Items tagged with breach
T-Mobile is now investigating a massive customer data breach claim that could affect up to 100 million users. The leak, which appeared on a leak and database selling forums on Saturday, claimed to have 30 million unique social security numbers and driver's license information. In the samples provided, it also appears that birthdates, phone numbers, state, and zip codes are included. The asking price for these records began at a whopping 6 Bitcoin (~$277K), but has since dropped to only $200 for everything. After the data was checked, Vice reached out to the alleged data thief, who explained that the data was "T-Mobile USA. Full customer info." It was also mentioned that the remaining 70...
Read more...
Hackers and threat actors are constantly searching for new ways to breach systems for cybersecurity research or exploitation, respectively. Thankfully, French researcher Gilles Lionel got to an NTLM Relay Attack, dubbed PetitPotam, first. Now, Microsoft has released a mitigation technique that IT admins should implement to remain secure. Last week, information about PetitPotam was posted to GitHub by French cybersecurity researcher Gilles Lionel. Lionel found that, through a tool he made, it was possible “to coerce Windows hosts to authenticate to other machines via MS-EFSRPC EfsRpcOpenFileRaw function.” In layman’s terms, an attacker could use the program to extract NTLM authentication...
Read more...
Earlier in the week, hackers gained access to over 150,000 Verkada customer camera feeds that allowed them to grab screenshots and video clips. This breach happened because of a “Super Admin” account that was able to view any camera feed. Now, former Verkada employees are coming forward to explain that any employee could view the camera feeds, and security was lackadaisical at best. On Monday, hackers gained access to the “Super Admin” account, which allowed them to view and capture video from schools, hospitals along with companies such as Tesla, Cloudflare, and Verkada itself. Now, three former employees have come forward to explain this “Super Admin” account...
Read more...
The SolarWinds breach has been pervasive, and the world is still reeling from the effects. We have heard that hackers accessed data from Microsoft, U.S Government agencies, and other high-profile companies. Now we're learning about the full scope of the data that was allegedly obtained. A website recently appeared alleging that some of this data is available for sale, including partial Microsoft Windows source code for a whopping $600,000. That is just a bit more expensive than a real Windows license. The hackers, who seem to be operating under the moniker of “SolarLeaks,” describe their escapades as a “recent adventure.” Now, they are selling the spoils of this adventure...
Read more...
It seems getting hacked has become a near-daily occurrence that people should expect will happen at some point. Yesterday, people reported that Ubiquiti, a major vendor of internet of things (IoT) devices such as routers, security cameras, access points, and more, suffered a breach through a third-party cloud provider. The New York City-based company has now urged customers to change their passwords and enable multi-factor authentication as account information and credentials could be at risk. Both in an email and a forum post, Ubiquiti reported that they had “recently became aware of unauthorized access to certain of our information technology systems hosted by a third-party cloud provider.”...
Read more...
The massive SolarWinds breach that has even ensnared Microsoft still has rippling effects. According to reports, it seems that hackers may have exposed sealed U.S. court documents. Simultaneously, SolarWinds is trying to clean up and close security holes following the attacks that used its software. The company has since hired several big names in the security world to help out, such as Chris Krebs, former director of the Cybersecurity and Infrastructure Security Agency (CISA). This week, the Administrative Office of the U.S. Courts reported in a memo that the SolarWinds breach may have “jeopardized the privacy of countless sealed court documents on file with the U.S. federal court system”...
Read more...
Over the weekend, it was announced that a nation-state actor had breached SolarWinds’ Orion service as early as Spring of this year. The Orion platform is an all-in-one solution for IT administration and monitoring, among other utilities. It is used by companies and governments worldwide, and it appears that the U.S government was a target of interest in the attack. According to sources familiar with the situation, the nation-state actors have been monitoring email at the U.S Treasury and Commerce departments, but they may not be the only agency to be breached. The SolarWinds Orion attack is being dubbed as “Sunburst” by security researchers at FireEye, a cybersecurity firm....
Read more...
Another day, another data privacy flub, and this time it's from Google. Google Takeout is a service that allows users to download their data from Google apps as a backup or to use it with another service. That sounds good on the surface until, somehow, Google managed to send backed up videos to unrelated users. Google began warning users of impacted accounts this week. Google is calling sending videos to the wrong person a "technical issue," and the letter sent to users notes that between November 21-25, 2019, anyone who requested a backup could have had videos in Google Photos "incorrectly exported to unrelated users' archives." A letter sent out to some users didn't specify how many videos...
Read more...
LabCorp is one of the largest medical laboratory companies in the country. Chances are high that anyone who has had lab tests run at the doctor's office or hospital has used LabCorp at some point. The company had a major security flaw with its website that exposed confidential medical documents, including lab test results. The breach is reportedly the result of a vulnerability on the LabCorp website that has to do with its internal customer relationship management system. The system was apparently misconfigured, and the website component designed to pull patient files from the back-end was left exposed. The system appeared to be protected with a password. The unprotected web address for the back-end...
Read more...
Microsoft is coming under fire for a breach in customer privacy after it was revealed that the records of 250 million customers were exposed late last year. The data leak was initially reported on by security firm Comparitech, which found the information spread across five Elasticsearch servers. According to Comparitech, all five servers contained identical information from the 250 million customer records. The scope of the data unearthed was vast, covering a time period spanning from 2005 through December 2019. And what's even more unsettling is that this information was publicly indexed, meaning that anyone could access the information. Information that was exposed included customer email addresses,...
Read more...
Ring has faced challenges of late with hackers taking over accounts, among other things. Ring responded earlier this week to questions that five senators had sent to the company in the form of a letter about measures that it is taking to secure its line of video recording devices. The measures the company planned to take weren't good enough for at least one senator. Ring has had several high profile incidents with security, including one where the login credentials of 3,600 Ring Camera owners were leaked. In another incident in December, a hacker took control of a Ring security camera and used it to yell obscenities at an 8-year-old girl in her home. Ring CEO Jamie Siminoff says video of that...
Read more...
Wyze learned on December 26 that it had suffered a major data breach that leaked some user data. The amount of data that was allegedly leaked was concerning for users, with reports suggesting that details on over 2 million accounts were accessible. Wyze says that it moved to lock down the database that was allegedly vulnerable before it had verified that a breach had happened. On December 27th, Wyze verified that a breach had happened. What Wyze says happened was a secondary database had been created to "help manage the extremely fast growth of Wyze." The goal of the new database was to allow a better way to measure business metrics like device activations, failed connection rates, and other...
Read more...
The log-in credentials for 3,672 Ring camera owners have been leaked this week in a security breach. The leak exposed log-in emails, passwords, time zones, and the names people gave to their Ring cameras. Often those names are specific to where the camera is located, such as "bedroom" and "front door." Using the information that was leaked, an intruder could access the Ring customer's home address, telephone number, and payment information. The payment information included the type of credit card, the last four digits, and the security code. The worst thing about this breach is that it gave the intruders access to live camera footage to all cameras associated with the account. It also gave up...
Read more...
Even though Newegg is one of the most popular destinations for enthusiasts looking to score the latest and greatest hardware for the gaming rigs, the retail giant is not immune to the nefarious actions of the hacker community. To that end, Newegg's website was hacked, and the parties responsible were able to inject 15 lines of credit card skimming code into the retailer's payments page. That code hid there, undetected, from August 14 through September 18 meaning if you made a purchase there between those dates, you need to be concerned. News of the attack comes from Yonathan Klijnsma, a threat researcher from RiskIQ. The injected code was able to steal credit card data from customers and sent...
Read more...
Last year, a hacker group was able to penetrate credit reporting agency Equifax and make off with information, including the social security numbers, of 143 million Americans. Only a few days after the hack, a ransom demand for the return of the information was made to the tune of $2.6 million in bitcoin via the dark web. Now it is believed that the hackers are also believed to have made off with other personal data about Americans including tax ID numbers and driver's license details. Other data leaked in the hack that we already knew about included names, birthdates, social security numbers, home addresses and driver's license numbers. Reports are now indicating that the hack exposed more data...
Read more...
OnePlus is currently in the midst of investigating a credit card payment processing breach on its website, and we're now learning the full scope of the vulnerability. As promised, and adhering to its commitment to providing full disclose, OnePlus says that anyone that entered their credit card details (card numbers, expiry dates and security codes) via oneplus.net between mid-November 2017 and January 11, 2018 may have been exposed. According to OnePlus, that means that as many as 40,000 customers are affected and could potentially begin seeing fraudulent charges on their credit cards (if they haven't already, like many other customers). The company is in the process of emailing customer that...
Read more...
Sometimes it feels as though nothing is safe from the prying eyes (and digital crowbars) of dedicated hackers. Single sign-on provider OneLogin has found this out the hard way, as its systems were breached this week, potentially exposing customer data."We detected unauthorized access to OneLogin data in our US data region," OneLogin disclosed in a blog posting this week. "We have since blocked this unauthorized access, reported the matter to law enforcement, and are working with an independent security firm to determine how the unauthorized access happened and verify the extent of the impact of this incident."This initial notice was frustratingly lacking in detail, and customers were left to...
Read more...
We’re used to hearing about civilians having their personal information compromised on a regular basis. However, it should be noted the U.S. military isn’t immune to such tomfoolery, as the Navy announced this week (right before a major holiday for obvious reasons) that “sensitive information” for over 134,000 sailors has been accessed. The failure point in this case was a compromised laptop that belonged to a contractor working for Hewlett Packard Enterprise (HPE). It is unclear at this point how, exactly when or where the laptop was accessed by a third-party. However, the end result is that data on exactly 134,386 sailors — both current and inactive — was compromised, including names and social...
Read more...
"Yahoo" is a positive word, but in relation to the internet giant, it's starting to feel like it could describe some of the company's key management. Yahoo has been dealing with some troubling issues, but most of those issues were self-created, such as failing to disclose a security breach which took place years ago, and building a custom tool for the U.S. government - and the NSA in particular - to scan user emails. Now, it's being reported that Yahoo's tool is in effect a sophisticated "hacking tool", although it's supposedly not that much different from Yahoo's preexisting tools used to seek out malware, child pornography, and spam. "Tool" might be the wrong word, though, as some experts...
Read more...
To call this a stressful time for Yahoo would be an understatement. As the company is in the process of being scooped up by Verizon, it's also dealing with the aftermath of what could become the largest security breach in all of history - at least in terms of users impacted. We reported last week that the company was slapped with a class action suit a mere day after it was discovered that upwards of 500 million user accounts were affected in a security breach. Today, an insider and former Yahoo exec claims that the real number could be double that - cue diabolical pinky finger to mouth: 1 billion (Or perhaps even higher). Yahoo's Marissa Mayer has a tough job on her hands right now This...
Read more...
Yahoo is the latest major US corporation dealing with the fallout of a data breach that happened two years ago. Some might say that Yahoo's heartburn is well-deserved, though, as the company could have handled things better back in the day, which would have led to a better outcome right now. As we covered on Thursday, Yahoo suffered a major breach back in 2014 that resulted in some 500 million user accounts having their information compromised. However, it's only just recently that users have learned of this, so that's the first major criticism of Yahoo but it goes deeper. Yahoo has said that the attack was caused by a "state-sponsored actor", which means the company could have exercised...
Read more...
It seems impossible for the world to go a single week without a major security breach, so to fill the inevitable void this week is a hacker that goes by the name "thedarkoverlord," who claims to be in possession of a staggering 655,000 healthcare records. Of course, he is looking to sell them off. This latest records leak was first reported by Deep Dot Web, which has exclusive images to prove that the leak is real (one can be seen below). These images were not sourced by the website; rather, thedarkoverlord himself provided the images, probably as a way to build up some notoriety, and to flaunt the fact that the records are for sale to those who might be interested. The records the leaker is...
Read more...
