Top

Category: Data loss


Data loss, Threats & Malware

Infosys subsidiary named as source of Bank of America data leak

February 13, 2024

Via: The Register

Indian tech services giant Infosys has been named as the source of a data leak suffered by the Bank of America. Infosys disclosed the breach in a November 3, 2023, filing [PDF] that revealed its US subsidiary Infosys McCamish Systems LLC (IMS) […]


Data loss, Threats & Malware

Mon Dieu! Nearly half the French population have data nabbed in massive breach

February 12, 2024

Via: The Register

Nearly half the citizens of France have had their data exposed in a massive security breach at two third-party healthcare payment servicers, the French data privacy watchdog disclosed last week. Payments outfits Viamedis and Almerys both experienced breaches of their […]


Data loss, Threats & Malware

Europe’s largest caravan club admits wide array of personal data potentially accessed

February 12, 2024

Via: The Register

The Caravan and Motorhome Club (CAMC) and the experts it drafted to help clean up the mess caused by a January cyberattack still can’t figure out whether members’ data was stolen. According to an update shared with members late last […]


Data loss, Network security, Threats & Malware

Jet engine dealer to major airlines discloses ‘unauthorized activity’

February 12, 2024

Via: The Register

Willis Lease Finance Corporation has admitted to US regulators that it fell prey to a “cybersecurity incident” after data purportedly stolen from the biz was posted to the Black Basta ransomware group’s leak blog. The form 8-K filed with the […]


Data loss, Threats & Malware

Verizon says 63K employees’ info fell into the wrong hands – an insider this time

February 6, 2024

Via: The Register

Verizon is notifying more than 63,000 people, mostly current employees, that an insider, accidentally or otherwise, had inappropriate access to their personal data. The privacy blunder happened in September, and the American telco giant attributed it to “inadvertent disclosure” and […]


Data loss, Threats & Malware

Former CIA Cyber Engineer Sentenced to 40 Years for Massive Leak

February 5, 2024

Via: SecurityWeek

A United States federal judge has sentenced Joshua Adam Schulte, a former CIA employee, to 40 years in prison for one of the largest disclosures of classified information in U.S. history. Schulte worked as a software developer for the CIA’s […]


Data loss, Threats & Malware

Blackbaud settles with FTC after that IT breach exposed millions of people’s info

February 2, 2024

Via: The Register

Blackbaud, which had data on millions of people stolen from it by one or more crooks, has promised to shore up its IT defenses in a proposed deal with the FTC. In announcing the draft settlement, the US watchdog’s boss […]


Data loss, Threats & Malware

Biden will veto attempts to kill off SEC’s security breach reporting rules

February 1, 2024

Via: The Register

The Biden administration has expressed to congressional representatives its strong opposition to undoing the Securities and Exchange Commission’s (SEC) strict data breach reporting rule. In a policy statement [PDF] published yesterday by Biden’s Office of Management and Budget (OMB), the […]


Data loss, Threats & Malware

Data leak at fintech giant Direct Trading Technologies

January 31, 2024

Via: Security Affairs

Direct Trading Technologies, an international fintech company, jeopardized over 300K traders by leaking their sensitive data and trading activity, thereby putting them at risk of an account takeover. On October 27th, the Cybernews research team discovered a misconfigured web server […]


Data loss, Threats & Malware

Hundreds of network operators’ credentials found circulating in Dark Web

January 30, 2024

Via: Security Affairs

Resecurity conducted a thorough scan of the Dark Web and identified over 1,572 compromised customers of RIPE, Asia-Pacific Network Information Centre (APNIC), the African Network Information Centre (AFRINIC), and the Latin America and Caribbean Network Information Center (LACNIC), resulting from […]


Data loss, Threats & Malware

Russian hackers breached Microsoft, HPE corporate maliboxes

January 25, 2024

Via: Help Net Security

Cozy Bear (aka Midnight Blizzard, aka APT29) has been busy hacking and spying on big tech companies: both Microsoft and Hewlett Packard Enterprise (HPE) have recently disclosed successful attack campaigns by the Russia-affiliated APT group. The Microsoft breach Last Friday, […]


Data loss, Threats & Malware

What Microsoft’s latest email breach says about this IT security heavyweight

January 24, 2024

Via: The Register

For most organizations – especially security vendors – disclosing a corporate email breach, in which executives’ internal messages and attachments were stolen, would noticeably ding their stock prices. But Microsoft apparently doesn’t operate by the laws of Wall Street. Late […]


Data loss, Threats & Malware

Australia imposes cyber sanctions on Russian it says ransomwared health insurer

January 23, 2024

Via: The Register

Australia’s government has used the “significant cyber incidents” sanctions regime it introduced in 2021 for the first time, against a Russian named Aleksandr Gennadievich Ermakov whom authorities have deemed responsible for the 2022 attack on health insurer Medibank Private. The […]


Data loss, Threats & Malware

Slug slimes aerospace biz AerCap with ransomware, brags about 1TB theft

January 22, 2024

Via: The Register

AerCap, the world’s largest aircraft leasing company, has reported a ransomware infection that occurred earlier this month, but claims it hasn’t yet suffered any financial losses yet and all its systems are under control. In a US Securities and Exchange […]


Data loss, Threats & Malware

Thieves steal 35.5M customers’ data from Vans sneakers maker

January 19, 2024

Via: The Register

VF Corporation, parent company of clothes and footwear brands including Vans and North Face, says 35.5 million customers were impacted in some way when criminals broke into their systems in December. The announcement was made in a Thursday 8-K/A filing […]


Data loss, Threats & Malware

SEC X Account Hacked: Bitcoin Price Swings, Security Concerns Raised

January 11, 2024

Via: SecureWorld

The U.S. Securities and Exchange Commission’s (SEC) account on X (formerly Twitter) was briefly compromised on Tuesday, January 9, sending shockwaves through the cryptocurrency market and raising serious questions about the agency’s cybersecurity practices. A fake post announcing the approval […]


Data loss, Threats & Malware

Fidelity National now says 1.3M customers had data stolen by cyber-crooks

January 10, 2024

Via: The Register

Fidelity National Financial now says criminals got hold of data belonging to 1.3 million customers after breaking into its IT network in November. The mortgage giant, which has assets totaling $74 billion and is one of the largest providers of […]


Data loss, Threats & Malware

Infosec experts divided over 23andMe’s ‘victim-blaming’ stance on data breach

January 4, 2024

Via: The Register

23andMe users’ godawful password practices were supposedly to blame for the biotech company’s October data disaster, according to its legal reps. Nope, the biotech firm’s infrastructure management was certainly not at fault in any way when 6.9 million users had […]


Data loss, Threats & Malware

Fake and Stolen X Gold accounts for sale on the Dark Web

January 4, 2024

Via: TechRadar

New security research has uncovered that cybercriminals are abusing verification marks on X (formerly known as Twitter) by compromising passwords of verified accounts and either selling them on the dark web or using them for their own scams. Malicious actors […]


Data loss, Threats & Malware

Freight giant Estes refuses to deliver ransom, says personal data opened and stolen

January 3, 2024

Via: The Register

One of America’s biggest private freight shippers, Estes Express Lines, has told more than 20,000 customers that criminals stole their personal information. “As you may be aware, on October 1, 2023, Estes discovered that an unauthorized threat actor had gained […]