What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2022-09-20 10:48:47 | American Airlines Announce Data Breach Exposing Customer and Staff Information (lien direct) | Earlier today, American Airlines became the latest big-name brand to announce a data breach, after an unauthorized actor compromised employee inboxes. A statement released from the aerospace giant confirmed that the source of the incident was a phishing attack which “led to the unauthorized access to a limited number of team-member mailboxes.” The airline explained that […] | Data Breach | ||
 |
2022-09-19 17:50:19 | American Airlines discloses data breach after employee email compromise (lien direct) | American Airlines has notified customers of a recent data breach after attackers compromised an undisclosed number of employee email accounts and gained access to sensitive personal information. [...] | Data Breach | ||
 |
2022-09-19 16:59:05 | LastPass source code breach – incident response report released (lien direct) | Wondering how you'd handle a data breach report if the worst happened to you? Here's a useful example. | Data Breach | LastPass | |
 |
2022-09-19 13:00:00 | 3 Reasons Why Technology Integration Matters (lien direct) | >As John Donne once wrote, “No man is an island entire of itself.” With digitalization bridging any distance, the same logic could be applied to tech. Threat actors have vast underground forums for sharing their intelligence, while security professionals remain tight-lipped in a lot of data breach cases. Much like the way a vaccine can […] | Data Breach Threat | ||
 |
2022-09-19 10:47:33 | LastPass Found No Code Injection Attempts Following August Data Breach (lien direct) | Password management software provider LastPass says its investigation into the August 2022 data breach has not revealed any attempts to inject malicious code into LastPass software. | Data Breach | LastPass | |
|
2022-09-19 10:13:55 | Revolut hack exposes data of 50,000 users, fuels new phishing wave (lien direct) | Revolut is sending out notices of a data breach to a small percentage of impacted users, informing them of a security incident where an unauthorized third party accessed internal data. [...] | Data Breach Hack | ||
|
2022-09-17 10:12:14 | New York ambulance service discloses data breach after ransomware attack (lien direct) | Empress EMS (Emergency Medical Services), a New York-based emergency response and ambulance service provider, has disclosed a data breach that exposed customer information. [...] | Ransomware Data Breach | ||
 |
2022-09-16 14:07:13 | Massive Data Breach at Uber (lien direct) | It’s big: The breach appeared to have compromised many of Uber’s internal systems, and a person claiming responsibility for the hack sent images of email, cloud storage and code repositories to cybersecurity researchers and The New York Times. “They pretty much have full access to Uber,” said Sam Curry, a security engineer at Yuga Labs who corresponded with the person who claimed to be responsible for the breach. “This is a total compromise, from what it looks like.” It looks like a pretty basic phishing attack; someone gave the hacker their login credentials. And because Uber has lousy internal security, lots of people have access to everything. So once a hacker gains a foothold, they have access to everything... | Data Breach Hack | Uber Uber | |
|
2022-09-16 11:53:37 | Hacker sells stolen Starbucks data of 219,000 Singapore customers (lien direct) | The Singapore division of Starbucks, the popular American coffeehouse chain, has admitted that it suffered a data breach incident impacting over 219,000 of its customers. [...] | Data Breach | ||
|
2022-09-16 09:22:19 | Uber Investigating Data Breach After Hacker Claims of Extensive Compromise (lien direct) | 
Uber “responding to a cybersecurity incident” after hacker claims to have breached several systems
|
Data Breach | Uber | |
 |
2022-09-16 03:46:00 | Uber responding to “cybersecurity incident” following reports of significant data breach (lien direct) | Ride-hailing giant Uber has confirmed that it is responding to a cybersecurity incident as reports emerge that the firm has suffered a significant network data breach forcing it to shut down several internal communications and engineering systems.Attacker announces Uber breach through compromised Slack account In a statement on Twitter, Uber wrote “We are currently responding to a cybersecurity incident. We are in touch with law enforcement and will post additional updates here as they become available.” While details from the company are currently sparse, a report by the New York Times on Thursday claimed that a hacker was able to compromise an employee's Slack account and used it to send a message to Uber employees announcing that the company had suffered a data breach.To read this article in full, please click here | Data Breach | Uber Uber | |
 |
2022-09-15 10:00:00 | Cyber threat hunting for SMBs: How MDR can help (lien direct) | >Categories: BusinessThreat hunting can weed out malware before anything bad like a data breach can happen, but cyber threat hunting is more difficult for SMBs to do than it is for large organizations due to resource constraints. That's where Managed Detection and Response (MDR) can help. (Read more...) | Data Breach Malware Threat | ||
|
2022-09-13 09:42:44 | U-Haul Says Customer Data Accessed Using Compromised Credentials (lien direct) | Moving and storage giant U-Haul has started informing customers of a data breach impacting some of their personal information. On Friday, U-Haul began sending notification letters to potentially impacted customers to inform them that compromised credentials were used to access some of their data without authorization. | Data Breach | ||
 |
2022-09-12 19:05:42 | Cisco Data Breach Attributed to Lapsus$ Ransomware Group (lien direct) | Analysis shows attackers breached employee credentials with voice phishing and were preparing a ransomware attack against Cisco Systems. | Ransomware Data Breach | ||
|
2022-09-12 16:28:35 | U-Haul discloses data breach exposing customer driver licenses (lien direct) | Moving and storage giant U-Haul International (U-Haul) disclosed a data breach after a customer contract search tool was hacked to access customers' names and driver's license information. [...] | Data Breach Tool | ||
 |
2022-09-10 13:00:00 | Hackers Target Los Angeles School District With Ransomware (lien direct) | Plus: Albania cuts ties with Iran, claims of a TikTok data breach that didn't happen, and much more. | Ransomware Data Breach | ||
 |
2022-09-09 20:04:34 | Impact of Samsung\'s most recent data breach unknown (lien direct) | >The lack of transparency could be cause for concern, but the data that was stolen is not high value. | Data Breach | ||
 |
2022-09-09 19:00:00 | 6 Top API Security Risks! Favored Targets for Attackers If Left Unmanaged (lien direct) | Security threats are always a concern when it comes to APIs. API security can be compared to driving a car. You must be cautious and review everything closely before releasing it into the world. By failing to do so, you're putting yourself and others at risk. API attacks are more dangerous than other breaches. Facebook had a 50M user account affected by an API breach, and an API data breach on | Data Breach | ||
 |
2022-09-08 14:18:20 | Uber\'s Ex-security Officer Facing Criminal Charges After Data Breach (lien direct) | It has been reported that Uber's former security officer, Joe Sullivan, is standing trial this week in what is believed to be the first case of an executive facing criminal charges in relation to a data breach. The US district court in San Francisco will start hearing arguments on whether Sullivan, the former head of security at the […] | Data Breach | Uber | |
|
2022-09-07 10:00:00 | The Cost of a Data Breach for Government Agencies (lien direct) | >What happens when attackers breach local government, police departments or public health services? What would happen if attackers compromised the U.S. Treasury’s network? These types of incidents happen every month and lead to service interruptions at the very least. More serious problems could occur, such as leakage of classified data or damage to critical infrastructure. […] | Data Breach Guideline | ||
 |
2022-09-06 21:14:00 | 10 Reasons Why Your Organization Needs Penetration Testing (lien direct) |
Suffering a data breach can be one of the most financially devastating events to happen to your organization - period. According to CNET, the data breach of T-Mobile in July of 2021 will cost the company $350 million dollars in payouts. |
Data Breach | ★★★★★ | |
|
2022-09-06 06:46:28 | Samsung US Says Customer Data Compromised in July Data Breach (lien direct) | Just before the Labor Day holiday weekend, electronics giant Samsung US announced that the personal information of some customers was compromised in a July data breach. As part of the incident, which was identified roughly a month ago, an unauthorized third party gained access to some of Samsung's US systems and exfiltrated information stored on them. | Data Breach | ||
|
2022-09-05 20:29:00 | TikTok Denies Data Breach Reportedly Exposing Over 2 Billion Users\' Information (lien direct) | Popular short-form social video service TikTok denied reports that it was breached by a hacking group, after it claimed to have gained access to an insecure cloud server. "TikTok prioritizes the privacy and security of our users' data," the ByteDance-owned company told The Hacker News. "Our security team investigated these claims and found no evidence of a security breach." The denial follows | Data Breach | ||
 |
2022-09-05 18:03:10 | TikTok denies data breach following leak of user data (lien direct) | >Threat actors published a sample of data allegedly stolen from TikTok, but the company denies it was breached. The hacking collective AgainstTheWest recently published a post on Breach Forums message board claiming to have hacked TikTok and stolen source code and user data. The group published screenshots of an alleged stolen data, it claims to […] | Data Breach | ||
|
2022-09-05 12:25:30 | TikTok Faces Accusations Of Data Breach (lien direct) | As reported by Bloomberg, on Monday, several cybersecurity analysts tweeted about the discovery of what was purportedly a breach of an insecure server that allowed access to TikTok's storage, which they believe contained personal user data. Only days earlier, Microsoft Corp. said it had found a “high-severity vulnerability” in TikTok's Android application, “which would have […] | Data Breach | ||
|
2022-09-05 09:50:57 | Samsung Hit By Data Breach (lien direct) | In Late July, an undisclosed number of Samsung customers in the US had their personal information accessed by an unauthorised user. Samsung, the Korean electronics giant, said that it discovered the breach on 4th August 2022. It has since secured the affected systems, engaged a third-party security firm and contacted law enforcement. A statement issued […] | Data Breach | ||
 |
2022-09-05 09:15:00 | Samsung Reveals New US Data Breach (lien direct) | Personal info of "certain customers" was affected | Data Breach | ||
|
2022-09-05 05:04:00 | Samsung reports second data breach in 6 months (lien direct) | Samsung has opened up about a data breach it detected on or around August 4, affecting the personal information of some of its customers.“In late July 2022, an unauthorized third party acquired information from some of Samsung's US systems. On or around August 4, 2022, we determined through our ongoing investigation that personal information of certain customers was affected,” Samsung said in a statement. The company said that the issue did not impact social security numbers or credit and debit card numbers, but in some cases, may have affected information such as name, contact and demographic information, date of birth, and product registration information. Affected customers could be impacted at varied levels, the company said. However, Samsung did not reveal how many customers were affected by the incident. To read this article in full, please click here | Data Breach | ||
 |
2022-09-05 03:00:00 | 10 Things Your Workforce Can Do To Support Your Company\'s Security Health (lien direct) | >The biggest cyber security threat that businesses have to tackle is much closer than you'd think. Verizon's 2022 Data Breach Investigations report – found human error to be a key driver in 82% of breaches, which is why it is crucial for businesses to address cyber security awareness in the workplace and ensure that employees […]… Read More | Data Breach Threat | ||
|
2022-09-03 09:47:00 | Samsung Admits Data Breach that Exposed Details of Some U.S. Customers (lien direct) | South Korean chaebol Samsung on Friday said it experienced a cybersecurity incident that resulted in the unauthorized access of some customer information, the second time this year it has reported such a breach. "In late July 2022, an unauthorized third-party acquired information from some of Samsung's U.S. systems," the company disclosed in a notice. "On or around August 4, 2022, we determined | Data Breach | ★★ | |
|
2022-09-02 22:38:44 | (Déjà vu) Samsung discloses a second data breach this year (lien direct) | >Electronics giant Samsung has confirmed a new data breach after some of its US systems were compromised in July. After the attack that hit the company in late July 2022, Samsung disclosed a data breach. The Electronics giant discovered on August 4 that threat actors have had access to its systems and exfiltrated customer personal […] | Data Breach Threat | ||
|
2022-09-02 13:23:29 | Samsung discloses data breach after July hack (lien direct) | Electronics giant Samsung has confirmed a new data breach today after some of its U.S. systems were hacked to steal customer data. [...] | Data Breach Hack | ||
 |
2022-09-01 13:04:51 | Protecting Public Sector Employees from Identity Theft (lien direct) | >
When a data breach or cyberattack compromises an employee's identity information, the impact on the individual is clear. Recovery takes time, money and often an emotional toll on victims. What might be underestimated is how their employers are affected. Giving employees the tools to protect their identity information in the wake of a breach - […]
|
Data Breach | ||
|
2022-09-01 07:14:28 | Neopets says hackers had access to its systems for 18 months (lien direct) | Neopets has released details about the recently disclosed data breach incident that exposed personal information of more than 69 million members. [...] | Data Breach | ||
|
2022-09-01 06:14:00 | BrandPost: How to Avoid Cloud Misconfigurations (lien direct) | Organizations with cloud workloads need to protect themselves against a variety of risks. While most organizations focus on security against attackers, breaches resulting from simple misconfigurations can be just as commonplace.For instance, the 2022 Verizon Data Breach Investigation Report (DBIR) found that cloud misconfigurations pose an ongoing threat to organizations. Error, especially misconfigured cloud storage, factored in 13% of data breaches analyzed by Verizon this year.To read this article in full, please click here | Data Breach Threat | ||
|
2022-08-31 14:08:19 | Nelnet Data Breach Exposes Millions Of Student Loan Accounts (lien direct) | The Office of the Maine Attorney General said in a filing this week, that PII data of over 2.5 million people that had taken out student loans with either the Oklahoma Student Loan Authority (OSLA) or EdFinancial was exposed in a data breach. The breach affected Nelnet Servicing, a Nebraska-based technology services that provides web […] | Data Breach | ||
 |
2022-08-31 10:00:00 | How does robust cybersecurity add value to a business? (lien direct) | This blog was written by an independent guest blogger. A company’s IT infrastructure and data are some of its most valuable assets today. Consequently, protecting them is an increasingly critical goal to stave off worst-case scenarios and preserve a business’s value. By the same token, robust cybersecurity can make a company more valuable. Many organizations understand the importance of cybersecurity as a defense but may overlook its role as an asset. IT security will become a more important differentiator as cybercrime rises and digital systems play a more central role in business. Here’s a closer look at how stronger cybersecurity adds value to a company. Reduced expenses Maintaining robust cybersecurity requires additional spending, but it actually lowers expenses in the long run. The average data breach cost $4.35 million as of 2022, a figure that keeps rising over time. Stronger cybersecurity prevents these costly events, improving a company’s bottom line. Cyberattacks are too common to assume you’ll never encounter one, either. These attacks happen every 39 seconds, and more than half of all businesses have experienced some kind of security incident. A company will suffer an attack without reliable cybersecurity, and it will be costly. Consequently, stopping them is a critical part of lowering long-term expenses. Added resilience A more robust cybersecurity strategy will also make a business more resilient. Part of that stems from preventing attacks. Fewer successful hacks mean less disruption, leading to increased uptime and productivity. However, even if a breach does occur, companies will be more likely to survive it with strong cybersecurity. On average, companies employing security AI lose $3.05 million less in data breaches than those without it. Similarly, zero-trust architecture saves $1 million in a hack. These reduced costs ensure businesses recover faster, in some cases avoiding bankruptcy, making them more valuable. Lower risks The reduced chances of a breach and lowered costs translate into fewer risks for investors or potential partners. Many business valuation methods adjust rates based on risk or liability. As a result, the fewer financial threats a company poses to potential buyers or investors, the more valuable it is. Cyber-risks are some of the most important of these factors today, so more valuation methods will look at them to determine business value. That applies to formal valuations from investors, tax officials and other companies looking for potential partners. Given the rising likelihood of third-party breaches, more businesses today will judge whether a partner is worth it by their cyber-risks. Increased customer confidence Robust cybersecurity will also improve a business’s reputation among customers. Between 80%-90% of consumers say they wished there were more companies they could trust with their data, and 84% will switch over data concerns. If businesses don’t have strong security, it could drive customers away, dropping their market value, but better security could have the opposite effect. These trends apply to B2B markets, too. Businesses seeking to improve their own security to attract and retain customers will require stronger cybersecurity from their partners and vendors. Consequently, B2Bs that can promise increased security will be more valuable to potential clients. Cybersecurity is a crucial business value | Data Breach Guideline | ||
|
2022-08-31 08:00:52 | Russian streaming platform Start discloses a data breach impacting 7.5M users (lien direct) | >The Russian subscription-based streaming service Start discloses a data breach affecting 7.5 million users. The Russian media streaming platform START disclosed a data breach that impacted 7.5 millions of its users. According to the company, the attackers stole a 2021 database from its infrastructure and also shared a samples online to demonstrate the authenticity of […] | Data Breach | ||
|
2022-08-30 16:15:18 | Russian streaming platform confirms data breach affecting 7.5M users (lien direct) | Russian media streaming platform 'START' (start.ru) has confirmed rumors of a data breach impacting millions of users. [...] | Data Breach | ||
|
2022-08-30 13:22:35 | 2.5 Million Impacted by Data Breach at Nelnet Servicing (lien direct) | The data of more than 2.5 million individuals was compromised in a recent data breach at technology services provider Nelnet Servicing. The impacted individuals have taken student loans from Edfinancial and OSLA, which have contracted Nelnet for various services, including an online portal that student loan borrowers can use to access their accounts. | Data Breach | ||
|
2022-08-30 12:30:30 | NATO Investigates Security Breach (lien direct) | It has been announced that Nato is assessing the impact of a data breach of classified military documents being sold by a hacker group online. | Data Breach | ||
|
2022-08-29 20:38:02 | What Can We Learn From The OpenSea Data Breach? (lien direct) | Access has always been a conundrum for security professionals. The level of access privileges you give to your employees exposes you to insider threats. The recent data breach faced by OpenSea exposes another layer of risk: third-party vendors, after the web3.0 marketplace's supplier, customer.io, was found to be responsible for a breach that saw the […] | Data Breach | ||
 |
2022-08-29 16:27:31 | GUEST ESSAY: Stolen logons, brute force hacking get used the most to breach web, email servers (lien direct) | Web application attacks directed at organizations’ web and mail servers continue to take the lead in cybersecurity incidents. Related: Damage caused by ‘business logic’ hacking This is according to Verizon’s latest 2022 Data Breach Investigations Report (DBIR). In … (more…) | Data Breach Guideline | ||
|
2022-08-29 11:00:00 | Twilio data breach turns out to be more elaborate than suspected (lien direct) | >Categories: NewsTags: twilio Tags: okta Tags: Authy Tags: Signal Tags: Cloudflare Tags: MailChimp Tags: Klaviyo Tags: scatter swine Tags: oktapus Tags: 2fa Tags: otp Even if you don't know a thing about Twilio, you may have been affected by their data breach. (Read more...) | Data Breach | ||
|
2022-08-29 04:19:00 | Facebook agrees to settle class action lawsuit related to Cambridge Analytica data breach (lien direct) | Facebook parent Meta Platforms agreed Friday to settle a class action lawsuit seeking damages for allowing British political consulting firm Cambridge Analytica access to the private data of tens of millions of Facebook users. The settlement will spare CEO Marc Zuckerberg an embarrassing court appearance to defend his company.Lawyers acting for the plaintiffs and for Facebook filed a joint request with the US District Court for the Northern District of California on Friday, asking the judge to put the class action on hold for sixty days while the two parties finalized a written settlement for an as-yet undisclosed amount. The high profile lawsuit has been running for over four years and claims that Facebook shared data of millions of US voters with Cambridge Analytica.To read this article in full, please click here | Data Breach | ||
 |
2022-08-29 00:00:00 | Le nouveau certificat de cybersécurité offre aux PME une voie vers une plus grande résilience commerciale et un sauvetage en ligne New cyber security certificate offers SMEs a pathway to greater business resilience and online savviness (lien direct) |
Chair of Cybersecurity in Munster Technological University, Dr. Donna O\'Shea, and Head of School of Informatics & Cybersecurity at TU Dublin, Dr. Anthony Keane contributed to this article in the Independent.ie In recent years, cyber security has emerged as a key issue for businesses in Ireland and across the world. Small enterprises are exposed to the same digital threats as larger businesses, but may lack the resources to defend themselves. It has been estimated that almost half of SMEs that suffer a serious cyber attack can go out of business within months. Enhanced cyber security is a matter of great societal importance, because SMEs operating in myriad industries such as retail, health care and construction are the backbone of the Irish economy. They constitute 99pc of all businesses and account for more than half of EU Gross Domestic Product (GDP). SMEs play a vital role in adding value to all sector of the economy, but they may lack essential skills on how to protect their businesses, which are often heavily dependent on digital systems that are vulnerable to cyber-attacks. The urgency of addressing this skills gap was highlighted by the COVID-19 pandemic, which forced many businesses online, exposing them to a higher risk of cyber attacks with little support available. Irish businesses operating online often possess a low cyber security awareness, have inadequate knowledge of GDPR requirements in the protection of critical and sensitive information, and have a low level of Information and Communications Technology (ICT) skills to protect their business. They can also experience significant budgetary constraints that lead them to view cyber security as a relatively significant cost, rather than an important investment in their business resilience. In addition, many SMEs have direct and indirect business relationships with larger organisations. For this reason, cyber criminals often focus on SMEs as a gateway into the larger organisations, knowing that these smaller businesses\' cyber awareness and defensive structures are typically less robust than those of the criminals\' larger targets. Recently, the National Cyber Security Centre (NCSC) and the Garda National Crime Bureau have written to the Small Firms Association to warn business owners of the ongoing series of ransomware attacks. They have observed a growing trend of small and medium sized enterprises being targeted by cybercrime groups with ransomware malicious software that is designed to block access to a computer system. Another common cyber crime tactic is threatening to leak sensitive stolen data until a sum of money is paid. The NCSC said it has noticed a change in tactics whereby hackers are now turning their attention away from big business and Government departments, towards smaller businesses. Providing businesses with cyber skills Professor Donna O\'Shea is Chair of Cybersecurity in Munster Technological University and currently leads a Higher Education Authority (HEA) Human Capital Initiative (HCI) project called CYBER-SKILLS: a nationally funded project in collaboration with University of Limerick, Technological University (TU) Dublin, and Commonwealth Cyber Initiative, Virginia Tech U.S. This ground-breaking initiative aims to address the cybersecurity skills challenge in Irish SMEs. Prof. O\'Shea says, “Growing up, my family owned an electrical retail store, so I really understood the challenges that small businesses face, their limitations in terms of time and how cost can sometimes be a barrier. When designing the course Certificate in Cybersecurity for Business for CYBER-SKILLS, we really wanted a pathway to be open to everyone and we wanted to reduce the barriers to participating in the course, by reducing the cost, making it flexible in delivery, focusing on applied skills and providing the essential necessary knowledge and skills to protect small businesses everywhere against cyber attacks.” Irish professionals and businesses have expressed a growing interest in cybersecurity courses and careers, as borne out by the recen | Ransomware Data Breach Malware Patching Prediction Cloud | ★★ | |
|
2022-08-28 23:15:00 | Key Points from the IBM Cost of a Data Breach Report 2022 (lien direct) | >The volume and impact of data breaches have accelerated largely in 2022, which has contributed to many adverse effects for businesses. Tc highlights several updated factors that have generated great costs across 17 countries and regions, and 17 industries. The report has included new related areas of analysis such as: Extended Detection and Response (XDR). […]… Read More | Data Breach | ||
|
2022-08-26 15:30:34 | (Déjà vu) DoorDash discloses new data breach tied to Twilio hackers (lien direct) | Food delivery firm DoorDash has disclosed a data breach exposing customer and employee data that is linked to the recent cyberattack on Twilio. [...] | Data Breach | ★★★★ | |
|
2022-08-26 15:30:34 | DoorDash discloses new data breach tied to Twilio hack (lien direct) | Food delivery firm DoorDash has disclosed a data breach exposing customer and employee data that is linked to the recent cyberattack on Twilio. [...] | Data Breach Hack | ||
|
2022-08-25 20:05:19 | LastPass Says Source Code Stolen in Data Breach (lien direct) | Password management software firm LastPass has suffered a data breach that led to the theft of source code and proprietary technical information. | Data Breach | LastPass |
To see everything:
Our RSS (filtrered)
