Archive for the ‘Data Breach’ Category

Data of Israeli Employees from 29 Logistics Firms Sold Online

The 50GB worth of data is currently being sold on two clear web forums with a price tag of 1 BTC per database. A group of hackers has posted a trove of approximately 50GB of data for sale on two online forums and a Telegram group. The data was posted on 26 and 27th November […]

Leave a Comment

Microsoft Data Leak – 2.4TB of 65,000+ Companies Data Leaked Online

Leave a Comment

Cybercrime and data breaches are more than just the CISO’s problem

In recent weeks, cybercrime and data breaches have become unavoidable topics in Australia. Many citizens have been forced to confront – for the first time – the reality of living in a disrupted digital world, where our personal data has become the most valuable commodity. Of course, as tech leaders, this is a topic that […]

Leave a Comment

Uber Downplays Data Breach Impact, Claims No Sensitive Data Stolen

Uber Downplays Data Breach Impact, Claims No Sensitive Data Stolen – Uber is downplaying a data breach that occurred on Thursday, saying that no sensitive data was exposed.

Leave a Comment

List of Data Breaches and Cyber Attacks in August 2022 – 97 Million Records Breached

August 2022 has been a lesson in being careful with whom you provide sensitive information. In a month that saw the former US president accused of misappropriating classified government documents, there were also a spate of malicious insiders compromising their employer’s systems. Meanwhile, the bastion of password security, LastPass, announced that its systems had been […]

Leave a Comment

GAIROSCOPE attack allows to exfiltrate data from Air-Gapped systems via ultrasonic tones

GAIROSCOPE: An Israeli researcher demonstrated how to exfiltrate data from air-gapped systems using ultrasonic tones and smartphone gyroscopes. The popular researcher Mordechai Guri from the Ben-Gurion University of the Negev in Israel devise an attack technique, named GAIROSCOPE, to exfiltrate data from air-gapped systems using ultrasonic tones and smartphone gyroscopes. The attack requires that the threat […]

Leave a Comment

APIC/EPIC! Intel chips leak secrets even the kernel shouldn’t see

Here’s this week’s BWAIN, our jocular term for a Bug With An Impressive Name. BWAIN is an accolade that we hand out when a new cybersecurity flaw not only turns out to be interesting and important, but also turns up with its own logo, domain name and website. This one is dubbed Ă†PIC Leak, a pun on […]

Leave a Comment

How DDoSecrets built the go-to home for Russian leaks

American investigative reporter Emma Best knows how arduous it is to ask for information from government agencies.  She made more than 5,000 such requests during her career at MuckRock, a non-profit ​​news site that publishes original government documents and conducts investigations based on them. Best was so persistent that the FBI temporarily banned her from […]

Leave a Comment

T-Mobile to cough up $500 million over 2021 data breach

Just under a year ago, the US arm of telecomms giant T-Mobile admitted to a data breach after personal information about its customers was offered for sale on an underground forum. At the time, VICE Magazine claimed to have communicated with the hacker behind the breach via online chat, and to have been offered “T-Mobile USA. Full customer info.” VICE’s […]

Leave a Comment

China-linked threat actors have breached telcos and network service providers

China-linked threat actors have breached telecommunications companies and network service providers to spy on the traffic and steal data. US NSA, CISA, and the FBI published a joint cybersecurity advisory to warn that China-linked threat actors have breached telecommunications companies and network service providers. The nation-state actors exploit publicly known vulnerabilities to compromise the target […]

Leave a Comment

List of data breaches and cyber attacks in May 2022 – 49.8 million records breached

Welcome to our May 2022 review of data breaches and cyber attacks. We identified 77 security incidents during the month, resulting in 49,782,129 compromised records. You can find the full list below, with incidents affecting UK organisations listed in bold. Contents Cyber attacks Ransomware Data breaches Financial information Malicious insiders and miscellaneous incidents In other […]

Leave a Comment

SuperCare Health discloses a data breach that Impacted +300K people

SuperCare Health, a leading respiratory care provider in the Western U.S, disclosed a data breach that impacted more than 300,000 individuals. SuperCare Health disclosed a security breach that has led to the exposure of personal information belonging to its patients, patients/members of its partner organizations and others. The company notified impacted individuals and law enforcement […]

Leave a Comment

List of data breaches and cyber attacks in March 2022 – 3.99 million records breached

In March, we discovered 88 publicly disclosed cyber security incidents, accounting for 3,987,593 breached records. That brings the total number of breached records in the first quarter of 2022 to 75,099,482. We’ll be providing more stats from Q1 2022 in our quarterly review of cyber security incidents, which will be published on our website in […]

Leave a Comment

Lapsus$ extortion gang claims to have stolen sensitive data from Okta

The Lapsus$ extortion group claims to have stolen sensitive data from the identity and access management giant Okta solutions. The gang announced the alleged hack through its Telegram channel and shared a series of screenshots as proof of the hack. Some of the images published by the threat actors appear to be related to the company’s […]

Leave a Comment

Open database leaves major Chinese ports exposed to shipping chaos

The freight logs of two major Chinese shipping ports have been leaking data, a problem which if left unresolved could disrupt the supply chain of up to 70,000 tonnes of cargo a day, with potentially serious consequences for international shipping. The cybernews® research team identified an open ElasticSearch database, which contained more than 243GB of […]

Leave a Comment

NVIDIA discloses data breach after the recent ransomware attack

Chipmaker giant Nvidia confirmed a data breach after the recently disclosed security incident, proprietary information stolen. The chipmaker giant Nvidia was recentty victim of a ransomware attack that impacted some of its systems for two days. The security breach is not connected to the ongoing crisis in Ukraine, according to a person familiar with the incident. The […]

Leave a Comment

List of data breaches and cyber attacks in December 2021 – 219 million records breached

List of data breaches and cyber attacks in December 2021 – 219 million records breached Luke Irwin  4th January 2022 2021 was a difficult year many of us, and with the hope that COVID-19 will dissipate in the spring, this is a new year more than any other where we want to look forwards, not backwards. […]

Leave a Comment

How MFA Can Help Prevent Data Breaches

The Current Authentication Landscape To authenticate a user means to verify that the user is genuine. Classically, the way to authenticate a user is to request their login credentials and ensure those credentials match the credentials stored in your directory service or authentication server. The full history and background of authentication is more complex, but that’s the […]

Leave a Comment

List of data breaches and cyber attacks in November 2021 – 223.6 million records breached

Luke Irwin  1st December 2021 In November, we discovered 81 publicly disclosed cyber security incidents, accounting for 223,615,390 breached records. With one month left in 2021, the annual total running total of compromised records is to just shy of 5 billion. Keep an eye out for our end-of-year report in the next few weeks, where we’ll […]

Leave a Comment

China-linked LightBasin group accessed calling records from telcos worldwide

A China-linked hacking group, tracked as LightBasin (aka UNC1945), hacked mobile telephone networks around the globe and used specialized tools to access calling records and text messages from telecommunications companies. The cyberespionage group has been active since at least 2016, according to the CrowdStrike researchers it is using a very sophisticated toolset. CrowdStrike researchers reported that […]

Leave a Comment