100 links
tagged with all of: cybersecurity + data-breach
Click any tag below to further narrow down your results
Links
A security researcher discovered an SQL injection vulnerability in the Catwatchful stalkerware service, leading to the compromise of over 60,000 user accounts, including plaintext logins and passwords. After reporting the vulnerability, actions were taken to shut down the service and investigate its operators, highlighting the risks associated with such spyware applications.
Verizon's report emphasizes a significant oversight in mobile cybersecurity, revealing that organizations often neglect mobile security despite the rise of smishing attacks. With a high percentage of employees falling victim to these attacks, the report calls for better security practices and awareness to mitigate risks associated with personal mobile devices.
Connex Credit Union has reported a data breach impacting 172,000 individuals, with hackers likely stealing personal information such as names, account numbers, and Social Security numbers. The breach was detected on June 3, and while no unauthorized access to member accounts has been found, the organization is warning customers about potential scam calls and messages.
Recent reports of a massive credentials leak are misleading, as the exposed data comprises previously stolen credentials collected over time from infostealers and data breaches, rather than a new data breach. Users are advised to maintain good cybersecurity practices, including using unique passwords and enabling two-factor authentication to protect their accounts from potential threats.
The article outlines a timeline of significant events related to SK Telecom's recent data breach, detailing the implications for the company and its customers. It highlights the response measures taken by SK Telecom and the broader impact on the telecommunications industry in South Korea.
Andy Frain Services, a security firm, revealed that a ransomware attack by the Black Basta group has affected over 100,000 individuals, with sensitive information likely compromised. The breach, discovered in October 2024, involved the theft of 750 GB of data, prompting the company to offer credit monitoring and identity restoration services to those impacted.
Oracle has informed clients of a second cybersecurity breach in which a hacker stole old client log-in credentials from its systems. The stolen data, which includes credentials from as recently as 2024, is being investigated by the FBI and cybersecurity firm CrowdStrike, with the company assuring clients that the compromised system has not been in use for eight years, minimizing the risk.
Billions of stolen cookies are currently for sale online, with a significant percentage remaining active and exploitable, posing serious security risks to users. Cybercriminals can use these cookies to gain unauthorized access to personal accounts and sensitive data, often bypassing traditional security measures like multi-factor authentication. Experts recommend being cautious with cookie acceptance and maintaining updated security practices to mitigate these threats.
GlobalX, a charter airline involved in deportation flights for the U.S. government, experienced a cybersecurity breach resulting in the potential theft of flight records and passenger manifests. The company has activated its incident response protocols and is investigating the scope of the attack while maintaining that its operations have not been disrupted. Reports suggest the attackers may have already leaked information regarding the incident.
Insight Partners has confirmed that a ransomware attack in January compromised the personal data of over 12,000 individuals, including employees and limited partners. The breach, initially described as a "sophisticated social engineering attack," involved unauthorized access to HR and finance servers, with details of the stolen data remaining undisclosed. The firm has since enhanced its security measures and offered credit monitoring to those affected.
PowerSchool has reported that the hacker behind a December cyberattack is now extorting individual school districts, threatening to release stolen student and teacher data unless a ransom is paid. Despite previously paying a ransom to prevent such an incident, PowerSchool acknowledges that the threat actor has not kept their promise to delete the data, leading to renewed extortion attempts against affected schools.
Valsoft Corporation has reported a data breach affecting over 160,000 individuals, discovered on February 14, 2025. The breach involved unauthorized access to a non-production network of its subsidiary, Aspire USA, where personal information such as names, Social Security numbers, and financial details were compromised. The company is offering 12 months of free credit monitoring and has implemented enhanced security measures following the incident.
DaVita, a leading kidney dialysis provider in the U.S., reported a ransomware attack that encrypted parts of its network and affected some operations over the weekend. The company activated response protocols to contain the incident and continues to provide patient care while investigating the breach's full scope, which may involve stolen patient data.
Manpower, a major staffing agency, has disclosed a data breach affecting nearly 145,000 individuals after attackers accessed its systems in late December 2024. The RansomHub ransomware group claimed responsibility for the attack, reportedly stealing around 500GB of sensitive data, including personal client information. In response, Manpower is enhancing its IT security and offering affected individuals free credit monitoring services.
Hawaiian Airlines reported a cybersecurity incident affecting its IT systems, discovered on June 23, but confirmed that flights continue to operate safely. Experts suggest the attack may be linked to the Scattered Spider group, known for targeting various industries, and the airline is working with authorities to investigate the breach.
The article delves into the Gentlemen ransomware, exploring its modus operandi and the tactics employed by its operators. It highlights the impact of such ransomware on victims and discusses the broader implications for cybersecurity and ransomware trends.
A hacking group has reportedly stolen over 1 billion records from Salesforce customer databases, raising significant concerns about data security and the potential repercussions for affected companies. The breach underscores the vulnerabilities in cloud services and the ongoing threat posed by cybercriminals.
Mainline Health Systems and Select Medical Holdings have reported data breaches affecting over 100,000 individuals. Mainline Health's breach was linked to the Inc Ransom ransomware group, while Select Medical's data exposure resulted from a security incident involving a former vendor.
Farmers Insurance has reported a data breach that compromised the personal information of more than one million individuals, including names, addresses, dates of birth, and Social Security numbers. The breach was discovered shortly after the data theft occurred, but it remains unclear whether a third-party vendor was involved in a ransomware attack.
Allianz Life has reported a significant data breach affecting approximately 1.1 million customers. The breach allegedly involved unauthorized access to sensitive personal information, raising concerns about data security and privacy for those impacted.
A Michigan rural health system has notified approximately 140,000 patients of a data breach resulting from a hacking incident. The breach highlights ongoing concerns regarding cybersecurity in the healthcare sector, particularly the risks associated with unauthorized access to protected health information.
A significant data breach has been reported at the Bangalore Water Supply and Sewerage Board, compromising the personal information of over 290,000 citizens. The cybersecurity firm CloudSEK discovered this vulnerability, raising concerns about the potential misuse of the sensitive data exposed in the breach.
A ransomware attack in Ohio has disrupted the operations of a local government agency, affecting over 45,000 residents. The attack has prompted an investigation and raised concerns about cybersecurity measures in place to protect sensitive information.
The Zurich-based non-profit health foundation Radix suffered a ransomware attack that compromised the data of several Swiss federal offices. The Sarcoma ransomware group released 1.3TB of stolen data on the dark web after ransom demands were ignored, although the Swiss National Cyber Security Center confirmed that Radix did not have direct access to federal systems.
IdeaLab has confirmed that sensitive data was stolen during a ransomware attack last October, attributed to the Hunters International group. The breach affected current and former employees and contractors, with 137,000 files leaked on the dark web, prompting the company to offer identity theft protection to impacted individuals.
The article discusses a ransomware attack targeting SimpleHelp, compromising its infrastructure and impacting users. This incident highlights the ongoing threats posed by ransomware and the importance of cybersecurity measures for businesses and service providers.
French retailer Auchan has been targeted by a significant cyberattack, resulting in compromised customer data and operational disruptions. The incident highlights the increasing vulnerability of retail businesses to cyber threats, prompting a call for enhanced security measures and response strategies in the industry.
Laboratory Services Cooperative has reported a significant data breach affecting 1.6 million individuals, with personal and medical information stolen during an October 2024 cyberattack. The organization is providing affected individuals with free credit monitoring and identity protection services while monitoring the dark web for any misuse of the stolen data.
The Alcohol & Drug Testing Service (TADTS) has reported a data breach affecting approximately 750,000 individuals, following a ransomware attack in July 2024. Compromised data includes sensitive personal information such as Social Security numbers, financial details, and health insurance information.
A 19-year-old college student, Matthew D. Lane, pleaded guilty to charges related to a cyberattack on PowerSchool that extorted millions by threatening to leak sensitive personal data of millions of students and teachers. The attack involved breaching a telecommunications company to access and steal confidential information before demanding a ransom from PowerSchool and subsequently targeting individual school districts for further extortion.
Onsite Mammography, a Massachusetts medical provider, has reported a data breach that has compromised the personal and health information of over 350,000 patients. The breach, discovered in October 2024, involved unauthorized access to an employee's email account, leading to exposure of sensitive data including Social Security numbers and medical information. The company is offering affected individuals 12 months of free credit monitoring and identity protection services.
Fairmont Federal Credit Union in West Virginia has notified approximately 187,000 individuals of a data breach that exposed sensitive personal information, including Social Security numbers and financial details. The breach, detected in January 2024, is linked to vulnerabilities in third-party software or employee phishing attacks, highlighting the ongoing cybersecurity challenges faced by smaller financial institutions. Affected individuals are being offered credit monitoring services while investigations into potential negligence and class-action claims are underway.
Dell has acknowledged that hackers leaked data from a compromised demo environment, but insists the information is synthetic and does not include any sensitive data. The breach was linked to the WorldLeaks group, which claimed to have stolen 1.3 terabytes of information. Dell emphasizes that the compromised environment is separate from its main systems and contains only non-sensitive information.
French retailer Auchan has reported a data breach affecting several hundred thousand customers, compromising sensitive information linked to loyalty accounts, such as names, addresses, and contact details. The company has notified affected individuals and the French Data Protection Authority, advising them to be cautious of potential phishing attempts. However, bank data and passwords remain secure following the incident.
A critical vulnerability in file transfer protocols has been exploited, leading the Cybersecurity and Infrastructure Security Agency (CISA) to issue an alert. The flaw allows unauthorized access and potential data breaches, prompting organizations to update their systems and mitigate risks immediately.
Medusa ransomware has been linked to a significant data breach at Comcast, exposing sensitive customer information. The breach highlights the increasing vulnerabilities of large corporations to cyberattacks and the need for enhanced security measures.
A data breach at Canadian airline WestJet has compromised the personal information of approximately 1.2 million passengers. The airline is investigating the incident and has notified affected individuals about the potential risks to their data security.
Google reported that hackers compromised its Salesforce database, resulting in the theft of sensitive customer data. The breach highlights ongoing vulnerabilities in data security systems and raises concerns among Google’s clients regarding the safety of their information.
The article announces the launch of Have I Been Pwned 2.0, which introduces new features and improvements to the popular data breach notification service. It highlights enhancements in user experience, security, and the addition of new data sources to help users check if their personal information has been compromised.
The University of Maryland Medical Center (UMMC) is facing a class action lawsuit from former and current employees after a pharmacist allegedly used keyloggers and spyware to access personal information and conduct a cyberstalking campaign against approximately 80 female co-workers. The lawsuit claims UMMC failed to implement adequate cybersecurity measures, which allowed the pharmacist to exploit sensitive data over nearly a decade.
Coinbase experienced a significant data breach in 2025 that compromised the personal information of nearly 70,000 users due to unauthorized access by outsourced call center agents in India. The attackers leveraged social engineering tactics, leading to a rise in phishing attempts, while Coinbase faced estimated remediation costs between $180 million to $400 million and launched a bounty for information on the perpetrators. The incident has sparked discussions on the vulnerabilities associated with outsourcing sensitive customer data management.
A 27-year-old former student of Western Sydney University has been arrested for allegedly hacking the university's systems to obtain cheaper parking and access confidential data, affecting hundreds of staff and students. Birdie Kingston faces 20 charges, including unauthorized access and data theft, and is accused of stealing over 100GB of data and manipulating academic records. Despite prior warnings from police, she continued her hacking activities, even threatening to sell stolen student information on the dark web.
LexisNexis, a major data broker, has reported a security breach that compromised the personal information of over 364,000 individuals. The exposed data included sensitive details, raising concerns about data privacy and security practices within the company.
Over 103,000 individuals have been impacted by a data breach at Cornwell Quality Tools, a tool manufacturer based in Ohio. The Cactus ransomware group claimed responsibility for the attack, which involved the publication of sensitive materials, including corporate documents and driver's license copies. This incident follows a previous attack by the Hive ransomware gang in 2022.
DraftKings has informed a small number of customers about account breaches resulting from credential stuffing attacks, where attackers used stolen login credentials from other services. Although personal data such as names and addresses may have been accessed, sensitive financial information was not compromised. The company is taking steps to enhance security by requiring password resets and enabling multifactor authentication for affected accounts.
Data I/O, a technology manufacturer, has reported a ransomware incident that has caused operational outages, though the full impact of the breach remains unclear. The company recently posted a decrease in sales, reflecting challenges it faces amidst the ongoing cybersecurity threats affecting multiple organizations.
Columbia University experienced a significant data breach in 2025, exposing sensitive financial and academic records of students and alumni. The attack, reportedly linked to politically motivated hackers, compromised data for over 2 million individuals, raising serious concerns about cybersecurity in academia and prompting discussions on the need for improved data protection measures.
DaVita, a kidney dialysis firm, has confirmed that it was the victim of a ransomware attack that compromised the personal data of approximately 2.7 million individuals. The breach has raised significant concerns regarding the protection of sensitive health information and the potential consequences for those affected.
The Rhysida ransomware group claims to have stolen 2.5 TB of files from the Oregon Department of Environmental Quality (DEQ) after the agency denied any evidence of a data breach. Following a cyberattack that disrupted various services, the hackers threatened to auction the stolen data unless a ransom of 30 bitcoin ($2.5 million) is paid.
Toys “R” Us Canada has notified customers of a data breach in which threat actors leaked personal customer information, including names, addresses, emails, and phone numbers, but not passwords or credit card details. The breach was discovered on July 30, 2025, when the data was posted on the dark web, prompting the company to enhance its cybersecurity measures and notify regulatory authorities. Customers are advised to be vigilant against phishing attempts following the breach.
MainStreet Bancshares announced that customer data was stolen during a breach at a third-party vendor, affecting about 4.65% of its customer base. The bank confirmed that its own systems were not compromised and activated its incident response process immediately. Meanwhile, U.S. banking organizations are lobbying the SEC to repeal stringent reporting requirements for cybersecurity incidents introduced in late 2023, arguing they create unnecessary risks and complexities.
Claims of a data breach at the US Environmental Protection Agency (EPA) are being scrutinized as researchers found that the leaked data primarily consists of biochemical assay information, which is not deemed highly sensitive. Despite the leak suggesting potential unauthorized access to EPA systems, the actual content appears to lack critical private details.
A ransomware attack on Business Systems House (BSH), a payroll provider previously working with Broadcom, resulted in the theft of employee data. Although Broadcom has since switched payroll providers, the breach exposed sensitive information of current and former employees, prompting notifications and security recommendations from the company and its former payroll partner ADP.
The Business Council of New York State has disclosed a data breach affecting over 47,000 individuals, with attackers accessing personal, financial, and health information between February 24 and 25. Although the breach was detected six months later, there is currently no evidence of fraud or identity theft related to the incident, and affected individuals will receive free credit monitoring services.
Nippon Steel Solutions has reported a data breach caused by the exploitation of a zero-day vulnerability in their network equipment. Cybercriminals threatened to leak stolen data, but subsequently ceased communication, leaving uncertainty about the breach's details and any potential connection to other incidents.
A cybersecurity breach at University of Chicago Medicine may have exposed the personal information of 38,000 patients, including names, Social Security numbers, and medical data. The breach occurred in July 2024 through a third-party vendor, Nationwide Recovery Systems, which has since been terminated. UChicago Medicine is notifying affected patients by mail and has implemented measures to enhance security.
Hellcat ransomware has been found targeting firms by stealing Jira credentials, leading to significant data breaches. The malware is designed to extract sensitive information and poses a serious threat to organizations that rely on Jira for project management and collaboration. Cybersecurity experts are urging companies to enhance their defenses against such sophisticated attacks.
The National Social Security Fund of Morocco has experienced a significant data breach, compromising sensitive personal information of its beneficiaries. The breach has raised concerns about the security measures in place to protect citizen data and the potential ramifications for those affected.
Bragg Gaming Group has reported a cybersecurity incident that affected its internal IT systems but claims that no customer data was compromised. The company is investigating the breach and continues to operate normally, although it has not disclosed how the attackers gained access or whether any data was stolen.
Coinbase has reported a data breach that affects at least 69,000 customers, potentially exposing sensitive information. The company is investigating the incident and has advised affected users to secure their accounts and monitor for suspicious activity.
New York Blood Center suffered a significant data breach that exposed sensitive personal information of over 1.2 million individuals. The breach compromised data such as names, Social Security numbers, and medical information, prompting an investigation and notification to affected parties. The organization is taking steps to enhance its cybersecurity measures in response to the incident.
Aflac has recently faced a significant cyberattack that compromised sensitive data of its customers and employees. The company is working closely with cybersecurity experts to assess the extent of the breach and implement measures to protect against future incidents. Aflac has also notified affected individuals and is providing support as investigations continue.
North Korean hacking group Kimsuky has experienced a significant data breach after two ethical hackers, known as 'Saber' and 'cyb0rg,' leaked 8.9GB of the group's data, exposing their tools and stolen information. The hackers criticized Kimsuky for its politically motivated cyber activities and claimed their actions were aimed at revealing the group's unethical practices. This breach may complicate Kimsuky's operations and disrupt their ongoing campaigns, although its long-term impact remains uncertain.
Raj Gokal, co-founder of Solana, had his personal information leaked on the compromised Instagram account of hip-hop group Migos. The breach included sensitive photos and a potential blackmail threat, with a post suggesting Gokal should have paid 40 BTC to avoid the leak. The posts were removed after over an hour of being online.
A series of data breaches affecting companies such as Qantas, Allianz Life, LVMH, and Adidas has been attributed to the ShinyHunters extortion group, which uses voice phishing to compromise Salesforce CRM accounts. The attackers impersonate IT support to manipulate employees into entering connection codes that link malicious applications to Salesforce environments, leading to data theft and potential extortion attempts without public leaks so far. Salesforce has confirmed that their platform is not compromised, emphasizing the importance of customer vigilance against social engineering attacks.
Yale New Haven Health is notifying 5.5 million individuals about a data breach that occurred in March 2023, which involved unauthorized access to sensitive personal and health information. The organization is taking steps to mitigate the impact on affected individuals, including offering credit monitoring services.
Mobile Notary Zone reported a significant data breach exposing sensitive personal information of clients and notaries, raising concerns about the security of third-party vendors in notarial practices. The breach affected various organizations, leading to a termination of relationships and prompting calls for stronger data protection measures and vendor vetting among notaries. The California League of Independent Notaries urges notaries to prioritize data security and transparency to maintain client trust.
Iranian hackers have exploited vulnerabilities in over 100 embassies, compromising sensitive information and highlighting the need for enhanced cybersecurity measures in diplomatic institutions. The attacks leverage advanced techniques, indicating a sophisticated level of threat to global diplomatic operations.
Anne Arundel Dermatology has experienced a significant data breach affecting approximately 1.9 million individuals. The breach involves sensitive information such as names, social security numbers, and health data, raising concerns about the security of patient data in the healthcare sector.
TransUnion reported a significant data breach in which hackers stole personal information from 4.4 million customers. The compromised data includes sensitive details that could potentially lead to identity theft and fraud. The company is working with law enforcement to investigate the breach and mitigate its impact on affected individuals.
Red Hat is facing extortion from the ShinyHunters gang after a data breach involving nearly 570GB of sensitive information, including Customer Engagement Reports. The threat actors have leaked samples and set a deadline for ransom negotiations, while also collaborating with other hacking groups to enhance their extortion efforts.
TPG Telecom is investigating a cyberattack at its subsidiary iiNet, which resulted in the exposure of approximately 280,000 customer email addresses, along with thousands of phone numbers and usernames. Although the breach was contained and is believed to be limited to iiNet's order system, the company is taking steps to notify affected customers and reassure others that their information remains secure.
Over 250 Magento online stores were compromised in a massive cyberattack, leading to unauthorized access and potential data breaches. The incident highlights the vulnerabilities within e-commerce platforms and the importance of robust security measures for online retailers.
SatanLock ransomware has ceased its operations, marking an end to its activities after a significant data breach that had compromised sensitive information. The cybercriminal group has reportedly begun leaking the stolen data, raising concerns about the potential impact on affected organizations and individuals.
Jaguar Land Rover (JLR) has shut down part of its systems following a cyber incident that disrupted retail and production activities. While no customer data appears to have been compromised, the company is working to restore its global applications in a controlled manner. Experts suggest that the attack's identification may have come late, indicating potential ongoing access by the perpetrators.
A significant bug in Vanta's system led to the exposure of sensitive customer data, allowing access to other customers' information. The incident raised concerns about data security practices and the potential vulnerabilities in platforms handling sensitive data. Vanta is currently addressing the issue and enhancing its security measures to prevent future occurrences.
Zscaler has experienced a supply chain attack that compromised customer information through vulnerabilities in the Salesloft and Drift platforms. The breach underscores the risks associated with third-party services and the importance of securing supply chains in cybersecurity.
A new cyber threat named GhostAction has been identified, targeting GitHub projects and stealing sensitive information such as API keys and secrets. The attack exploits vulnerabilities in software development practices, leading to potential data breaches and compromised projects for developers. Security experts urge developers to enhance their security measures to mitigate risks associated with these attacks.
UnitedHealth's acquisition of health tech firm Episource has raised concerns following a data breach that exposed sensitive patient information. The breach, which affected numerous individuals, has prompted investigations and heightened scrutiny regarding data security practices in the healthcare industry.
DaVita Inc. experienced a significant data breach on August 5, 2025, leading to a 14.13% drop in stock value and exposing vulnerabilities in their cybersecurity practices. The analysis reveals multiple failures in threat detection, patch management, and compliance, highlighting how the breach was largely preventable and underscoring the long-term risks to investor trust and regulatory compliance. The article also details the technical aspects of the breach and the potential financial repercussions for the company.
The South Korean government has imposed a small fine and strict regulatory requirements on SK Telecom after a breach exposed 27 million records. The company is required to conduct quarterly security assessments and improve its data protection measures following a government investigation that revealed significant security lapses.
Over 6,700 private repositories were made public due to a malicious supply chain attack involving Nx. The attackers used a post-install script to exfiltrate sensitive data, including API keys and tokens, by creating public repositories to store the stolen information. Security firm Wiz reported that more than 20,000 files were compromised, affecting numerous users.
Ahold Delhaize confirmed that a ransomware attack led to the theft of sensitive data from its internal systems, with attackers claiming to have exfiltrated 6 TB of information. The company has restored its operations but is working to assess the impact of the breach and notify affected individuals.
A data breach at the Port of Seattle in August has compromised the personal information of approximately 90,000 individuals. The breach has raised concerns about data security and the potential risks to those affected. Authorities are investigating the incident to determine the extent of the breach and prevent future occurrences.
Luxury fashion brand Cartier has disclosed a data breach that allowed hackers to access limited personal information of customers, including names, email addresses, and countries of residence. The company has enhanced its security measures and is working with law enforcement and cybersecurity experts to address the incident, while warning customers to be vigilant against potential targeted attacks.
A ransomware attack on Swedish IT supplier Miljödata has left 200 municipalities offline, with the attackers demanding a ransom of 1.5 Bitcoin (approximately $168,000). The disruption highlights the risks of centralized IT services, as sensitive data may have been accessed and critical local government operations have been severely impacted. Sweden's Minister for Civil Defence has indicated that new cybersecurity legislation may be on the horizon in response to the incident.
Young Consulting, now operating as Connexure, has reported that over 1 million individuals were affected by a data breach attributed to a ransomware attack by the BlackSuit group. The breach, which occurred between April 10 and 13, 2024, compromised sensitive data including Social Security numbers and insurance information, with the victim count being updated multiple times since the incident. The company is offering credit monitoring and identity theft restoration services to those affected.
A cyberattack on VeriSource Services has compromised the personal information of 4 million individuals, including names, addresses, and Social Security numbers. Discovered on February 28, 2024, the company is offering affected individuals 12 months of free credit monitoring and identity protection services.
Zoomcar, India's largest car-sharing app, has reported a significant data breach affecting 8.4 million customers. The exposed information includes names, phone numbers, and personal addresses, though the company asserts that sensitive financial data was not compromised. In response, Zoomcar is enhancing its security measures to prevent future incidents.
Cybercriminals infiltrated NHS Professionals in May 2024, stealing its Active Directory database without public disclosure. Despite NHSP's claims of no data compromise, internal reports indicated significant breaches and vulnerabilities, prompting recommendations for enhanced cybersecurity measures, including multi-factor authentication and endpoint detection solutions.
Stellantis has identified unauthorized access to a platform operated by a third-party provider, affecting its North American customer service operations. The breach exposed only basic contact information, with no financial or sensitive personal data compromised, and the company is actively investigating the incident. Customers have been alerted to potential phishing attempts related to the breach.
A major data exposure involving Uffizio, a GPS fleet management software provider, revealed the leakage of sensitive vehicle and company information across at least 12 countries for over five years, despite claims of GDPR compliance. The breach, which included data on SIM identifiers, license plates, and real-time vehicle activity, poses significant risks to public safety and highlights the inadequacy of mere compliance in ensuring data security.
Lee Enterprises reported that a recent ransomware attack impacted nearly 40,000 individuals, compromising personal information such as names and Social Security numbers. The company is offering affected individuals 12 months of free credit monitoring and identity protection services following the breach.
The content of the article appears to be corrupted and unreadable, making it impossible to extract any meaningful information or context about the topic discussed. As a result, a summary cannot be provided.
FinWise Bank has notified nearly 700,000 customers that a former employee may have accessed their personal data after leaving the company, with the breach going undetected for over a year. The incident, linked to data from American First Finance, was discovered through an investigation initiated by FinWise after the breach was suspected. Affected individuals are being offered 12 months of free credit monitoring and identity theft protection.
Humac, a leading Apple reseller in the Nordics, has been listed on the Kraken ransomware group's dark web site, with claims of stolen financial and customer data. Cybernews researchers have verified that the leaked data sample appears legitimate, raising concerns about the impact on the company's operations.
A data breach at Prosper has compromised the personal information of over 17 million individuals, including sensitive data such as Social Security numbers and government IDs. The company is currently investigating the breach and has committed to offering free credit monitoring to affected customers.
The article discusses the cybersecurity threat of credential stuffing, where attackers use stolen usernames and passwords to gain unauthorized access to user accounts. It highlights the prevalence of this attack method, the importance of using unique passwords, and the implementation of multi-factor authentication as preventive measures.
Google confirmed that hackers created a fraudulent account in its Law Enforcement Request System (LERS) but assured that no data was accessed. The group "Scattered Lapsus$ Hunters" claimed access to both LERS and the FBI's eCheck system, raising concerns over potential impersonation and unauthorized data access. Cybersecurity experts believe the group may continue their activities despite claims of going dark.
Pharmaceutical firm Inotiv has reported a ransomware attack, with the Qilin Group claiming responsibility for the breach. The incident has raised concerns about the security of sensitive data within the healthcare sector.