What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2021-02-12 20:39:52 | (Déjà vu) Yandex Employee Caught Selling Access to Users\' Email Inboxes (lien direct) | Russian Dutch-domiciled search engine, ride-hailing and email service provider Yandex on Friday disclosed a data breach that compromised 4,887 email accounts of its users.
The company blamed the incident on an unnamed employee who had been providing unauthorized access to the users' mailboxes for personal gain.
"The employee was one of three system administrators with the necessary access |
Data Breach | ||
 |
2021-02-12 20:17:10 | Yandex Data Breach Exposes 4K+ Email Accounts (lien direct) | In a security notice, Yandex said an employee had been providing unauthorized access to users' email accounts “for personal gain.” | Data Breach | ||
 |
2021-02-12 11:02:37 | (Déjà vu) Yandex suffers data breach after sysadmin sold access to user emails (lien direct) | Russian internet and search company Yandex announced today that one of its system administrators had enabled unauthorized access to thousands of user mailboxes. [...] | Data Breach | ||
 |
2021-02-10 12:36:31 | Investor data breach \'fatigue\' reduces Wall Street punishment for cybersecurity failures (lien direct) | As data breaches are now common, acceptance now lessens the impact on share prices. | Data Breach | ||
 |
2021-02-10 04:45:25 | Antivirus Firm Emsisoft Discloses Data Breach (lien direct) | Antivirus solutions provider Emsisoft revealed last week that a third-party had accessed a publicly exposed database containing technical logs. | Data Breach | ||
 |
2021-02-09 13:00:00 | Cloud Security Considerations to Watch Out for During Mergers and Acquisitions (lien direct) | Staying vigilant through each phase of a mergers and acquisitions (M&A) process can help businesses overcome cloud threats. Threat actors have hit victims during M&As in the past, such as the data breach that affected more than 500 million customers in 2018. Such cases force businesses to look into data exposure before and after M&As, […] | Threat Data Breach | ★★★★ | |
 |
2021-02-08 18:12:00 | Law Firm Data Breach Impacts UPMC Patients (lien direct) | PHI of more than 36k UPMC patients may have been exposed following attack on law firm | Data Breach | ||
|
2021-02-08 14:00:25 | Web Developer Hub SitePoint Discloses Data Breach (lien direct) | Web development resources provider SitePoint has notified users of a data breach that resulted in some of their information being stolen. Based in Melbourne, Australia, and established more than two decades ago, SitePoint provides users with access to tutorials and books that can help them learn the basics of web development. | Data Breach | ||
 |
2021-02-07 10:44:34 | Web developers SitePoint discloses a data breach (lien direct) | The website, and publisher of books, courses and articles for web developers, SitePoint discloses a data breach that impacted 1M users. SitePoint is an Australian-based website, and publisher of books, courses and articles for web developers. The company has disclosed a data breach and notified its users via email. Threat actors offered for sale an archive containing […] | Threat Data Breach | ||
|
2021-02-05 20:31:39 | Webdev tutorials site SitePoint discloses data breach (lien direct) | SitePoint admits data breach after one million user creds were sold on a hacking forum last December. | Data Breach | ||
|
2021-02-05 13:30:00 | BA Data Breach Victims Granted Extension to File Claims (lien direct) | Breach victims who have not filed their claim encouraged to do so | Data Breach | ||
|
2021-02-05 12:34:09 | SitePoint discloses data breach after stolen info used in attacks (lien direct) | The SitePoint web professional community has disclosed a data breach after their user database was sold and eventually leaked for free on a hacker forum. [...] | Data Breach | ||
 |
2021-02-05 10:22:03 | Foxtons Group hack: database of stolen data for sale on the dark web (lien direct) | British estate agency Foxtons Group suffered a major data breach in October last year, which enabled attackers to exfiltrate a database of personal and financial information. The personal identifiable information was then uploaded on dark web forums, where evidence suggests it was accessed over 15,073 times. According to iNews, Foxtons Group was informed by the […] | Data Breach | ||
 |
2021-02-04 20:58:19 | Expert Commentary: Several Thousand Addresses Leaked In FHKC Insurance Data Breach (lien direct) | The Florida Healthy Kids Corporation (FHKC), a US provider of children's health insurance, data breach which exposed the addresses of several thousands of who applied for or renewed insurance coverage online… | Data Breach | ||
|
2021-02-04 15:42:15 | Airbus CyberSecurity Subsidiary Stormshield Discloses Data Breach (lien direct) | Stormshield, a wholly-owned subsidiary of France-based cybersecurity company Airbus CyberSecurity, has disclosed a data breach that resulted in source code and customer information getting compromised. | Data Breach | ||
|
2021-02-04 13:41:58 | Hackers steal StormShield firewall source code in data breach (lien direct) | Leading French cybersecurity company StormShield disclosed that their systems were hacked, allowing a threat actor to access the companies' support ticket system and steal source code for Stormshield Network Security firewall software. [...] | Threat Data Breach Guideline | ||
|
2021-02-04 10:03:48 | (Déjà vu) 1.4 million Washington unemployment claimants affected by state auditor breach (lien direct) | On Monday, The Washington State Auditor Office disclosed that it had suffered a data breach that exposed the personal information of some 1.4 million employment claimants. It appears that the records became exposed in December, following a data breach of Accellion, a software provider used by the State Auditor Office for the transfer of large […] | Data Breach | ||
|
2021-02-03 22:30:08 | Oxfam Australia investigates data breach after database sold online (lien direct) | Oxfam Australia investigates a suspected data breach after a threat actor claimed to be selling their database belonging on a hacker forum. [...] | Threat Data Breach | ||
 |
2021-02-03 16:18:11 | What should you say if you have a data breach? Catch up with Jason Nurse at Sophos Evolve (lien direct) | Learn why it's way better to rehearse what to say if you suffer a data breach than to make it up as you go along. | Data Breach | ||
|
2021-02-03 10:49:10 | Newspaper speculates Foxtons Group data breach (lien direct) | The i newspaper speculated that Foxtons Group has experienced a data breach, with thousands of customers’ personal and financial data leaked on the dark web. The exclusive news for i claims that Foxtons did not take action when they first found out in January that their customers’ data was available on the dark web following […] | Data Breach | ||
|
2021-02-03 09:48:00 | Over Three Million US Drivers Exposed in Data Breach (lien direct) | Dealership service provider appears to have been targeted | Data Breach | ||
|
2021-02-03 06:38:44 | Hackers stole personnel records of software developer Wind River (lien direct) | The global leader of embedded system software Wind River Systems discloses a data breach that resulted in the theft of customers’ personal information. Wind River Systems, a global leader in delivering software for smart connected systems, discloses a data breach. The company claims its technology is found in more than 2 billion products, it develops […] | Data Breach Guideline | ||
|
2021-02-03 03:03:03 | Female escort review site data breach affects 470,000 members (lien direct) | An online community promoting female escorts and reviews of their services has suffered a data breach after a hacker downloaded the site's database. [...] | Data Breach | ||
|
2021-02-02 18:32:45 | Embedded Software Developer Wind River Discloses Data Breach (lien direct) | Embedded system software provider Wind River Systems has started informing employees of a data breach that resulted in their personal information being stolen by a third party. | Data Breach | ||
|
2021-02-02 13:23:40 | Over 1 Million Impacted by Data Breach at Washington State Auditor (lien direct) | The Office of the Washington State Auditor (SAO) has disclosed a cybersecurity incident in which the personal information of more than 1 million individuals might have been stolen. | Data Breach | ||
|
2021-02-02 11:57:59 | (Déjà vu) 1.6 million Washington unemployment claims exposed in data breach (lien direct) | The Office of the Washington State Auditor (SAO) has experienced a data breach which has resulted in the exposure of 1.6 million employment claims, and the sensitive personal information that they contain. The Washington SAO revealed that a threat actor had exploited a vulnerability in Accellion, a secure file transfer service that helps organisations share […] | Threat Data Breach Vulnerability | ||
 |
2021-02-02 00:00:00 | (Déjà vu) Mélanges clés de la montée des ransomwares en 2020: Ransomware-as-a-service et double extorse. Key Drivers of Rise of Ransomware in 2020: Ransomware-as-a-Service and Double ExtortionThe key drivers in the rise of ransomware have been double extortion and RaaS.Read More (lien direct) |
Ransomware-as-a-Service and Double ExtortionâRansomware has been a known method for cyber attacks for more than 30 years and has significantly evolved within this timespan. The growth in the number of ransomware attacks in 2020 has marked a pivotal milestone in the ransomware evolution. According to a Check Point study, Global Surges in Ransomware Attacks, in Q3 2020 the daily average of ransomware attacks has increased by 50%, and has specifically increased by 98.1% in the United States. Additionally, the average amount of money requested by attackers in Q3 2020 increased by 178% compared to Q4 of 2019. Supporting this trend, Coalitionâs Cyber Insurance Claims Report stated that more than 40% of the cyber incident claims in Q1 and Q2 2020 were due to ransomware attacks. âTaking into account these statistics, Kovrr has conducted research that included monitoring the activity of trending threats actors, the attacks they were involved with and the victims of these operations through 2020. The research included data from various proprietary and third party data sources including leaked data from the dark web. The research revealed that ransomware attacks have evolved in the following two areas:âMethodology - unlike ransomware attacks witnessed in the past, the last half year of 2020 was characterized by adoption of a new attack method which includes - stealing the companyâs data along with encrypting the attacked companyâs data. This practice is also known as âDouble Extortionâ because the attacker not only encrypts the data but also threatens to publish the companyâs stolen data.  Ransomware as - a - service (RaaS) - a method that recently became popular, which enables potential attackers to purchase already existing ransomware and use it for their desired purposes. âKovrr has researched 16 active âdouble extortionâ ransomware attack campaigns in the last year. Of the campaigns studied, 75% use social engineering (phishing emails) to propagate, while 25% of them involve exploiting a vulnerability in remote access software. In order to fully understand the effect of the ransomware campaigns, Kovrr applied the CRIMZON⢠framework to better analyze and report findings of the research. CRIMZON are an easy to use open framework to measure and understand cyber risk exposure that focus on the minimal elements needed to describe cyber risk accumulation. Elements of the CRIMZON include location, industry, and entity size. Applying the CRIMZON framework to the ransomware campaign research found the top 5 CRIMZON exposed were: âUS_NY_I_S [United States_New York_Services_Small Company]GB_I_S [Great Britain_Services_Small Company] CA_I_S [Canada_Services_Small Company] CA_E_S [Canada_Transportation & Communications_Small Company] US_CA_I_S [United States_California_Services_Small Company]âMost of the attacked companies are located in the U.S. (more than 50% of the targets), followed by Canada, the United Kingdom, Germany and France. Within the U.S., the main states affected were California, Texas, Florida and New York. The industries to which most of the attacked companies belong to are Services (20% of the services category is attributed to educational services), Transportation and Communication, and Manufacturing. âThese findings have a significant impact on the cyber insurance market both in terms of rising claim numbers and entity of the amount claimed. The increase in attacks is more concentrated in particular combinations of location, industry, and entity size (CRIMZON), meaning certain CRIMZON are more susceptible to an attack than others. This paper addresses new ransomware trend characteristics by providing an overview of two major ransomware campaigns encountered in the research; provides examples of ways in which a portfolio can be influenced as a result of the wide a | Threat Ransomware Data Breach Tool Prediction Vulnerability | ★★★ | |
|
2021-02-01 16:15:30 | Data breach exposes 1.6 million Washington unemployment claims (lien direct) | Washington's State Auditor office has suffered a data breach that exposed the personal information in 1.6 million employment claims. [...] | Data Breach | ||
|
2021-02-01 14:21:06 | Florida Medicaid Website Hacked For 7 Rears, Hundreds Of Thousands Affected (lien direct) | Tallahassee-based children Medicaid health plan Florida Healthy Kids Corp. began notifying members on Jan. 27 of a 7-year data breach that exposed the personal information of hundreds of thousands of health plan… | Data Breach | ||
|
2021-01-30 21:37:25 | UScellular data breach: attackers ported customer phone numbers (lien direct) | US wireless carrier UScellular discloses data breach, personal information of customers may have been exposed and their phone numbers ported. US wireless carrier UScellular discloses a data breach that exposed personal information of its customers. United States Cellular Corporation, is the fourth-largest wireless carrier in the United States, with over 4.9 million customers in 426 […] | Data Breach | ||
|
2021-01-29 13:49:51 | USCellular suffers data breach (lien direct) | USCellular has suffered a data breach due to hackers gaining access to their CRM. Once the hackers infiltrated the CRM they were then able to view customers’ accounts and personal data. USCellular stated in a data breach notification filed to the attorney general’s office in Vermont, that the retail store’s employees were victims of a […] | Data Breach | ★★ | |
|
2021-01-29 12:25:41 | Stranded Australians\' Data “unintentionally” Shared (lien direct) | The Australian government admitted to unintentionally sharing sensitive passenger information with one of the department’s consular clients. This data breach occurred on January 24th, in which passenger’s full name, gender, date of birth, email address, passport details (number, expiry, issuing country), Australian citizenship status, phone number, current location, and flight booking reference of those booked […] | Data Breach | ||
 |
2021-01-29 06:56:04 | Sensitive Data Shared with Cloud Services, (Fri, Jan 29th) (lien direct) | Yesterday was the data protection day in Europe[1]. I was not on duty so I'm writing this quick diary a bit late. Back in 2020, the Nitro PDF service suffered from a data breach that impacted many companies around the world. This popular service allows you to create, edit and sign PDF documents. A few days ago, the database leak was released in the wild[2]: 14GB compressed, 77M credentials. | Data Breach | ||
|
2021-01-28 20:07:08 | Threat Modeling and Social Issues (lien direct) | For Data Breach Today, I spoke with Anna Delaney about threat modeling for issues that are in the news right now: “Does your organization have a plan in place if one of your employees is accused via Twitter of being an insurrectionist? If your software was being used to spread plans for a riot, could… | Threat Data Breach | ||
|
2021-01-28 18:41:34 | USCellular hit by a data breach after hackers access CRM software (lien direct) | Mobile network operator USCellular suffered a data breach after hackers gained access to its CRM and viewed customers' accounts. [...] | Data Breach | ||
|
2021-01-28 14:08:06 | VIP Games Data Breach Exposes Millions Of Users\' Data (lien direct) | It has been reported that casual gaming provider VIP Games has suffered a data breach, exposing millions of records relating to users of the service. VIP games have more than 20,000 active… | Data Breach | ||
|
2021-01-28 10:12:36 | Citrix\'s $2.3 million settlement offer for employees impacted by data breach approved (lien direct) | Hackers lurked undetected in company systems for five months. | Data Breach | ||
 |
2021-01-26 12:15:38 | Massive Brazilian Data Breach (lien direct) | I think this is the largest data breach of all time: 220 million people. (Lots more stories are in Portuguese.) | Data Breach | ||
|
2021-01-25 21:08:02 | 2.28M MeetMindful Daters Compromised in Data Breach (lien direct) | The ShinyHunters hacking group offer a raft of information, from location and contact info to dating preferences and bodily descriptions, as a free download. | Data Breach | ||
|
2021-01-25 18:21:00 | San Francisco Law Firm Investigating PupBox Data Breach (lien direct) | Investigation launched after payment card info of 30k PupBox customers exposed | Data Breach | ||
|
2021-01-25 16:02:44 | Clothing Brand Bonobos Informs Users of Data Breach (lien direct) | Menswear brand Bonobos has started informing customers of a data breach that may have resulted in their personal information getting compromised. | Data Breach | ||
|
2021-01-25 13:00:00 | Credential Stuffing: AI\'s Role in Slaying a Hydra (lien direct) | One data breach can lead to another. Because so much of the data stolen in breaches ends up for sale on the dark web, a threat actor can purchase authentication credentials — the emails and passwords — of the organization’s employees without having to steal them directly. With that information in hand, threat actors have […] | Threat Data Breach Guideline | ||
|
2021-01-22 14:11:38 | (Déjà vu) Bonobos clothing store suffers a data breach, hacker leaks 70GB database (lien direct) | Bonobos men's clothing store has suffered a massive data breach exposing millions of customers' personal information after a cloud backup was downloaded by a threat actor. The corporate systems were not breached by the attacker. [...] | Threat Data Breach | ||
|
2021-01-22 14:11:38 | Bonobos clothing store confirms breach after hacker leaks 70GB database (lien direct) | Bonobos men's clothing store has suffered a massive data breach exposing millions of customers' personal information. [...] | Data Breach | ||
|
2021-01-18 20:10:20 | OpenWRT reports data breach after hacker gained access to forum admin account (lien direct) | The OpenWRT wiki, which contains the official download links, was not compromised, the project said. | Data Breach | ||
|
2021-01-18 17:15:00 | Health Insurer Fined $5.1m Over Data Breach (lien direct) | Excellus Health Plan agrees to pay $5.1m to settle HIPAA violation case | Data Breach | ||
|
2021-01-18 13:23:34 | OpenWRT Forum user data stolen in weekend data breach (lien direct) | The administrators of the OpenWRT forum, a large community of enthusiasts of alternative, open-source operating systems for routers, announced a data breach. [...] | Data Breach | ||
|
2021-01-14 17:04:00 | Hy-Vee Data Breach Settlement Proposed (lien direct) | Victims of months-long Hy-Vee data breach could receive $225 each under proposed settlement | Data Breach | ||
|
2021-01-14 15:26:59 | (Déjà vu) British Airways Subject To Lawsuit After Data Breach – Industry Leader Comments (lien direct) | Following news that British Airways is facing a lawsuit for its failure to protect the personal data in 2018, please see the comment below from cybersecurity experts. Following news that British Airways is facing… The ISBuzz Post: This Post British Airways Subject To Lawsuit After Data Breach – Industry Leader Comments | Data Breach Guideline | ||
|
2021-01-13 19:04:00 | Capcom Data Breach May Have Impacted Extra 40k Customers (lien direct) | Gaming company warns ransomware attack may have compromised data of up to 390k customers | Ransomware Data Breach |
To see everything:
Our RSS (filtrered)
