Category: Data loss

September 29, 2023

On June 5th, our researchers discovered a misconfigured Amazon Web Services (AWS) bucket storing nearly 48,000 files. A bucket is a container for storing data within AWS’s cloud storage system. The misconfiguration exposed the repository’s contents. According to our team, […]

September 26, 2023

A concerning amount of companies are pretty woeful in reporting the cyberattacks and breaches they suffer, both internally and externally. Research conducted by Keeper Security found that nearly half (48%) of the IT and security leaders it surveyed that have […]

September 21, 2023

Pizza Hut’s Australian outpost has suffered a data breach. The baked goods purveyor has delivered bitter news to around 190,000 customers: that their name, delivery address, email address, and phone numbers have been accessed by unautorised entities. Even more seriously, […]

September 20, 2023

Two Indian nationals each received 41-month prison sentences for their involvement in $1.2 million worth of robocall scams targeting the elderly, according to the district of New Jersey’s attorney’s office on Tuesday. Plantiffs Arushobike Mitra and Garbita Mitra (no relation, […]

September 20, 2023

The ongoing face-off between Washington and Beijing over technology and security issues has taken a new twist, with China accusing the US of hacking into the servers of Huawei in 2009 and conducting other cyber-attacks to steal critical data. China’s […]

September 19, 2023

The Clorox Company, makers of bleach and other household cleaning products, doesn’t expect operations to return to normal until near month end as it combs over “widescale disruption to operations” caused by cyber baddies. The $2 billion turnover biz, whose […]

September 18, 2023

The U.S. Internal Revenue Service (IRS) is entrusted with the vital responsibility of safeguarding sensitive taxpayer information. Recent incidents of potential unauthorized access to or disclosure of this data have raised concerns and prompted a thorough review by the Government […]

September 7, 2023

Microsoft on Wednesday revealed that a China-based threat actor known as Storm-0558 acquired the inactive consumer signing key to forge tokens and access Outlook by compromising an engineer’s corporate account. This enabled the adversary to access a debugging environment that […]

August 28, 2023

Greater London’s Metropolitan Police have been warned that their information — names, ranks, ID numbers, vetting levels, and photos — was stolen by hackers in a breach that affects 47,000 officers and staff. The hackers broke into the IT systems […]

August 28, 2023

Financial services companies breached as a result of MOVEit zero-day vulnerability are facing a flurry of class action lawsuits over the exposure of sensitive customer financial data. TD Ameritrade and Charles Schwab are the latest firms facing suits, this time […]

August 22, 2023

Software services provider Ivanti is warning of a new critical zero-day flaw impacting Ivanti Sentry (formerly MobileIron Sentry) that it said is being actively exploited in the wild, marking an escalation of its security woes. Tracked as CVE-2023-38035 (CVSS score: […]

August 18, 2023

The new policy, NCUA announced, comes into effect on September 1, and will cover all incidents that impact information systems or the integrity, confidentiality, or availability of data on those systems. “Beginning on September 1, 2023, all federally insured credit […]

July 24, 2023

The average cost per data breach for business in 2023 jumped to $4.45 million, a 15% increase over three years. But instead of investing in cybersecurity, 57% of breached organizations told IBM they were inclined to just pass those costs […]

July 18, 2023

A little over a week after JumpCloud reset API keys of customers impacted by a security incident, the company said the intrusion was the work of a sophisticated nation-state actor. The adversary “gained unauthorized access to our systems to target […]

July 11, 2023

The personal details of Bangladeshi citizens have been accidentally disclosed by the website of the Office of the Registrar General, Birth and Death Registration. According to research by TechCrunch and confirmed by South African company Bitcrack Cyber Security, the leaked […]

June 6, 2023

Verizon Business today released the results of its 16th annual Data Breach Investigations Report (2023 DBIR), which analyzed 16,312 security incidents and 5,199 breaches. Chief among its findings is the soaring cost of ransomware – malicious software (malware) that encrypts […]

May 8, 2023

Digital storage giant Western Digital confirmed that an “unauthorized third party” gained access to its systems and stole personal information belonging to the company’s online store customers. “This information included customer names, billing and shipping addresses, email addresses and telephone […]

May 5, 2023

PHP software package repository Packagist revealed that an “attacker” gained access to four inactive accounts on the platform to hijack over a dozen packages with over 500 million installs to date. “The attacker forked each of the packages and replaced […]

April 6, 2023

Dubbed Styx Marketplace, the portal offers data dumps, cash-out services, fake and stolen IDs, SIM cards, multi-factor authentication bypass solutions, banking malware, and other types of illegal services. Initially mentioned on the dark web in early 2022, the marketplace opened […]

March 29, 2023

HackNotice is offering additional tailored protection via its new service, HackNotice Actions. Further empowering employees, HackNotice Actions reaches out to any company where a person’s PII or other data has been compromised, and asks for a full report on or […]