December 11, 2023
Via: The RegisterThe saga of 23andMe’s mega data breach has reached something of a conclusion, with the company saying its probe has determined millions of leaked records originated from illicit break-ins into just 14,000 accounts. In an update on Tuesday to a […]
December 11, 2023
Via: The RegisterNorton Healthcare, which runs eight hospitals and more than 30 clinics in Kentucky and Indiana, has admitted crooks may have stolen 2.5 million people’s most sensitive data during a ransomware attack in May. During the intrusion, the criminals accessed names, […]
December 7, 2023
Via: SecureWorldNew revelations have shed light on the extensive fallout of the 23andMe data breach, which has exposed the personal information of a staggering 6.9 million users. This significant update comes almost two months after the genetic testing company initially reported […]
December 5, 2023
Via: SecurityWeekJust three months after the National Credit Union Administration (NCUA) put into place a final rule requiring federally chartered and federally insured credit unions to notify NCUA of a “reportable cyber incident,” about 60 credit unions in the United States […]
November 29, 2023
Via: The RegisterOkta has admitted that the number of customers affected by its October customer support system data breach is far greater than previously thought. Chief security officer David Bradbury originally said earlier this month that according to the company’s root cause […]
November 22, 2023
Via: The RegisterThe self-described “gay furry hackers” of SiegedSec are back: this time boasting they’ve broken into America’s biggest nuclear power lab’s computer systems and stolen records on thousands of employees. Some of that data has already been leaked, it appears. SiegedSec, […]
November 20, 2023
Via: The RegisterQuick show of hands: whose data hasn’t been stolen in the mass exploitation of Progress Software’s vulnerable MOVEit file transfer application? Anyone? According to security shop Emsisoft, 2,620 organizations and more than 77 million individuals have been impacted to date, […]
November 17, 2023
Via: The RegisterThe UK division of Samsung Electronics has allegedly alerted customers of a year-long data security breach – the third such incident the South Korean giant has experienced around the world in the past two years. An email to customers, shared […]
November 15, 2023
Via: Security AffairsStrendus, one of the biggest online casinos in Mexico has exposed sensitive user data, including home addresses and the amounts of money they spent on gambling. The data was likely compromised by unauthorized actors. The Cybernews research team discovered that […]
November 2, 2023
Via: The RegisterOkta has sent out breach notifications to almost 5,000 current and former employees, warning them that miscreants breached one of its third-party vendors and stole a file containing staff names, social security numbers, and health or medical insurance plan numbers. […]
October 31, 2023
Via: The RegisterThe US has approved mandatory data breach reporting requirements that impose a 30-day deadline for non-banking financial organizations to report incidents. The amendment to the Federal Trade Commission’s (FTC) Safeguards Rule, which aims to hold the US finance sector to […]
October 30, 2023
Via: The RegisterSecurity researchers have uncovered a multi-year cryptojacking campaign they claim autonomously clones GitHub repositories and steals their exposed AWS credentials. Given the name “EleKtra-Leak” by researchers at Palo Alto Networks’s Unit 42, the criminals behind the campaign are credited with […]
October 26, 2023
Via: The RegisterServiceNow is issuing a fix for a flaw that exposes data after a researcher published a method for unauthenticated attackers to steal an organization’s sensitive files. Security researcher Aaron Costello highlighted apparent issues with the default configurations of ServiceNow’s widgets, […]
October 26, 2023
Via: SecureWorldIn a recent and concerning development, the District of Columbia Board of Elections (DCBOE) has uncovered a significant data breach that puts the personal information of its entire voting population at risk. The breach was brought to light after stolen […]
October 24, 2023
Via: The RegisterA third-party contractor running a database without password protection exposed more than 500,000 records related to vehicle seizures by the Irish National Police (An Garda Síochána, “Garda”). Security researcher Jeremiah Fowler found various records dating back to 2017 including scanned […]
October 19, 2023
Via: The RegisterA cybercriminal claims they’ve uploaded a second batch of stolen profile data from biotech company 23andMe, posting it to the same cybercrime forum that hosted the first batch two weeks ago. The individual who uses the alias “Golem” has uploaded […]
October 18, 2023
Via: The RegisterD-Link has confirmed suspicions that it was successfully targeted by cyber criminals, but is talking down the scale of the impact. On October 1, word of a data breach spread after a post on a hacking forum claimed to be […]
October 17, 2023
Via: SecureWorldIn the wake of the recent 23andMe data breach that impacted millions of customers, new legal action is now being pursued against the genetic testing company. Four class action lawsuits were filed in the past week on behalf of 23andMe […]
October 9, 2023
Via: TechRadarA global CRM provider kept a major client database sitting unprotected on the public web, available to anyone who knew where to look, new research has claimed. The database contained hundreds of thousands of records, many of which were personally […]
October 2, 2023
Via: Security AffairsJohnson Controls International plc is a multinational conglomerate with a diversified portfolio of products and services primarily focused on building technologies and solutions. The company provides HVAC (heating, ventilation, and air conditioning), solutions for building automation, fire and security systems, […]