAO files by exploiting a vulnerability in Accellion's file transfer service," the SAO said in a statement. The accessed information is said to have contained personal details of Washington state residents who filed unemployment insurance claims in 2020, as well as other data from local governments and state agencies. The exact information that may have been compromised include: Full name Social securiThe Hacker News
February 01, 2021
Exposed Azure bucket leaked passports, IDs of volleyball reporters Full Text
Abstract
A publicly exposed cloud storage bucket was found to contain images of hundreds of passports and identity documents belonging to journalists and volleyball players from around the world.BleepingComputer
February 1, 2021
Wind River Security Incident Affects SSNs, Passport Numbers Full Text
Abstract
Wind River Systems is warning of a ‘security incident’ after one or more files was downloaded from its network.Threatpost
February 01, 2021
Data breach exposes 1.6 million Washington unemployment claims Full Text
Abstract
Washington's State Auditor office has suffered a data breach that exposed the personal information in 1.6 million employment claims.BleepingComputer
February 01, 2021
European volleyball org’s Azure bucket exposed reporter passports Full Text
Abstract
A publicly exposed cloud storage bucket was found to contain images of hundreds of passports and identity documents belonging to journalists and volleyball players from around the world.BleepingComputer
January 29, 2021
Delivery Biz Exposes 400 Million Records in Privacy Snafu Full Text
Abstract
Bykea leaked customer, employee and driver docs after misconfigurationInfosecurity Magazine
January 29, 2021
US Breach Volumes Fell 19% in 2020 as Ransomware Surges Full Text
Abstract
ITRC reveals threat actors are moving away from mass data theftInfosecurity Magazine
January 28, 2021
USCellular hit by a data breach after hackers access CRM software Full Text
Abstract
Mobile network operator USCellular suffered a data breach after hackers gained access to its CRM and viewed customers' accounts.BleepingComputer
January 27, 2021
ASIC reports server breached via Accellion vulnerability Full Text
Abstract
"This incident is related to Accellion software used by ASIC to transfer files and attachments," the corporate regulator said in a notice posted on the evening before a public holiday.ZDNet
January 26, 2021
23M Gamer Records Exposed in VIPGames Leak Full Text
Abstract
The personal data of 66,000 users was left wide open on a misconfigured Elasticsearch server, joining a growing list of companies with leaky clouds.Threatpost
January 26, 2021
Criminal, Domestic Violence Case Info Exposed in Cook County Leak Full Text
Abstract
Cook County, Ill., home to Chicago, has left a database exposed since at least September that contained sensitive criminal and family-court records.Threatpost
January 26, 2021
Cook County Leaks 320,000 Court Records Full Text
Abstract
Reveals highly sensitive info from immigration, criminal and family casesInfosecurity Magazine
January 26, 2021
Misconfigured Cloud Server Exposes 66,000 Gamers Full Text
Abstract
Users of VIPGames.com at risk of follow-on attacksInfosecurity Magazine
January 25, 2021
2.28M MeetMindful Daters Compromised in Data Breach Full Text
Abstract
The ShinyHunters hacking group offer a raft of information, from location and contact info to dating preferences and bodily descriptions, as a free download.Threatpost
January 25, 2021
San Francisco Law Firm Investigating PupBox Data Breach Full Text
Abstract
Investigation launched after payment card info of 30k PupBox customers exposedInfosecurity Magazine
January 25, 2021
Australian securities regulator discloses security breach Full Text
Abstract
The Australian Securities and Investments Commission (ASIC) has revealed that one of its servers has been accessed by an unknown threat actor following a security breach.BleepingComputer
January 25, 2021
Australia’s Securities Regulator Suffers Security Breach Affecting File Transfer Server Full Text
Abstract
The incident occurred with the file sharing software provided by California-based Accellion. The same software was also used by New Zealand’s central bank, who faced a cyber attack earlier this month.Reuters
January 25, 2021
Intel: Earnings Leak Down to Internal Error Full Text
Abstract
URL to infographic was mistakenly made publicInfosecurity Magazine
January 25, 2021
Cryptocurrency exchange BuyUcoin hacked, data of 325K+ users leaked Full Text
Abstract
Indian cryptocurrency exchange Buyucoin suffered a security incident, threat actors leaked sensitive data of 325K users. A new incident involving a cryptocurrency exchange made the headlines, the India-based cryptocurrency exchange suffered a security...Security Affairs
January 24, 2021
Data breach at Buyucoin crypto exchange leaks user info, trades Full Text
Abstract
A threat actor has leaked the stolen database for Indian cryptocurrency exchange Buyucoin on a hacking forum for free.BleepingComputer
January 22, 2021
Bonobos clothing store suffers a data breach, hacker leaks 70GB database Full Text
Abstract
Bonobos men's clothing store has suffered a massive data breach exposing millions of customers' personal information after a cloud backup was downloaded by a threat actor. The corporate systems were not breached by the attacker.BleepingComputer
January 22, 2021
Bonobos clothing store confirms breach after hacker leaks 70GB database Full Text
Abstract
Bonobos men's clothing store has suffered a massive data breach exposing millions of customers' personal information.BleepingComputer
January 22, 2021
Human Error to Blame as Exposed Records Top 37 Billion in 2020 Full Text
Abstract
Breach volumes drop but ‘breached’ records surge 141%Infosecurity Magazine
January 20, 2021
Hacker leaks full database of 77 million Nitro PDF user records Full Text
Abstract
A stolen database containing the email addresses, names, and passwords of more than 77 million records of Nitro PDF service users was leaked today for free.BleepingComputer
January 20, 2021
US spinal care practice among first to issue healthcare data breach warning in 2021 Full Text
Abstract
Precision Spine Care, a Texas-based spinal care center, has warned of a potential data breach after an unauthorized individual gained access to an employee email account to fraudulently divert funds.The Daily Swig
January 20, 2021
Defunct social media app Fleek exposed explicit photos of users Full Text
Abstract
The team of researchers at VpnMentor discovered 377,000 files stored in the misconfigured 32 GB AWS S3 bucket. The exposed data included private photos of users and also bot scripts.Hackread
January 19, 2021
AnyVan Discloses Data Breach Exposing Customer Names, Emails, and Hashed Passwords Full Text
Abstract
The company wrote to customers mid-last week to inform them of a "breach of security resulting in the unauthorised access to data from our user database," according to the email seen by The Register.The Register
January 19, 2021
NZ Reserve Bank Governor Says He ‘Owns’ Breach Full Text
Abstract
The governor of New Zealand's Reserve Bank, the nation's central bank, says he "personally owns" responsibility for a data breach that exposed private and sensitive stakeholder information.Gov Info Security
January 19, 2021
OpenWRT Discloses Data Breach After Cybercriminals Broke Into Forum Admin Account Full Text
Abstract
The maintainers of OpenWRT, an open-source project that provides free and customizable firmware for home routers, have disclosed a security breach that took place over the weekend.ZDNet
January 19, 2021
Hendrick Health System discloses network breach impacting some patients’ information Full Text
Abstract
Hendrick Health System on Friday began notifying patients that some identifying information may have been compromised during a network security breach identified on November 20.Abilene Reporter News
January 18, 2021
OpenWRT forum hacked, intruders stole user data Full Text
Abstract
The OpenWRT forum, the community behind the open-source project for embedded operating systems based on Linux, disclosed a data breach. OpenWrt is an open-source project for embedded operating systems based on Linux, primarily used on embedded devices...Security Affairs
January 18, 2021
500K+ records of C-level people from Capital Economics leaked online Full Text
Abstract
Experts from Cyble recently found a leak of 500K+ records of C-level people from Capital Economics on a Russian-speaking forum. During a routine Darkweb monitoring, researchers from Cyble found a leak of 500K+ records of C-level people from...Security Affairs
January 18, 2021
OpenWRT Forum user data stolen in weekend data breach Full Text
Abstract
The administrators of the OpenWRT forum, a large community of enthusiasts of alternative, open-source operating systems for routers, announced a data breach.BleepingComputer
January 16, 2021
Security Researchers Gained Access to Git Repositories of the United Nations Full Text
Abstract
The security experts of Sakura Samurai have managed to get access to more than 100,000 personal records and credentials belonging to United...Cyber Security News
January 16, 2021
Dutch Energy Supplier Blames Cyber Intrusion on Data Breaches Suffered by Other Companies Full Text
Abstract
Eneco, a producer and supplier of natural gas, electricity, and heat in the Netherlands has warned tens of thousands of clients, including business partners, to change their passwords amid a recent data breach.Bit Defender
January 15, 2021
12,000+ workers’ IDs, banking details, and other personal data leaked by UK staffing agency Full Text
Abstract
At the time of discovery, the unsecured Microsoft Azure Blob contained 12,464 images, PDF documents, and email messages presumably sent by the exposed workers to Nohow International.Cyber News
January 14, 2021
Verified Twitter accounts hacked in $580k ‘Elon Musk’ crypto scam Full Text
Abstract
Threat actors are hacking verified Twitter accounts in an Elon Musk cryptocurrency giveaway scam that has recently become widely active.BleepingComputer
January 13, 2021
Capcom Data Breach May Have Impacted Extra 40k Customers Full Text
Abstract
Gaming company warns ransomware attack may have compromised data of up to 390k customersInfosecurity Magazine
January 13, 2021
Chinese Data-Scrapers Leaked Millions of Social Media Profiles Full Text
Abstract
A well-known and fast-growing Chinese social media management company Socialarks has suffered a huge data leak leading to the exposure of over...Cyber Security News
January 12, 2021
Some data from last month’s cyber attack leaked online, says EU drugs regulator Full Text
Abstract
The European Medicines Agency (EMA) did not provide details on which documents or data were made available online, but said necessary action was being taken by law enforcement authorities.Reuters
January 12, 2021
EMA: Some of Pfizer/BioNTech COVID-19 vaccine data was leaked online Full Text
Abstract
The European Medicines Agency (EMA) revealed that some of the Pfizer/BioNTech COVID-19 vaccine data were stolen from its servers. In December, a cyber attack hit the European Medicines Agency (EMA). At the time, the EMA did not provide technical details...Security Affairs
January 12, 2021
New Zealand Reserve Bank breached using bug patched on Xmas Eve Full Text
Abstract
A recent data breach at the Reserve Bank of New Zealand, known as Te Pūtea Matua, was caused by attackers exploiting a critical vulnerability patched the same day.BleepingComputer
January 12, 2021
Hackers leak stolen Pfizer COVID-19 vaccine data online Full Text
Abstract
The European Medicines Agency (EMA) today revealed that some of the Pfizer/BioNTech COVID-19 vaccine data stolen from its servers in December was leaked online.BleepingComputer
January 12, 2021
Ethical Hackers Breach U.N., Access 100,000 Private Records Full Text
Abstract
Researchers informed organization of a flaw that exposed GitHub credentials through the organization’s vulnerability disclosure program.Threatpost
January 12, 2021
New Zealand Central Bank Breach Hit Other Companies Full Text
Abstract
Third-party file-sharing service from Accellion was targetedInfosecurity Magazine
January 12, 2021
Networking and IoT Device Vendor Ubiquiti Networks Informs Customers of Data Breach Full Text
Abstract
"We recently became aware of unauthorized access to certain of our information technology systems hosted by a third party cloud provider," Ubiquiti said in emails sent to customers today.ZDNet
January 12, 2021
Chinese Startup Leaks Social Profiles of 214 Million Users Full Text
Abstract
Cloud configuration snafu exposes scraped dataInfosecurity Magazine
January 12, 2021
New Zealand Central Bank System Hacked – Sensitive Information Accessed Full Text
Abstract
New Zealand’s central bank said Sunday that one of its data systems has been breached by an unidentified hacker who potentially accessed...Cyber Security News
January 12, 2021
Juspay Hacked – Over 100 Million Users Data Leaked in Dark web Full Text
Abstract
The cybersecurity researchers have recently detected a data breach of Juspay's servers. And according to the experts' report, in this data breach,...Cyber Security News
January 11, 2021
Ubiquiti discloses a data breach Full Text
Abstract
American technology company Ubiquiti Networks is disclosed a data breach and is notifying its customers via email. American technology vendor Ubiquiti Networks suffered a data breach and is sending out notification emails to its customers asking them...Security Affairs
January 11, 2021
Networking giant Ubiquiti alerts customers of potential data breach Full Text
Abstract
Networking device maker Ubiquiti has announced a security incident that may have exposed its customers' data.BleepingComputer
January 11, 2021
70TB of Parler Users’ Data Leaked by Security Researchers Full Text
Abstract
Parler, a social network platform in the news lately, has been hit by a massive data scrape. Security researchers collected swaths of user data before the network went dark Monday morning after Amazon, Google, and Apple booted the platform.Cyber News
January 11, 2021
Communauto hit by cyber attack Full Text
Abstract
“This cyber attack has … brought many of our activities to a halt, and this explains some delays in the management of accounts payable and invoicing,” Communauto CEO Benoît Robert said in a statement.Montreal Gazette
January 11, 2021
1 million highly sensitive pictures leaked by Korean teen dating app Full Text
Abstract
CyberNews recently discovered an unsecured database that contains more than 1 million private photos, which appears to belong to the free Korean dating app ??? (aka Sweet Chat).CyberNews
January 11, 2021
Cybercriminals Accessed File Sharing Service Used by Reserve Bank of New Zealand Full Text
Abstract
New Zealand’s central bank says that one of its data systems has been breached by an unidentified hacker who potentially accessed commercially and personally sensitive information.The Guardian
January 11, 2021
Experts found gained access to the Git Repositories of the United Nations Full Text
Abstract
Researchers obtained gained access to the Git Repositories belonging to the United Nations, exposing staff records and credentials. The research group Sakura Samurai was able to access the repositories of the United Nations as part of the Vulnerability...Security Affairs
January 11, 2021
Over 100,000 UN Employee Records Accessed by Researchers Full Text
Abstract
Vulnerabilities allowed team to exfiltrate Git credentialsInfosecurity Magazine
January 11, 2021
United Nations data breach exposed over 100k UNEP staff records Full Text
Abstract
This week, researchers have responsibly disclosed a vulnerability by exploiting which they could access over 100K private records of United Nations Environmental Programme (UNEP). The data breach stemmed from exposed Git directories which let researchers clone Git repositories and gather PII of a large number of employees.BleepingComputer
January 10, 2021
New Zealand Reserve Bank suffers data breach via hacked storage partner Full Text
Abstract
The Reserve Bank of New Zealand, known as Te Pūtea Matua, has suffered a data breach after threat actors hacked a third-party hosting partner.BleepingComputer
January 8, 2021
Unsecured Git server exposed Nissan North America Full Text
Abstract
A misconfigured Git server is the root cause for the leak of source code of mobile apps and internal tools belonging to Nissan North America. A misconfigured Git server has caused the leak of the source code of mobile apps and internal software used...Security Affairs
January 08, 2021
Nissan NA source code leaked due to default admin:admin credentials Full Text
Abstract
Multiple code repositories from Nissan North America became public this week after the company left an exposed Git server protected with default access credentials.BleepingComputer
January 7, 2021
Data Stolen From London Council Published Online Full Text
Abstract
Data stolen from Hackney Council is allegedly available on the dark webInfosecurity Magazine
January 7, 2021
Git Repository Misconfiguration Leads to Nissan Source Code Leak Full Text
Abstract
The Git server, a Bitbucket instance, was taken offline yesterday after the data started circulating on Monday in the form of torrent links shared on Telegram channels and hacking forums.ZDNet
January 6, 2021
Aurora Cannabis breach exposes personal data of former, current workers Full Text
Abstract
A data breach at Aurora Cannabis has exposed the personal information of an unknown number of the Canadian company’s current and former employees, Marijuana Business Daily has learned.Marijuana Business Daily
January 05, 2021
Vodafone’s ho. Mobile admits data breach, 2.5m users impacted Full Text
Abstract
Vodafone Group's low-cost operator ho. Mobile announced that hackers stole part of its customer database thus obtaining personal user information and SIM technical data.BleepingComputer
January 5, 2021
Over 200 Million+ Chinese Citizens Records for Sale on the Darkweb Full Text
Abstract
The cybersecurity researchers has discovered in daily routine monitoring that several posts are specifically being sold by hackers on the Dark web....Cyber Security News
January 5, 2021
Amazon, Swiggy’s payment processor Juspay hit by data breach Full Text
Abstract
Payment services provider Juspay, which processes transactions for online giants like Amazon, Swiggy, and other companies, on Monday admitted to a data breach that took place in August 2020.The Times Of India
January 5, 2021
Data from August Breach of Amazon Partner Juspay Dumped Online Full Text
Abstract
Researcher discovered info of 35 million credit-card users from an attack on the Indian startup, which handles payments for numerous online marketplaces.Threatpost
January 5, 2021
Over 500,000 credentials for tens of gaming firm available in the Dark Web Full Text
Abstract
The gaming industry under attack, Over 500,000 credentials for the top two dozen leading gaming firms, including Ubisoft, leaked on online. The gaming industry is a privileged target for threat actors, threat actors leaked online over 500,000 stolen...Security Affairs
January 05, 2021
Indian government sites leaking patient COVID-19 test results Full Text
Abstract
Multiple Indian government department websites are leaking COVID-19 lab test results for patients online. These reports uploaded by testing labs across the country as part of the national 'test, trace, isolate' efforts, expose patient's details, test site location, COVID-19 test results, dates, and the healthcare provider's info.BleepingComputer
January 4, 2021
T-Mobile Faces Yet Another Data Breach Full Text
Abstract
The cyberattack incident is the wireless carrier’s fourth in three years.Threatpost
January 4, 2021
One Million Compromised Accounts Found at Top Gaming Firms Full Text
Abstract
Kela researchers also discover 500,000 breached employee credentialsInfosecurity Magazine
January 4, 2021
Over 200 million records of Chinese Citizens for Sale on the Darkweb Full Text
Abstract
During a routine Dark web monitoring, the Research team at Cyble found multiple posts where threat actors are offering for sale alleged data leaks related to Chinese citizens.Security Affairs
December 31, 2020
Non-profit founded by Gates Foundation suffers massive exposure of student records Full Text
Abstract
An exposed AWS bucket left hundreds of thousands of student-related records exposed to the internet, but officials from the non-profit say most of the data was old and obsolete.SCMagazine
December 31, 2020
T-Mobile Data Breach – Phone numbers & Call Records Exposed Full Text
Abstract
United States telecommunications giant T-Mobile has unveiled that the personal data of its employees and customers have been hacked. This is the...Cyber Security News
December 31, 2020
Bill & Melinda Gates Foundation’s Charity GetSchooled Leaks Info of 930,000 Children, Teens, and Young Adults Full Text
Abstract
This breach occurred when GetSchooled, a charity founded by the Bill & Melinda Gates Foundation in collaboration with Viacom, left a database open to anyone with a browser and internet connection.welpmagazine
December 30, 2020
T-Mobile data breach: CPNI (Customer Proprietary Network Information) exposed Full Text
Abstract
T-Mobile has disclosed a data breach that exposed customers' network information (CPNI), including phone numbers and calls records. T-Mobile has disclosed a data breach exposing customers' account's information. The T-Mobile security staff discovered...Security Affairs
December 30, 2020
T-Mobile data breach exposed phone numbers, call records Full Text
Abstract
T-Mobile has announced a data breach exposing customers' proprietary network information (CPNI), including phone numbers and call records.BleepingComputer
December 30, 2020
Treasure Valley Community College Notifies Consumers of Data Security Incident Full Text
Abstract
The college has become aware of a data security incident that may have involved the personal information of certain community members. It is offering complimentary credit monitoring services to them.PR Newswire
December 30, 2020
Kawasaki Security Breach – Unauthorized Access to a Server from an Overseas Location Full Text
Abstract
Kawasaki Heavy Industries, Ltd. is a Japanese public multinational corporation primarily known as a manufacturer of motorcycles, engines, heavy equipment, aerospace and...Cyber Security News
December 29, 2020
Kawasaki Heavy Industries, a partner of defense companies and agencies, reports breach Full Text
Abstract
Of particular concern among some cybersecurity experts is the fact that the company took several months to report to the incidents, which stemmed from unauthorized access to servers from overseas offices.SCMagazine
December 29, 2020
Voyager cryptocurrency broker halted trading due to cyberattack Full Text
Abstract
The Voyager cryptocurrency brokerage platform halted trading yesterday after suffering a cyberattack targeting their DNS configuration.BleepingComputer
December 29, 2020
Japanese Kawasaki Heavy Industries discloses security breach Full Text
Abstract
Japanese giant Kawasaki Heavy Industries discovered unauthorized access to a Japanese company server from multiple overseas offices. Kawasaki Heavy Industries disclosed a security breach, the company discovered unauthorized access to a Japanese company...Security Affairs
December 29, 2020
Kawasaki discloses security breach, potential data leak Full Text
Abstract
Japan's Kawasaki Heavy Industries announced a security breach and potential data leak after unauthorized access to a Japanese company server from multiple overseas offices.BleepingComputer
December 29, 2020
Update: Kawasaki Heavy hack may have targeted defense-linked information Full Text
Abstract
Kawasaki Heavy said it found fraudulent server access via a company base in Thailand during a system audit on June 11 this year, and confirmed the possibility of a data breach.The Japan Times
December 28, 2020
In wake of SolarWinds and Vietnam, more supply chain attacks expected 2021 Full Text
Abstract
Research from ESET of a supply chain attack in Vietnam in which digital certificates were compromised set off continued discussions in the industry about the nature of recent supply chain attacks, and how security teams can most effectively prepare and respond.SCMagazine
December 28, 2020
Finland confirms that hackers breached MPs’ emails accounts Full Text
Abstract
The Parliament of Finland confirmed that threat actors had access to email accounts of multiple members of parliament (MPs). "Parliament of Finland has been subjected to a cyberattack in the fall of 2020. The attack was discovered by parliament...Security Affairs
December 28, 2020
Neopets Is Still A Thing And Its Exposing Sensitive Data Full Text
Abstract
Neopets, a website that allows children to care for “virtual pets,” exposed a wide range of sensitive data online including credentials for company databases, employee emails, and code repositories.The Security Ledger
December 28, 2020
E-commerce app 21 Buttons exposes millions of users’ data Full Text
Abstract
Researchers discovered that the popular e-commerce app 21 Buttons was exposing private data for 100s of influencers across Europe. Researchers from cybersecurity firm vpnMentor discovered that the e-commerce app 21 Buttons was exposing private...Security Affairs
December 26, 2020
Koei Tecmo discloses data breach after hacker leaks stolen data Full Text
Abstract
Japanese game developer Koei Tecmo has disclosed a data breach and taken their European and American websites offline after stolen data was posted to a hacker forum.BleepingComputer
December 26, 2020
Russian crypto-exchange Livecoin hacked after it lost control of its servers Full Text
Abstract
Russian cryptocurrency exchange Livecoin posted on message on its official website on Christmas Eve claiming it was hacked and lost control of some of its servers, warning customers to stop using its services.ZDNet
December 25, 2020
CrowdStrike releases free Azure tool to review assigned privileges Full Text
Abstract
CrowdStrike released a free Azure security tool after it was notified by Microsoft of a failed attack leveraging compromised Azure credentials. While investigating the impact of the recent SolarWind hack, on December 15th Microsoft reported to CrowdStrike...Security Affairs
December 25, 2020
CrowdStrike releases free Azure security tool after failed hack Full Text
Abstract
Leading cybersecurity firm CrowdStrike was notified by Microsoft that threat actors had attempted to read the company's emails through compromised by Microsoft Azure credentials.BleepingComputer
December 25, 2020
The Russian cryptocurrency exchange Livecoin hacked on Christmas Eve Full Text
Abstract
Russian cryptocurrency exchange Livecoin was compromised on Christmas Eve, hackers breached its network and gained control of some of its servers. The Russian cryptocurrency exchange was hacked on Christmas Eve, it published a message on its website...Security Affairs
December 25, 2020
Data breach discovered in Jerusalem Municipality website Full Text
Abstract
The discovery of the breach comes after a string of cyberattacks targeted companies in Israel. Earlier this month, sensitive data of Israeli citizens was leaked and sold after the Shirbit insurance company was targeted in a ransomware attack.The Jerusalem Post
December 25, 2020
CrowdStrike Reveals That Suspected Russian Hackers Made Failed Attempt to Breach It Full Text
Abstract
Microsoft identified a reseller’s Microsoft Azure account used for managing CrowdStrike’s Microsoft Office licenses making abnormal calls to Microsoft cloud APIs during a 17-hour period several months ago.Crowdstrike
December 24, 2020
NetGalley discloses data breach after website was hacked Full Text
Abstract
The NetGalley book promotion site has suffered a data breach that allowed threat actors to access a database with members' personal information.BleepingComputer
December 24, 2020
Fashion Marketplace 21 Buttons Exposes Millions of Users’ Data Full Text
Abstract
As discovered by vpnMentor on 2 November 2020 in a research report led by Noam Rotem, it was found that it exposed the data of hundreds of influencers due to an AWS bucket being misconfigured.Hackread
December 24, 2020
Misconfigured AWS Bucket Exposes Hundreds of Social Influencers Full Text
Abstract
Victims could be targeted by stalkers and fraudstersInfosecurity Magazine
December 23, 2020
Cyber-Attack on European Court of Human Rights Full Text
Abstract
Europe’s human rights court hit by cyber-criminals after calling for release of Turkish political leaderInfosecurity Magazine
December 23, 2020
European medicines regulator says cyberattack limited to one IT application Full Text
Abstract
Data related to COVID-19 medicines and vaccines was the target of a cyberattack earlier this month, and the hackers accessed documents belonging to third parties, the regulator said.Reuters
December 23, 2020
Leaky Server Exposes 12 Million Medical Records to Meow Attacker Full Text
Abstract
Extortion and fraud risks persist for tens of thousands of patientsInfosecurity Magazine
December 22, 2020
Researchers shared the lists of victims of SolarWinds hack Full Text
Abstract
Security experts shared lists of organizations that were infected with the SolarWinds Sunburst backdoor after decoding the DGA mechanism. Security experts started analyzing the DGA mechanism used by threat actors behind the SolarWinds hack to control...Security Affairs
December 22, 2020
Roanoke College delays spring semester after cyberattack Full Text
Abstract
Roanoke College has delayed their spring semester by almost a month after a cyberattack has impacted files and data access.BleepingComputer
December 22, 2020
SolarWinds hackers breached US Treasury officials’ email accounts Full Text
Abstract
US Senator Ron Wyden said that dozens of US Treasury email accounts were compromised by the threat actors behind the SolarWinds hack.BleepingComputer
December 22, 2020
Workplace Pension Provider ‘NOW: Pensions’ Informs 1.7 Million Customers of Data Leakage Incident Full Text
Abstract
Workplace pension provider NOW: Pensions has emailed 1.7 million UK customers to warn about a data leakage caused by contractor error involving the posting of user data to a "public software forum".The Register
December 22, 2020
TennCare announces privacy breach impacting 3,300 members Full Text
Abstract
TennCare, Gainwell Technologies LLC, and Axis Direct, Inc. announced a privacy breach impacting the health information of around 3,300 Tennessee Medicaid members in a joint statement on Monday.WKRN
December 22, 2020
SolarWinds victims revealed after cracking the Sunburst malware DGA Full Text
Abstract
Security researchers have shared lists of organizations where threat actors deployed Sunburst/Solarigate malware, after ongoing investigations of the SolarWinds supply chain attack.BleepingComputer
December 22, 2020
Ministry of Justice Suffers 17 Serious Data Breaches Last Year Full Text
Abstract
The breaches affected 121,355 peopleInfosecurity Magazine
December 22, 2020
Huntsville City Schools warns about personal information possibly compromised in cyber attack Full Text
Abstract
The impacted information includes State Student Identification numbers and social security numbers of employees from 2013, 2016, and 2020, along with email addresses of parents this year.WAAY TV
December 22, 2020
Reflections on the SolarWinds Breach Full Text
Abstract
The timeline of the breach is still unfolding, but it is not too early to offer a number of high-level observations and predictions.Lawfare
December 22, 2020
Stealthy Magecart Attack Accidentally Leaks the List of Infected Stores Full Text
Abstract
Recently, Sansec has found a clever remote access trojan (RAT), that has been sneaking in the lanes of hacked eCommerce servers. According...Cyber Security News
December 22, 2020
Cisco, SAP, Intel, Nvidia, and Many Others Named in List of Organizations Infected by Sunburst Malware Full Text
Abstract
The biggest names on this list include Cisco, SAP, Intel, Cox Communications, Deloitte, Nvidia, Fujitsu, Belkin, Amerisafe, Lukoil, Rakuten, Check Point, Optimizely, Digital Reach, and Digital Sense.ZDNet
December 22, 2020
VMware and Cisco also impacted by the SolarWinds hack Full Text
Abstract
The IT giants VMware and Cisco revealed they were impacted by the recently disclosed SolarWinds supply chain attack. VMware and Cisco confirmed to have been both impacted by the recent SolarWinds hack. A recent advisory published by the NSA is warning...Security Affairs
December 21, 2020
EXMO cryptocurrency exchange hacked, loses 5% of total assets Full Text
Abstract
British cryptocurrency exchange EXMO has disclosed that unknown attackers withdrew almost 5% of its total assets after compromising its hot wallets.BleepingComputer
December 21, 2020
Hacker Dumps Crypto Wallet Customer Data; Active Attacks Follow Full Text
Abstract
Customer data from a June attack against cryptocurrency wallet firm Ledger is now public and actively being used in attacks.Threatpost
December 21, 2020
VMware latest to confirm breach in SolarWinds hacking campaign Full Text
Abstract
VMware is the latest company to confirm that it had its systems breached in the recent SolarWinds attacks and said that the hackers did not make any attempts of further exploitation after gaining access through the deployed backdoor.BleepingComputer
December 21, 2020
Unsecured Cloud Storage Server Exposed 587,000 Confidential Files From Probase’s CRM Customers Full Text
Abstract
The blob containing 587,000 customer files was operated by Surrey-based app developer Probase, and appeared to be in the public cloud underpinning one of its CRM products.The Register
December 21, 2020
India: Telangana Government Exposed Sensitive Data of Its Employees, Pensioners Full Text
Abstract
The CERT-In confirmed the vulnerability and replied on email in September to say that the authorities had been intimated about the issue, and Telangana IT Secretary Jayesh Ranjan assured a fix.NDTV
December 21, 2020
Ledger data breach: Hacker leaks stolen database on hacker forum Full Text
Abstract
Ledger was quick to acknowledge the breach revealing that the stolen data contained email addresses full names, postal addresses, phone numbers, and details related to products ordered by customers.Hackread
December 21, 2020
Physical addresses of 270K Ledger owners leaked on hacker forum Full Text
Abstract
A threat actor has leaked the stolen email and mailing addresses for Ledger cryptocurrency wallet users on a hacker forum for free.BleepingComputer
December 20, 2020
SolarWinds hackers broke into U.S. cable firm and Arizona county, web records show Full Text
Abstract
Suspected Russian hackers accessed the systems of a U.S. internet provider and a county government in Arizona as part of a sprawling cyber-espionage campaign disclosed this week, according to an analysis of publicly-available web records.Reuters
December 19, 2020
NATO is checking its systems to determine the impact of SolarWinds hack Full Text
Abstract
NATO announced it is assessing its systems after the SolarWinds supply chain attack that impacted multiple US government agencies. NATO announced it is checking its systems after the SolarWinds supply chain attack to determine if they were infected...Security Affairs
December 19, 2020
Cyber Thieves Attack Renewable Energy Supplier to Steal Personal Info of 250,000 Customers Full Text
Abstract
UK-based renewable energy supplier People’s Energy has disclosed that cybercriminals accessed the personal details of its entire 250,000 customer database in a data breach.Bit Defender
December 18, 2020
‘Very, very large’ telecom organization and Fortune 500 company breached in SolarWinds hack Full Text
Abstract
Noteworthy is the combination of the targets, which adds up to what one researcher described as attacks against the backbone of the nation’s critical infrastructure.SCMagazine
December 18, 2020
Sunburst’s C2 Secrets Reveal Second-Stage SolarWinds Victims Full Text
Abstract
Examining the backdoor’s DNS communications led researchers to find a government agency and a big U.S. telco that were flagged for further exploitation in the spy campaign.Threatpost
December 18, 2020
People’s Energy data breach affects all 270,000 customers Full Text
Abstract
Data stolen included names, addresses, dates of birth, phone numbers, tariff and energy meter IDs, she said. Additionally, the financial data of 15 small-business customers was also accessed.BBC
December 18, 2020
Microsoft identifies 40+ victims of SolarWinds hack, 80% from US Full Text
Abstract
Microsoft said that over 40 of its customers had their networks infiltrated by hackers following the SolarWinds supply chain attack after they installed backdoored versions of the Orion IT monitoring platform.BleepingComputer
December 18, 2020
Microsoft says systems were exposed in massive SolarWinds hack Full Text
Abstract
Microsoft’s systems were exposed as part of the suspected Russian cybersecurity hack that targeted SolarWinds and hit multiple government agencies, people familiar with the matter told Reuters.The Hill
December 18, 2020
UK Energy Firm Suffers Data Breach Impacting Entire Customer Database Full Text
Abstract
Customers have been contacted following the incidentInfosecurity Magazine
December 18, 2020
Microsoft confirms breach in SolarWinds hack, but denies its clients were affected Full Text
Abstract
Microsoft confirms that it was also breached in the SolarWinds supply chain hack, but excluded that the attack impacted its customers. Microsoft has confirmed that it was one of the companies breached in the recent SolarWinds supply chain attack,...Security Affairs
December 18, 2020
Microsoft says it identified 40+ victims of the SolarWinds hack Full Text
Abstract
It is now in the process of notifying all the impacted organizations, 80% of which are located in the US, with the rest spread across Canada, Mexico, Belgium, Spain, the UK, Israel, and the UAE.ZDNet
December 18, 2020
Microsoft and 40+ Customers Hit in Russian Espionage Attack Full Text
Abstract
Tech firms, not governments, form the largest group of victimsInfosecurity Magazine
December 17, 2020
Microsoft Says Its Systems Were Also Breached in Massive SolarWinds Hack Full Text
Abstract
The massive state-sponsored espionage campaign that compromised software maker SolarWinds also targeted Microsoft, as the unfolding investigation into the hacking spree reveals the incident may have been far more wider in scope, sophistication, and impact than previously thought. News of Microsoft's compromise was first reported by Reuters , which also said the company's own products were then used to strike other victims by leveraging its cloud offerings, citing people familiar with the matter. The Windows maker, however, denied the threat actor had infiltrated its production systems to stage further attacks against its customers. In a statement to The Hacker News via email, the company said — "Like other SolarWinds customers, we have been actively looking for indicators of this actor and can confirm that we detected malicious SolarWinds binaries in our environment, which we isolated and removed. We have not found evidence of access to production services or customThe Hacker News
December 17, 2020
Nation-state hackers breached US think tank thrice in a row Full Text
Abstract
An advanced hacking group believed to be working for the Russian government has compromised the internal network of a think tank in the U.S. three times.BleepingComputer
December 17, 2020
Digging the recently leaked Chinese Communist Party database Full Text
Abstract
Experts determined that the database also includes information of CCP members who worked at foreign consulates in Shanghai, as well as at the Chinese branches of different international firms.Security Affairs
December 17, 2020
Software Supply-Chain Attack Hits Vietnam Government Certification Authority Full Text
Abstract
Cybersecurity researchers today disclosed a new supply-chain attack targeting the Vietnam Government Certification Authority (VGCA) that compromised the agency's digital signature toolkit to install a backdoor on victim systems. Uncovered by Slovak internet security company ESET early this month, the "SignSight" attack involved modifying software installers hosted on the CA's website ("ca.gov.vn") to insert a spyware tool called PhantomNet or Smanager. According to ESET's telemetry, the breach happened from at least July 23 to August 16, 2020, with the two installers in question — "gca01-client-v2-x32-8.3.msi" and "gca01-client-v2-x64-8.3.msi" for 32-bit and 64-bit Windows systems — tampered to include the backdoor. After the attack was reported to VGCA, the certificate authority confirmed that "they were aware of the attack before our notification and that they notified the users who downloaded the trojanized softwarThe Hacker News
December 17, 2020
Digging the recently leaked Chinese Communist Party database Full Text
Abstract
KELA researchers analyzed a database recently leaked online that contains data for 1.9 million Chinese Communist Party members in Shanghai. After the announcement of the leak of the database which contains the personal information of 1.9 million Chinese...Security Affairs
December 16, 2020
45 million medical imaging files exposed online Full Text
Abstract
The researchers found that openly available medical images – including up to 200 lines of metadata per record – could be accessed without the need for a user name or password.SCMagazine
December 16, 2020
New Evidence Suggests SolarWinds’ Codebase Was Hacked to Inject Backdoor Full Text
Abstract
The investigation into how the attackers managed to compromise SolarWinds' internal network and poison the company's software updates are still underway, but we may one step close to understanding what appears to be a very meticulously planned and highly-sophisticated supply chain attack. A new report published by ReversingLabs today and shared in advance with The Hacker News has revealed that the operators behind the espionage campaign likely managed to compromise the software build and code signing infrastructure of SolarWinds Orion platform as early as October 2019 to deliver the malicious backdoor through its software release process. "The source code of the affected library was directly modified to include malicious backdoor code, which was compiled, signed, and delivered through the existing software patch release management system," ReversingLabs' Tomislav Pericin said. Cybersecurity firm FireEye earlier this week detailed how multiple SolarWindsThe Hacker News
December 16, 2020
The SolarWinds Perfect Storm: Default Password, Access Sales and More Full Text
Abstract
Meanwhile, Microsoft and other vendors are quickly moving to block the Sunburst backdoor used in the attack.Threatpost
December 16, 2020
Lithuania Suffers “Most Complex” Cyber-attack in Years Full Text
Abstract
Cyber-attack during government’s transition is the most complex to hit Lithuania in yearsInfosecurity Magazine
December 16, 2020
SolarWinds’ FTP password was apparently ‘leaked on GitHub in plaintext’ Full Text
Abstract
Vinoth Kumar, a security researcher, claimed on Tuesday he had made such a report to SolarWinds last November, warning that it could be used to upload files to the server.The Register
December 15, 2020
California Hospital Notifies 67k Patients of Data Breach Full Text
Abstract
October cyber-attack may have exposed data belonging to 67k patients of Sonoma Valley HospitalInfosecurity Magazine
December 15, 2020
Indian defense tech service provider gets hacked, the company claims major loss Full Text
Abstract
Critical and classified data of a Noida-based private company, providing technology solutions to Indian defense forces, has been allegedly hacked, leading to the theft of confidential information.The Times Of India
December 15, 2020
Millions of Medical Imaging Files Freely Accessible on Unprotected Servers Full Text
Abstract
Sensitive medical images including X-rays and CT scans are readily availableInfosecurity Magazine
December 15, 2020
Over 2,000 Unsecured Servers Containing Millions of Medical Records Found Online Full Text
Abstract
Two thousand servers containing 45 million images of X-rays and other medical scans were left online during the course of the past twelve months, freely accessible by anyone.The Register
December 15, 2020
Global security teams assess impact of suspected Russian cyber attack Full Text
Abstract
Global security teams moved on Monday to contain fallout of a widespread cyberattack by suspected Russian hackers, who have been able to spy on the customers of SolarWinds for more than eight months.Reuters
December 15, 2020
Spotify Resets Passwords After Leaking User Data to Partners Full Text
Abstract
Breach went undetected for seven monthsInfosecurity Magazine
December 15, 2020
SolarWinds: Our Office 365 Emails Were Compromised Full Text
Abstract
Company also reveals fewer than 18,000 customers affected by nation state attackInfosecurity Magazine
December 15, 2020
Data Trove Containing Details of 1.9 Million Members of Chinese Communist Party Leaked on Hacking Forum Full Text
Abstract
During routine Dark web monitoring, the experts from Cyble found a post on a Russian-speaking forum offering the details of 1.9 million members of the Chinese Communist Party.Security Affairs
December 15, 2020
SolarWinds, in SEC Filings, Says 18,000 Customers Were Impacted by Recent Hack Full Text
Abstract
SolarWinds disclosed on Sunday that a nation-state hacker group breached its network and inserted malware in updates for Orion, a software application for IT inventory management and monitoring.ZDNet
December 15, 2020
Nearly 18,000 SolarWinds Customers Installed Backdoored Software Full Text
Abstract
SolarWinds, the enterprise monitoring software provider who found itself at the epicenter of the most consequential supply chain attacks , said as many as 18,000 of its high-profile customers might have installed a tainted version of its Orion products. The acknowledgment comes as part of a new filing made by the company to the US Securities and Exchange Commission on Monday. The Texas-based company serves more than 300,000 customers worldwide, including every branch of the US military and four-fifths of the Fortune 500 companies. The "incident was likely the result of a highly sophisticated, targeted and manual supply chain attack by an outside nation state," SolarWinds said in the regulatory disclosure , adding it "currently believes the actual number of customers that may have had an installation of the Orion products that contained this vulnerability to be fewer than 18,000." The company also reiterated in its security advisory that besides 2019.4 HF 5The Hacker News
December 15, 2020
Threat Advisory: SolarWinds supply chain attack Full Text
Abstract
The adversaries leverage administrative privileges obtained during the on-premise compromise to access the victim's global administrator account and/or trusted SAML token-signing certificate.Talos
December 15, 2020
PgMiner Botnet Attacks PostgreSQL Databases to Install a Cryptocurrency Miner Full Text
Abstract
The security researchers of Palo Alto Networks have detected a unique Linux-based cryptocurrency mining botnet. This botnet exploits a disputed PostgreSQL remote...Cyber Security News
December 14, 2020
SolarWinds Supply Chain Attack Compromised Multiple Global Victims With SUNBURST Backdoor Full Text
Abstract
The attacker’s post-compromise activity leverages multiple techniques to evade detection and obscure their activity, but these efforts also offer some opportunities for detection.FireEye
December 14, 2020
US govt, FireEye breached after SolarWinds supply-chain attack Full Text
Abstract
Trojanized versions of SolarWinds' Orion IT monitoring and management software have been used in a supply chain attack leading to the breach of government and high-profile companies after attackers deployed a backdoor dubbed SUNBURST or Solorigate.BleepingComputer
December 14, 2020
Spotify notifies customers of breach, files under CCPA Full Text
Abstract
Streaming service Spotify has notified an unspecified number of its customers of a data breach, responding by resetting passwords on the accounts that were attacked. The company filed the breach under California’s new privacy law, the California Consumer Privacy Act, which went into effect on Jan. 1. While the notice did not specify the precise…SCMagazine
December 14, 2020
Spotify Changes Passwords After Another Data Breach Full Text
Abstract
This is the third breach in the past few weeks for the world’s most popular streaming service.Threatpost