Data Breaches
- How to freeze your credit after a data breachwww.theverge.com How to freeze your credit after a data breach
Keep yourself safe after a data breach.
> Keep yourself safe after a data breach.
Not my usual post, but maybe someone will find it useful.
- Meta fined $101.5M for 2019 breach that exposed hundreds of millions of Facebook passwordstechcrunch.com Meta fined $101.5M for 2019 breach that exposed hundreds of millions of Facebook passwords | TechCrunch
Reset your clocks: Meta has been hit with yet another privacy penalty in Europe. On Friday, Ireland's Data Protection Commission (DPC) announced a
> Reset your clocks: Meta has been hit with yet another privacy penalty in Europe. On Friday, Ireland’s Data Protection Commission (DPC) announced a reprimand and a €91 million fine — around $101.5 million at current exchange rates — after concluding a multiyear investigation into a 2019 security breach by Facebook’s parent company.
- Kia dealer portal flaw could let attackers hack millions of cars
> A group of security researchers discovered critical flaws in Kia's dealer portal that could let hackers locate and steal millions of Kia cars made after 2013 using just the targeted vehicle's license plate.
- UK data watchdog confirms it's investigating MoneyGram data breachtechcrunch.com UK data watchdog confirms it's investigating MoneyGram data breach | TechCrunch
The world’s second-largest money transfer provider, which filed a data breach notice with U.K. authorities, serves over 50 million people.
> The world’s second-largest money transfer provider, which filed a data breach notice with U.K. authorities, serves over 50 million people.
- India's Star Health says it's investigating after hacker posts stolen medical datatechcrunch.com India's Star Health says it's investigating after hacker posts stolen medical data | TechCrunch
The health insurance giant is investigating an incident that allegedly leaked sensitive customer medical data.
> The health insurance giant is investigating an incident that allegedly leaked sensitive customer medical data.
- AutoCanada says ransomware attack "may" impact employee data
> AutoCanada is warning that employee data may have been exposed in an August cyberattack claimed by the Hunters International ransomware gang.
- U.S. govt agency CMS says data breach impacted 3.1 million people
> The Centers for Medicare & Medicaid Services (CMS) federal agency announced earlier this month that health and personal information of more than three million health plan beneficiaries was exposed in the MOVEit attacks Cl0p ransomware conducted last year.
- MoneyGram confirms a cyberattack is behind dayslong outage
> Money transfer giant MoneyGram has confirmed it suffered a cyberattack after dealing with system outages and customer complaints about lack of service since Friday.
- Dell investigates data breach claims after hacker leaks employee info
> Dell has confirmed to BleepingComputer that they are investigating recent claims that it suffered a data breach after a threat actor leaked the data for over 10,000 employees.
- Hacker selling 7 TB of Star Health Insurance’s customer data using Telegramwww.csoonline.com Hacker selling 7 TB of Star Health Insurance’s customer data using Telegram
The data is available for free in small portions, while bulk data — amounting to 7.24 terabytes — is being offered for sale, according to a hacker using the alias “xenZen.”
> The data is available for free in small portions, while bulk data — amounting to 7.24 terabytes — is being offered for sale, according to a hacker using the alias “xenZen.”
- Russian security firm Dr.Web disconnects all servers after breach
> On Tuesday, Russian anti-malware company Doctor Web (Dr.Web) disclosed a security breach after its systems were targeted in a cyberattack over the weekend.
- Temu denies breach after hacker claims theft of 87 million data records
> Temu denies it was hacked or suffered a data breach after a threat actor claimed to be selling a stolen database containing 87 million records of customer information.
- AT&T pays $13 million FCC settlement over 2023 data breach
> The Federal Communications Commission (FCC) has reached a $13 million settlement with AT&T to resolve a probe into whether the telecom giant failed to protect customer data after a vendor's cloud environment was breached three years ago.
- Over 1,000 ServiceNow instances found leaking corporate KB data
> Over 1,000 misconfigured ServiceNow enterprise instances were found exposing Knowledge Base (KB) articles that contained sensitive corporate information to external users and potential threat actors.
- FBI tells public to ignore false claims of hacked voter data
> The Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) are alerting the public of false claims that the U.S. voter registration data has been compromised in cyberattacks.
- Port of Seattle hit by Rhysida ransomware in August attack
> Port of Seattle, the United States government agency overseeing Seattle's seaport and airport, confirmed on Friday that the Rhysida ransomware operation was behind a cyberattack impacting its systems over the last three weeks.
- RansomHub claims Kawasaki cyberattack, threatens to leak stolen data
> Kawasaki Motors Europe has announced that it's recovering from a cyberattack that caused service disruptions as the RansomHub ransomware gang threatens to leak stolen data.
- Fortinet confirms data breach after hacker claims to steal 440GB of files
> Cybersecurity giant Fortinet has confirmed it suffered a data breach after a threat actor claimed to steal 440GB of files from the company's Microsoft Sharepoint server.
- Transport for London confirms customer data stolen in cyberattack
> Transport for London (TfL) has determined that the cyberattack on September 1 impacts customer data, including names, contact details, email addresses, and home addresses.
- The 18 biggest data breaches of the 21st centurywww.csoonline.com The 18 biggest data breaches of the 21st century
Data breaches affecting millions of users are far too common. Here are some of the biggest, baddest breaches in recent memory.
> Data breaches affecting millions of users are far too common. Here are some of the biggest, baddest breaches in recent memory.
- London's transit agency drops claim it has 'no evidence' of customer data theft after hacktechcrunch.com London's transit agency drops claim it has 'no evidence' of customer data theft after hack | TechCrunch
The London transport authority removes a claim that said there was no evidence that customer data was compromised during a recent hack.
> The London transport authority removes a claim that said there was no evidence that customer data was compromised during a recent hack.
- Highline Public Schools closes schools following cyberattack
> Highline Public Schools, a K-12 district in Washington state, has shut down all schools and canceled school activities after its technology systems were compromised in a cyberattack.
- Payment gateway data breach affects 1.7 million credit card owners
> Payment gateway provider Slim CD has disclosed a data breach that compromised credit card and personal data belonging to almost 1.7 million individuals.
- Car rental giant Avis discloses data breach impacting customers
>American car rental giant Avis disclosed a data breach after attackers breached one of its business applications last month and stole customer personal information.
- Planned Parenthood confirms cyberattack as RansomHub claims breach
> Planned Parenthood has confirmed it suffered a cyberattack affecting its IT systems, forcing it to take parts of its infrastructure offline to contain the damage.
- Microchip Technology confirms data was stolen in cyberattack
> American semiconductor supplier Microchip Technology Incorporated has confirmed that employee information was stolen from systems compromised in an August cyberattack, which was later claimed by the Play ransomware gang.
- Halliburton confirms data was stolen in ongoing cyberattacktechcrunch.com Halliburton confirms data was stolen in ongoing cyberattack | TechCrunch
The oil and fracking giant says it is "working to identify effects" of the ongoing cyberattack on its oil and fracking operations.
> The oil and fracking giant says it is "working to identify effects" of the ongoing cyberattack on its oil and fracking operations.
- Hacker Leaks Data of 390 Million Users from VK, a Russian Social Networkhackread.com Hacker Leaks Data of 390 Million Users from VK, a Russian Social Network
Follow us on Twitter (X) @Hackread - Facebook @ /Hackread
> Hacker ‘HikkI-Chan’ leaks personal data of over 390 million VK users on Breach Forums, including city, country, full names, and profile image URLs. Hackread.com investigates this massive privacy breach.
- Transport for London discloses ongoing “cyber security incident”
> Transport for London (TfL), the city's transport authority, is investigating an ongoing cyberattack that has yet to impact its services.
- Verkada to pay $2.95M for security failures leading to breaches
> The Federal Trade Commission (FTC) proposes a $2.95 million penalty on security camera vendor Verkada for multiple security failures that enabled hackers to access live video feeds from 150,000 internet-connected cameras.
- Business services giant CBIZ discloses customer data breach
> CBIZ Benefits & Insurance Services (CBIZ) has disclosed a data breach that involves unauthorized access of client information stored in specific databases.
- Customer conversation platform Exotel suffers data breachentrackr.com Exclusive: Customer conversation platform Exotel suffers data breach
Exotel has suffered a data breach which may have compromised details of its clients, sources aware of the matter told Entrackr
> Customer conversation platform Exotel has suffered a data breach that may have compromised details of its clients, sources familiar with the matter told Entrackr.
- FBI: RansomHub ransomware breached 210 victims since February
cross-posted from: https://infosec.pub/post/16863645
> This relatively new ransomware-as-a-service (RaaS) operation extorts victims in exchange for not leaking stolen files and sells the documents to the highest bidder if negotiations fail. The ransomware group focuses on data-theft-based extortion rather than encrypting victims' files, although they were also identified as potential buyers of Knight ransomware source code. > > Since the start of the year, RansomHub has claimed responsibility for breaching American not-for-profit credit union Patelco, the Rite Aid drugstore chain, the Christie's auction house, and U.S. telecom provider Frontier Communications. Frontier Communications later warned over 750,000 customers their personal information was exposed in a data breach.
- Durex India spilled customers' private order datatechcrunch.com Durex India spilled customers' private order data | TechCrunch
Durex India has exposed customers' personal information, including full names, email and postal addresses, and order details.
> Durex India has exposed customers' personal information, including full names, email and postal addresses, and order details.
- DICK'S shuts down email, locks employee accounts after cyberattack
> DICK'S Sporting Goods, the largest chain of sporting goods retail stores in the United States, disclosed that confidential information was exposed in a cyberattack detected last Wednesday.
- BlackSuit ransomware stole data of 950,000 from software vendor
> Young Consulting is sending data breach notifications to 954,177 people who had their information exposed in a BlackSuit ransomware attack on April 10, 2024.
- US Marshals Service disputes ransomware gang's breach claims
> The U.S. Marshals Service (USMS) denies its systems were breached by the Hunters International ransomware gang after being listed as a new victim on the cybercrime group's leak site on Monday.
- Park’N Fly notifies 1 million customers of data breach
> Park'N Fly is warning that a data breach exposed the personal and account information of 1 million customers in Canada after hackers breached its network.
- Patelco notifies 726,000 customers of ransomware data breach
> Patelco Credit Union warns customers it suffered a data breach after personal data was stolen in a RansomHub ransomware attack earlier this year.