DISC InfoSec blog

We recorded 103 data breaches and cyber attacks in November, which accounted for 586,771,602 leaked records. ITG recorded 103 cyber security incidents in November, which accounted for 586,771,602 leaked records. The majority of those came from a credential-stuffing attack targeting Spotify and a data leak at the messaging app GO SMS Pro, which you can […]

Nook, line and sinker: Servers restored from backups, punters unable to download purchased e-books Source: Confirmed: Barnes & Noble hacked, systems taken offline for days, miscreants may have swiped personal info

Take a look at the top data breaches and cyber attacks in September, as well as our full list of 102 incidents. Source: List of data breaches and cyber attacks in September 2020 – 267 million records breached – IT Governance UK Blog Data Breaches: Crisis and Opportunity

The database containing personal information of over 600,000 clients of the US fitness chain Town Sports was exposed on the Internet. The archive contained records for almost 600,000 members or staff, exposed info includes names, addresses, phone numbers, email addresses, last four digits of credit cards, credit card expiration dates, and a member’s billing history. […]

2020 Cost of a Data Breach Report: the global total cost of a data breach averaged $3.86 million in 2020, down about 1.5% from the 2019 study. Source: Reading the 2020 Cost of a Data Breach Report ….     Top Takeaways from the Verizon Data Breach Investigations Report Explore Data Security Controls Download a […]

A threat actor is flooding a hacker forum with databases exposing expose over 386 million user records that they claim were stolen from eighteen companies during data breaches. Source: Hacker leaks 386 million user records from 18 companies for free

Names, credit card data, addresses, and information on transactions as recent as yesterday are being sold online. As of Wednesday, sellers in two dark web stores were offering information from what appeared to be 278,531 accounts, although some of those may be duplicates or not genuine. As of April, Instacart had “millions of customers across […]

EXCLUSIVE: The MGM Resorts 2019 data breach is much larger than initially reported. Source: A hacker is selling details of 142 million MGM hotel guests on the dark web | ZDNet According to the ad, the hacker is selling the details of 142,479,937 MGM hotel guests for a price just over $2,900. The hacker claims […]

More than 15 billion username and passwords are available on cybercrime marketplaces, including over 5 billion unique credentials, states the experts. Source: 15 billion credentials available in the cybercrime marketplaces Exploring the Dark Web Explore the subject of Cyber Attack Download a Security Risk Assessment Steps paper! Subscribe to DISC InfoSec blog by Email Take […]

As hackers shift tactics, business owners can take steps to prevent attacks and minimize damage. Source: How hoteliers can mitigate data breaches The 5 Most Dangerous New Attack Techniques and How to Counter Them Data Breaches: Crisis and Opportunity Download a Security Risk Assessment Checklist paper! Subscribe to DISC InfoSec blog by Email

More than two dozen SQL databases stolen from online shops in various countries are being offered for sale on a public website. In total, the seller provides over 1.5 million rows of records but the damage is likely much larger. Source: Hacker extorts online shops, sells databases if ransom not paid More than two dozen […]

Santander Consumer Bank, the Belgian branch of the bank, had a misconfiguration in its blog domain that was allowing its files to be indexed. Source: Santander, one of the biggest European banks, was leaking sensitive data on their website A Santander Consumer spokesperson said: “The incident highlighted relates specifically to the Santander Consumer Bank Belgium […]

Discover how to write a GDPR data breach notification procedure to help you with your GDPR compliance. Including a free template example. Read now Source: How to write a GDPR data breach notification procedure – with template example – IT Governance Blog Personal data breach notification procedures under the GDPR Organizations must create a procedure […]