Items tagged with breach

When it comes to security breaches, traditionally we expect that it is a company with poor security practices or simply struggling to keep up in the never-ending onslaught of threats online. However, the latest breach suffered by Microsoft changes that narrative significantly, indicating that, realistically, anyone... Read more...
Yesterday, T-Mobile, one of the big three mobile internet service providers in the US, announced that it recently fell victim to a data breach. The company disclosed this information in both a news release and a filing with the Securities and Exchange Commission (SEC). However, the news release skips over important... Read more...
If you have a Chick-fil-A account and notice suspicious activity or unapproved purchases, take action now, because with the fast food chain has been hacked, affecting an unknown number of user accounts. As early as the beginning of January, there have been Reddit posts stating that their Chick-fil-A accounts have... Read more...
This week, Lake Charles Memorial Health System (LCMHS) in Louisiana published a notice informing its patients of a cybersecurity incident that occurred back in October of this year. According to the notice, threat actors gained unauthorized access to the healthcare system’s internal network between October 20 and 21... Read more...
See Tickets, an online event ticket vendor that services both Europe and North America, has disclosed a major data breach affecting its payment processing portals. While the data breach notice is light on details, See Tickets customers should know that their payment information, including credit card credential, may... Read more...
Advocate Aurora Health (AAH), a healthcare provider with locations in Illinois and Wisconsin, has published a data breach notice to its website. However, rather than being the victim of a ransomware attack or some other form of unauthorized access, AAH has instead attributed the incident to a bit of JavaScript... Read more...
On October 10, less than a month after Australia was hit by its largest ever data breach, the Australian online retail store MyDeal was struck by a data breach. According to Woolworths Group, which recently acquired the online retailer, an unknown actor used a set of compromised employee credentials to access MyDeal’s... Read more...
Toyota, the world’s largest car company, recently discovered that an access key for one of its data servers has been publicly available on GitHub for almost five years, exposing the data on this server to potential unauthorized third party access. The data server in question stores information related to subscribers... Read more...
Last Thursday, one of Australia’s biggest telecommunications and broadband providers, Optus, disclosed a cyberattack that compromised customer data. While the data breach took place a week ago, the story continues to develop. As it currently stands, a threat actor accessed the personal information of as many as 11.2... Read more...
Yesterday evening, iPhone users may have been surprised to see multiple push notifications from Apple News containing a racist slur and other obscene language. The notifications were triggered by Fast Company’s Apple News account, prompting Apple News to disable the publication’s news channel. As it turns out, a... Read more...
Last week, a massive security breach rocked Uber, with a teenage hacker claiming credit for the incident. Then, over the weekend, someone claiming to be this same hacker leaked Grand Theft Auto (GTA) 6 gameplay footage on the GTA forums. The developer of the GTA series, Rockstar Games, later confirmed the authenticity... Read more...
The popular rideshare company Uber announced last evening that it was responding to a cybersecurity incident but didn’t provide any further details other than to say that the company was in contact with law enforcement. However, it didn’t take long for information regarding the incident to leak. An unknown threat... Read more...
Last week, Microsoft revealed a vulnerability in the TikTok Android app that threat actors potentially could have exploited to hijack TikTok user accounts with a single click. Fortunately, TikTok patched the vulnerability earlier this year before its disclosure. However, shortly after Microsoft publicly disclosed the... Read more...
The password manager LastPass has published a blog post notifying users of a recent data breach. According to the CEO, Karim Toubba, the breach affected parts of the company’s development environment but did not touch any databases containing user data or passwords. Rather than stealing user information, it seems that... Read more...
Plex, a company that provides media streaming solutions, sent out emails early this morning informing users of a data breach. According to the notice, Plex launched an investigation yesterday after discovering suspicious activity on one of its databases. The investigation revealed that a third-party actor managed to... Read more...
If we’ve learned anything from reporting on phishing attacks, it’s that no company, organization, or institution is immune from becoming the victim of one. Even the US Department of Defense recently fell victim to a $23.5 million phishing scam. If anything, larger organizations simply make for larger and more... Read more...
Last year, a hacker who goes by the name “pompompurin” managed to breach a Federal Bureau of Investigation (FBI) web portal and send out thousands of hoax emails from an official FBI email address. Just a couple weeks prior, pompompurin gained unauthorized access to the internal network of the stock trading app... Read more...
Last month, a ransomware gang known as ALPHV struck The Allison Inn & Spa, stealing employee and customer data. ALPHV then published this information to the open web, where it could be indexed by search engines and viewed without the use of the Tor network. While the website that presented the data for download wasn’t... Read more...
Earlier this year, multiple US law enforcement agencies completed a joint operation with authorities from the United Kingdom, Europol, Portugal, Germany, Sweden, and Romania. This coordinated police action, dubbed Operation TOURNIQUET, culminated in the seizure of the RaidForums domain names, as well as the arrest of... Read more...
A cybersecurity report published last month revealed the passwords most commonly used by business owners and executives, and topping this list were “123456” and “password.” The commonality of such remarkably weak passwords among not just ordinary users, but high-ranking executives of large corporations is almost... Read more...
Cybercriminals can steal credit card credentials using a number of different methods, including phishing attacks, other form of social engineering, skimming, and data breaches. Stolen credit card credentials often don’t remain with the original thief, but instead end up being sold on an online marketplace. There are... Read more...
Three years ago, Capital One Financial Corporation suffered a massive data breach that exposed customers’ personal information. Rather than being the victim of social engineering or a ransomware attack, it turned out that Capital One had misconfigured its web application, leaving its system vulnerable to a breach. The... Read more...
1 2 3 4 Next