Three years ago, Capital One Financial Corporation suffered a massive data breach that exposed customers’ personal information. Rather than being the victim of social engineering or a ransomware attack, it turned out that Capital One had misconfigured its web application, leaving its system vulnerable to a breach. The...Read more...
Yesterday, we reported on a data breach at Shields Health Care Group that resulted in the theft of personal information belong to 2 million Americans. Oftentimes, data stolen in breaches like this end up on online forums or marketplaces where cybercriminals buy and sell these ill-gotten gains. Lately, US law...Read more...
Personal information is also valuable information, as personal data in the wrong hands can empower cybercriminals to commit identity theft and fraud. However, even those who take important steps to secure their personal information can have it exposed when an employer, health care provider, government agency, or other...Read more...
The beginning of the year saw a flurry of stories about security breaches as the cybercriminal gang known as LAPSUS$ stole data from an alarming number of big name companies in a short period of time. However, while LAPSUS$ is no longer in operation, after the London police arrested all seven members of the group...Read more...
Yesterday, we reported on Operation TOURNIQUET, a year-long coordinated effort by law enforcement agencies from seven different countries that culminated in the seizure of the hacking site RaidForums and the arrest of its founder and administrator, Diogo Santos Coelho. RaidForums functioned as the hub for the trade of...Read more...
It’s likely that some of your information has appeared on RaidForums at some point during the site’s seven year run. RaidForums was a popular hacking site where users shared data collected from breaches, leaks, and scrapes. According to the US Department of Justice, the databases on offer on RaidForums contained...Read more...
T-Mobile is now investigating a massive customer data breach claim that could affect up to 100 million users. The leak, which appeared on a leak and database selling forums on Saturday, claimed to have 30 million unique social security numbers and driver's license information.
In the samples provided, it also...Read more...
Hackers and threat actors are constantly searching for new ways to breach systems for cybersecurity research or exploitation, respectively. Thankfully, French researcher Gilles Lionel got to an NTLM Relay Attack, dubbed PetitPotam, first. Now, Microsoft has released a mitigation technique that IT admins should...Read more...
Earlier in the week, hackers gained access to over 150,000 Verkada customer camera feeds that allowed them to grab screenshots and video clips. This breach happened because of a “Super Admin” account that was able to view any camera feed. Now, former Verkada employees are coming forward to explain that any employee...Read more...
The SolarWinds breach has been pervasive, and the world is still reeling from the effects. We have heard that hackers accessed data from Microsoft, U.S Government agencies, and other high-profile companies. Now we're learning about the full scope of the data that was allegedly obtained. A website recently appeared...Read more...
It seems getting hacked has become a near-daily occurrence that people should expect will happen at some point. Yesterday, people reported that Ubiquiti, a major vendor of internet of things (IoT) devices such as routers, security cameras, access points, and more, suffered a breach through a third-party cloud...Read more...
The massive SolarWinds breach that has even ensnared Microsoft still has rippling effects. According to reports, it seems that hackers may have exposed sealed U.S. court documents. Simultaneously, SolarWinds is trying to clean up and close security holes following the attacks that used its software. The company has...Read more...
Over the weekend, it was announced that a nation-state actor had breached SolarWinds’ Orion service as early as Spring of this year. The Orion platform is an all-in-one solution for IT administration and monitoring, among other utilities. It is used by companies and governments worldwide, and it appears that the U.S...Read more...
Another day, another data privacy flub, and this time it's from Google. Google Takeout is a service that allows users to download their data from Google apps as a backup or to use it with another service. That sounds good on the surface until, somehow, Google managed to send backed up videos to unrelated users. Google...Read more...
LabCorp is one of the largest medical laboratory companies in the country. Chances are high that anyone who has had lab tests run at the doctor's office or hospital has used LabCorp at some point. The company had a major security flaw with its website that exposed confidential medical documents, including lab test...Read more...
Microsoft is coming under fire for a breach in customer privacy after it was revealed that the records of 250 million customers were exposed late last year. The data leak was initially reported on by security firm Comparitech, which found the information spread across five Elasticsearch servers.
According to...Read more...
Ring has faced challenges of late with hackers taking over accounts, among other things. Ring responded earlier this week to questions that five senators had sent to the company in the form of a letter about measures that it is taking to secure its line of video recording devices. The measures the company planned to...Read more...
Wyze learned on December 26 that it had suffered a major data breach that leaked some user data. The amount of data that was allegedly leaked was concerning for users, with reports suggesting that details on over 2 million accounts were accessible. Wyze says that it moved to lock down the database that was allegedly...Read more...
The log-in credentials for 3,672 Ring camera owners have been leaked this week in a security breach. The leak exposed log-in emails, passwords, time zones, and the names people gave to their Ring cameras. Often those names are specific to where the camera is located, such as "bedroom" and "front door."
Using the...Read more...
Even though Newegg is one of the most popular destinations for enthusiasts looking to score the latest and greatest hardware for the gaming rigs, the retail giant is not immune to the nefarious actions of the hacker community. To that end, Newegg's website was hacked, and the parties responsible were able to inject 15...Read more...
Last year, a hacker group was able to penetrate credit reporting agency Equifax and make off with information, including the social security numbers, of 143 million Americans. Only a few days after the hack, a ransom demand for the return of the information was made to the tune of $2.6 million in bitcoin via the dark...Read more...
OnePlus is currently in the midst of investigating a credit card payment processing breach on its website, and we're now learning the full scope of the vulnerability. As promised, and adhering to its commitment to providing full disclose, OnePlus says that anyone that entered their credit card details (card numbers...Read more...