The Dutch Data Protection Authority (DPA) – the country’s data protection regulator – has fined online travel and hotel booking company Booking.com almost half a million Euros over a data breach. Interestingly, the fine was issued not merely because there was a breach, but because the company didn’t report the breach quickly enough: The Dutch Data Protection Authority […]
Don’t be fooled by the fact that we only recorded 20,995,371 breached records in March; it was one of the leakiest months we’ve ever seen, with 151 recorded incidents. By comparison, there was a seemingly Lilliputian 82 recorded breaches in January and 118 in February. The issue is that in far more cases than we’d […]
Ata Hakcil led the team of white hat hackers from WizCase in identifying a major data leak on online trading broker FBS’ websites. The data from FBS.com and FBS.eu comprised millions of confidential records including names, passwords, email addresses, passport numbers, national IDs, credit cards, financial transactions and more. Were such detailed personally identifiable information (PII) to […]
On March 2nd, Microsoft has released emergency out-of-band security updates that address four zero-day issues (CVE-2021-26855, CVE-2021-26857, CVE-2021-26858, and CVE-2021-27065) in all supported Microsoft Exchange versions that are actively exploited in the wild. The IT giant reported that at least one China-linked APT group, tracked as HAFNIUM, chained these vulnerabilities to access on-premises Exchange servers to access email […]
Singapore telco says it has pulled back all use of Accellion’s file-sharing system FTA and is investigating the impact of a cybersecurity attack, having ascertained on February 9 that “files were taken” and customer data “may have” been compromised. Singtel says it is investigating the impact of a cybersecurity breach that may have compromised customer […]
878 million records breached  By Luke Irwin  Thankfully, January was relatively quiet on the data breach front, following a chaotic end to 2020 in which we surpassed a thousand security incidents and 20 billion breached records. So far this year, we’ve recorded 82 incidents and 878,168,975 breached records. That’s not great – particularly when you factor […]
We recorded 103 data breaches and cyber attacks in November, which accounted for 586,771,602 leaked records. ITG recorded 103 cyber security incidents in November, which accounted for 586,771,602 leaked records. The majority of those came from a credential-stuffing attack targeting Spotify and a data leak at the messaging app GO SMS Pro, which you can […]
Nook, line and sinker: Servers restored from backups, punters unable to download purchased e-books Source: Confirmed: Barnes & Noble hacked, systems taken offline for days, miscreants may have swiped personal info
Take a look at the top data breaches and cyber attacks in September, as well as our full list of 102 incidents. Source: List of data breaches and cyber attacks in September 2020 – 267 million records breached – IT Governance UK Blog Data Breaches: Crisis and Opportunity
The database containing personal information of over 600,000 clients of the US fitness chain Town Sports was exposed on the Internet. The archive contained records for almost 600,000 members or staff, exposed info includes names, addresses, phone numbers, email addresses, last four digits of credit cards, credit card expiration dates, and a member’s billing history. […]
2020 Cost of a Data Breach Report: the global total cost of a data breach averaged $3.86 million in 2020, down about 1.5% from the 2019 study. Source: Reading the 2020 Cost of a Data Breach Report …. Top Takeaways from the Verizon Data Breach Investigations Report Explore Data Security Controls Download a […]
A threat actor is flooding a hacker forum with databases exposing expose over 386 million user records that they claim were stolen from eighteen companies during data breaches. Source: Hacker leaks 386 million user records from 18 companies for free
Names, credit card data, addresses, and information on transactions as recent as yesterday are being sold online. As of Wednesday, sellers in two dark web stores were offering information from what appeared to be 278,531 accounts, although some of those may be duplicates or not genuine. As of April, Instacart had “millions of customers across […]
EXCLUSIVE: The MGM Resorts 2019 data breach is much larger than initially reported. Source: A hacker is selling details of 142 million MGM hotel guests on the dark web | ZDNet According to the ad, the hacker is selling the details of 142,479,937 MGM hotel guests for a price just over $2,900. The hacker claims […]
More than 15 billion username and passwords are available on cybercrime marketplaces, including over 5 billion unique credentials, states the experts. Source: 15 billion credentials available in the cybercrime marketplaces Exploring the Dark Web Explore the subject of Cyber Attack Download a Security Risk Assessment Steps paper! Subscribe to DISC InfoSec blog by Email Take […]
As hackers shift tactics, business owners can take steps to prevent attacks and minimize damage. Source: How hoteliers can mitigate data breaches The 5 Most Dangerous New Attack Techniques and How to Counter Them Data Breaches: Crisis and Opportunity Download a Security Risk Assessment Checklist paper! Subscribe to DISC InfoSec blog by Email
More than two dozen SQL databases stolen from online shops in various countries are being offered for sale on a public website. In total, the seller provides over 1.5 million rows of records but the damage is likely much larger. Source: Hacker extorts online shops, sells databases if ransom not paid More than two dozen […]
Santander Consumer Bank, the Belgian branch of the bank, had a misconfiguration in its blog domain that was allowing its files to be indexed. Source: Santander, one of the biggest European banks, was leaking sensitive data on their website A Santander Consumer spokesperson said: “The incident highlighted relates specifically to the Santander Consumer Bank Belgium […]
