What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2023-12-21 16:23:00 | Coût d'un rapport de violation de données 2023: idées, atténuateurs et meilleures pratiques Cost of a Data Breach Report 2023: Insights, Mitigators and Best Practices (lien direct) |
John Hanley d'IBM Security partage 4 conclusions clés du coût annuel très acclamé d'un rapport de violation de données 2023
Quel est le coût IBM d'un rapport de violation de données?
L'IBM Coût d'un rapport de violation de données est un rapport annuel qui fournit aux organisations des informations quantifiables sur les impacts financiers des violations.Avec ces données, ils peuvent prendre des décisions axées sur les données sur la façon dont ils mettent en œuvre
John Hanley of IBM Security shares 4 key findings from the highly acclaimed annual Cost of a Data Breach Report 2023 What is the IBM Cost of a Data Breach Report? The IBM Cost of a Data Breach Report is an annual report that provides organizations with quantifiable information about the financial impacts of breaches. With this data, they can make data driven decisions about how they implement |
Data Breach | ★ | |
|
2023-11-28 16:43:00 | Comment les pirates Phish pour vos utilisateurs \\ 'des informations d'identification et les vendent How Hackers Phish for Your Users\\' Credentials and Sell Them (lien direct) |
Les informations d'identification du compte, un vecteur d'accès initial populaire, sont devenus une marchandise précieuse dans la cybercriminalité.En conséquence, un seul ensemble d'identification volées peut mettre en danger le réseau entier de votre organisation.
Selon le rapport d'enquête sur les violations de données de Verizon de 2023, les parties externes étaient responsables de 83% des violations survenues entre novembre 2021 et octobre 2022. Quarante-neuf
Account credentials, a popular initial access vector, have become a valuable commodity in cybercrime. As a result, a single set of stolen credentials can put your organization\'s entire network at risk. According to the 2023 Verizon Data Breach Investigation Report, external parties were responsible for 83 percent of breaches that occurred between November 2021 and October 2022. Forty-nine |
Data Breach | ★★ | |
|
2023-11-14 17:26:00 | L'importance de la surveillance continue de la sécurité pour une stratégie de cybersécurité robuste The Importance of Continuous Security Monitoring for a Robust Cybersecurity Strategy (lien direct) |
En 2023, le coût moyen mondial d'une violation de données a atteint 4,45 millions de dollars.Au-delà de la perte financière immédiate, il y a des conséquences à long terme comme une diminution de la confiance des clients, une valeur de marque affaiblie et des opérations commerciales déraillées.
Dans un monde où la fréquence et le coût des violations de données montent en flèche, les organisations se retrouvent face à face avec une dure réalité: la cybersécurité traditionnelle
In 2023, the global average cost of a data breach reached $4.45 million. Beyond the immediate financial loss, there are long-term consequences like diminished customer trust, weakened brand value, and derailed business operations. In a world where the frequency and cost of data breaches are skyrocketing, organizations are coming face-to-face with a harsh reality: traditional cybersecurity |
Data Breach | ★★★ | |
|
2023-11-04 11:33:00 | La récente violation des données du support client d'Okta \\ a eu un impact sur 134 clients Okta\\'s Recent Customer Support Data Breach Impacted 134 Customers (lien direct) |
Vendredi, le fournisseur de gestion de l'identité et de l'authentification a révélé vendredi que le récent système de gestion des cas de support a affecté 134 de ses 18 400 clients.
Il a en outre noté que l'intrus non autorisé a eu accès à ses systèmes du 28 septembre au 17 octobre 2023 et a finalement accédé à des fichiers HAR contenant des jetons de session qui pourraient être utilisés pour les attaques de détournement de session.
"Le
Identity and authentication management provider Okta on Friday disclosed that the recent support case management system breach affected 134 of its 18,400 customers. It further noted that the unauthorized intruder gained access to its systems from September 28 to October 17, 2023, and ultimately accessed HAR files containing session tokens that could be used for session hijacking attacks. "The |
Data Breach | ★★★ | |
|
2023-10-18 09:11:00 | D-Link confirme la violation des données: l'employé est victime d'attaque de phishing D-Link Confirms Data Breach: Employee Falls Victim to Phishing Attack (lien direct) |
Le fabricant d'équipements de réseautage taïwanais D-Link a confirmé une violation de données qui a conduit à l'exposition de ce qu'il a dit être "des informations à faible sensibilité et semi-publiques".
"Les données ont été confirmées non pas du cloud mais proviennent probablement d'un ancien système D-View 6, qui a atteint sa fin de vie dès 2015", a indiqué la société.
"Les données ont été utilisées à des fins d'enregistrement à l'époque. Jusqu'à présent, non
Taiwanese networking equipment manufacturer D-Link has confirmed a data breach that led to the exposure of what it said is "low-sensitivity and semi-public information." "The data was confirmed not from the cloud but likely originated from an old D-View 6 system, which reached its end of life as early as 2015," the company said. "The data was used for registration purposes back then. So far, no |
Data Breach Cloud | ★★ | |
|
2023-09-15 16:43:00 | L'interdépendance entre la collection automatisée des renseignements sur les menaces et les humains The Interdependence between Automated Threat Intelligence Collection and Humans (lien direct) |
Le volume des vulnérabilités de la cybersécurité augmente, avec près de 30% de vulnérabilités supplémentaires trouvées en 2022 contre 2018. Les coûts augmentent également, avec une violation de données en 2023 coûtant 4,45 millions de dollars en moyenne contre 3,62 millions de dollars en 2017.
Au deuxième trimestre 2023, un total de 1386 victimes ont été réclamées par des attaques de ransomwares contre seulement 831 au premier tri
The volume of cybersecurity vulnerabilities is rising, with close to 30% more vulnerabilities found in 2022 vs. 2018. Costs are also rising, with a data breach in 2023 costing $4.45M on average vs. $3.62M in 2017. In Q2 2023, a total of 1386 victims were claimed by ransomware attacks compared with just 831 in Q1 2023. The MOVEit attack has claimed over 600 victims so far and that number is still |
Ransomware Data Breach Vulnerability Threat | ★★★ | |
|
2023-08-16 17:27:00 | Quel est l'état du vol d'identification en 2023? What\\'s the State of Credential theft in 2023? (lien direct) |
À un peu à mi-chemin de 2023, le vol d'identification est toujours une épine majeure dans les équipes de l'informatique.Le cœur du problème est la valeur des données aux cybercriminels et l'évolution des techniques qu'ils utilisent pour en savoir plus.Le rapport sur les enquêtes sur les violations de données de Verizon 2023 (DBIR) a révélé que 83% des violations impliquaient des acteurs externes, presque toutes les attaques étaient motivées financières
At a little overt halfway through 2023, credential theft is still a major thorn in the side of IT teams. The heart of the problem is the value of data to cybercriminals and the evolution of the techniques they use to get hold of it. The 2023 Verizon Data Breach Investigations Report (DBIR) revealed that 83% of breaches involved external actors, with almost all attacks being financially motivated |
Data Breach | ★ | |
|
2023-07-28 10:37:00 | Les agences de cybersécurité mettent en garde contre les bogues IDOR exploités pour les violations de données Cybersecurity Agencies Warn Against IDOR Bugs Exploited for Data Breaches (lien direct) |
Les agences de cybersécurité en Australie et aux États-Unis ont publié un avertissement conjoint de conseil en cybersécurité contre les défauts de sécurité dans les applications Web qui pourraient être exploités par des acteurs malveillants pour orchestrer les incidents de violation de données et voler des données confidentielles.
Cela inclut une classe spécifique de bogues appelés référence d'objet direct insécurité (IDOR), un type de défaut de contrôle d'accès qui se produit lorsqu'un
Cybersecurity agencies in Australia and the U.S. have published a joint cybersecurity advisory warning against security flaws in web applications that could be exploited by malicious actors to orchestrate data breach incidents and steal confidential data. This includes a specific class of bugs called Insecure Direct Object Reference (IDOR), a type of access control flaw that occurs when an |
Data Breach | ★★ | |
|
2023-05-04 16:45:00 | Pourquoi les choses que vous ne savez pas sur le Web sombre sont peut-être votre plus grande menace de cybersécurité Why the Things You Don\\'t Know about the Dark Web May Be Your Biggest Cybersecurity Threat (lien direct) |
Les équipes informatiques et de cybersécurité sont tellement inondées de notifications de sécurité et d'alertes dans leurs propres systèmes, il est difficile de surveiller les environnements malveillants externes & # 8211;ce qui ne fait que les rendre beaucoup plus menaçants.
En mars, une violation de données de haut niveau a fait la une des journaux nationaux lorsque des informations personnellement identifiables liées à des centaines de législateurs et de personnel ont été divulguées sur la toile sombre.Le
IT and cybersecurity teams are so inundated with security notifications and alerts within their own systems, it\'s difficult to monitor external malicious environments – which only makes them that much more threatening. In March, a high-profile data breach hit national headlines when personally identifiable information connected to hundreds of lawmakers and staff was leaked on the dark web. The |
Data Breach Threat | ★★ | |
|
2023-04-14 15:52:00 | Kodi confirme la violation des données: 400k enregistrements d'utilisateurs et messages privés volés Kodi Confirms Data Breach: 400K User Records and Private Messages Stolen (lien direct) |
Le fournisseur de logiciels de lecteur multimédia open source Kodi a confirmé une violation de données après que les acteurs de menace ont volé la base de données MYBB Forum de la société contenant des données utilisateur et des messages privés.
Ce qui est de plus, les acteurs de la menace inconnue ont tenté de vendre le vidage de données comprenant 400 635 utilisateurs de Kodi sur le marché cybercriminal BreachForums maintenant défond.
"Les journaux d'administration MYBB montrent le compte de confiance mais actuellement
Open source media player software provider Kodi has confirmed a data breach after threat actors stole the company\'s MyBB forum database containing user data and private messages. What\'s more, the unknown threat actors attempted to sell the data dump comprising 400,635 Kodi users on the now-defunct BreachForums cybercrime marketplace. "MyBB admin logs show the account of a trusted but currently |
Data Breach Threat | ★★ | |
|
2023-04-03 17:11:00 | Western numérique frappé par la violation de la sécurité du réseau - Services critiques perturbés! Western Digital Hit by Network Security Breach - Critical Services Disrupted! (lien direct) |
Les périphériques de stockage de données, Western Digital, ont révélé lundi un "incident de sécurité du réseau" qui impliquait un accès non autorisé à ses systèmes.
La violation aurait eu lieu le 26 mars 2023, permettant à un tiers sans nom d'avoir accès à un "nombre de systèmes de la société \\".
Après la découverte du piratage, Western Digital a déclaré avoir lancé des efforts de réponse aux incidents et enrôlé
Data storage devices maker Western Digital on Monday disclosed a "network security incident" that involved unauthorized access to its systems. The breach is said to have occurred on March 26, 2023, enabling an unnamed third party to gain access to a "number of the company\'s systems." Following the discovery of the hack, Western Digital said it has initiated incident response efforts and enlisted |
Data Breach General Information | ★★ | |
|
2023-03-30 17:51:00 | Nouveau défaut de sécurité du protocole Wi-Fi affectant les appareils Linux, Android et iOS [New Wi-Fi Protocol Security Flaw Affecting Linux, Android and iOS Devices] (lien direct) | Un groupe d'universitaires de la Northeastern University et Ku Leuven a révélé une faille de conception fondamentale dans la norme du protocole Wi-Fi IEEE 802.11, ce qui a un impact sur un large éventail d'appareils exécutant Linux, FreeBSD, Android et iOS.
L'exploitation réussie de la lacune pourrait être abusée pour détourner les connexions TCP ou intercepter le trafic client et Web, les chercheurs Domien Schepers, Aanjhan Ranganathan,
A group of academics from Northeastern University and KU Leuven has disclosed a fundamental design flaw in the IEEE 802.11 Wi-Fi protocol standard, impacting a wide range of devices running Linux, FreeBSD, Android, and iOS. Successful exploitation of the shortcoming could be abused to hijack TCP connections or intercept client and web traffic, researchers Domien Schepers, Aanjhan Ranganathan, |
Data Breach Vulnerability Threat | ★★★ | |
|
2023-03-15 15:13:00 | The Different Methods and Stages of Penetration Testing (lien direct) | The stakes could not be higher for cyber defenders. With the vast amounts of sensitive information, intellectual property, and financial data at risk, the consequences of a data breach can be devastating. According to a report released by Ponemon institute, the cost of data breaches has reached an all-time high, averaging $4.35 million in 2022. Vulnerabilities in web applications are often the | Data Breach | ★★★ | |
|
2023-03-07 11:51:00 | LastPass Hack: Engineer\'s Failure to Update Plex Software Led to Massive Data Breach (lien direct) | The massive breach at LastPass was the result of one of its engineers failing to update Plex on their home computer, in what's a sobering reminder of the dangers of failing to keep software up-to-date. The embattled password management service last week revealed how unidentified actors leveraged information stolen from an earlier incident that took place prior to August 12, 2022, along with | Data Breach | LastPass LastPass | ★★ |
|
2023-02-28 11:46:00 | LastPass Reveals Second Attack Resulting in Breach of Encrypted Password Vaults (lien direct) | LastPass, which in December 2022 disclosed a severe data breach that allowed threat actors to access encrypted password vaults, said it happened as a result of the same adversary launching a second attack on its systems. The company said one of its DevOps engineers had their personal home computer breached and infected with a keylogger as part of a sustained cyber attack that exfiltrated | Data Breach Threat | LastPass | ★ |
|
2023-02-08 20:30:00 | Sydney Man Sentenced for Blackmailing Optus Customers After Data Breach (lien direct) | A Sydney man has been sentenced to an 18-month Community Correction Order (CCO) and 100 hours of community service for attempting to take advantage of the Optus data breach last year to blackmail its customers. The unnamed individual, 19 when arrested in October 2022 and now 20, used the leaked records stolen from the security lapse to orchestrate an SMS-based extortion scheme. The suspect | Data Breach | ★★ | |
|
2023-01-26 19:51:00 | Is Once-Yearly Pen Testing Enough for Your Organization? (lien direct) | Any organization that handles sensitive data must be diligent in its security efforts, which include regular pen testing. Even a small data breach can result in significant damage to an organization's reputation and bottom line. There are two main reasons why regular pen testing is necessary for secure web application development: Security: Web applications are constantly evolving, and new | Data Breach | ★★ | |
|
2022-10-12 16:33:00 | 64,000 Additional Patients Impacted by Omnicell Data Breach - What is Your Data Breach Action Plan? (lien direct) | In April 2022, Omnicell reported a data breach affecting nearly 62,000 patients. The company has revealed that the incident has impacted an additional 64,000 individuals. This brings the total number of patients affected to over 126,000. Will you be the next victim like Omnicell? If you are overlooking the importance of data protection, attackers can get you in no time. Explore the impact of | Data Breach | ||
|
2022-10-06 13:55:00 | 19-Year-Old Teen Arrested for Using Leaked Optus Breach Data in SMS Scam (lien direct) | The Australian Federal Police (AFP) has arrested a 19-year-old teen from Sydney for allegedly attempting to leverage the data leaked following the Optus data breach late last month to extort victims. The suspect is said to have carried out a text message blackmail scam, demanding that the recipients transfer $2,000 to a bank account or risk getting their personal information misused for | Data Breach | ||
|
2022-10-06 12:27:00 | Former Uber Security Chief Found Guilty of Data Breach Coverup (lien direct) | A U.S. federal court jury has found former Uber Chief Security Officer Joseph Sullivan guilty of not disclosing a 2016 breach of customer and driver records to regulators and attempting to cover up the incident. Sullivan has been convicted on two counts: One for obstructing justice by not reporting the incident and another for misprision. He faces a maximum of five years in prison for the | Data Breach | Uber Uber | |
|
2022-10-05 18:00:00 | Telstra Telecom Suffers Data Breach Potentially Exposing Employee Information (lien direct) | Australia's largest telecommunications company Telstra disclosed that it was the victim of a data breach through a third-party, nearly two weeks after Optus reported a breach of its own. "There has been no breach of Telstra's systems," Narelle Devine, the company's chief information security officer for the Asia Pacific region, said. "And no customer account data was involved." It | Data Breach | ||
|
2022-09-29 15:42:00 | Swachh City Platform Suffers Data Breach Leaking 16 Million User Records (lien direct) | A threat actor by the name of LeakBase has shared a database containing personal information allegedly affecting 16 million users of Swachh City, an Indian complaint redressal platform. Leaked details include usernames, email addresses, password hashes, mobile numbers, one-time passwords, last logged-in times, and IP addresses, among others, according to a report shared by security firm CloudSEK | Data Breach Threat | ||
|
2022-09-09 19:00:00 | 6 Top API Security Risks! Favored Targets for Attackers If Left Unmanaged (lien direct) | Security threats are always a concern when it comes to APIs. API security can be compared to driving a car. You must be cautious and review everything closely before releasing it into the world. By failing to do so, you're putting yourself and others at risk. API attacks are more dangerous than other breaches. Facebook had a 50M user account affected by an API breach, and an API data breach on | Data Breach | ||
|
2022-09-05 20:29:00 | TikTok Denies Data Breach Reportedly Exposing Over 2 Billion Users\' Information (lien direct) | Popular short-form social video service TikTok denied reports that it was breached by a hacking group, after it claimed to have gained access to an insecure cloud server. "TikTok prioritizes the privacy and security of our users' data," the ByteDance-owned company told The Hacker News. "Our security team investigated these claims and found no evidence of a security breach." The denial follows | Data Breach | ||
|
2022-09-03 09:47:00 | Samsung Admits Data Breach that Exposed Details of Some U.S. Customers (lien direct) | South Korean chaebol Samsung on Friday said it experienced a cybersecurity incident that resulted in the unauthorized access of some customer information, the second time this year it has reported such a breach. "In late July 2022, an unauthorized third-party acquired information from some of Samsung's U.S. systems," the company disclosed in a notice. "On or around August 4, 2022, we determined | Data Breach | ★★ | |
|
2022-08-09 07:24:25 | Twilio Suffers Data Breach After Employees Fall Victim to SMS Phishing Attack (lien direct) | Customer engagement platform Twilio on Monday disclosed that a "sophisticated" threat actor gained "unauthorized access" using an SMS-based phishing campaign aimed at its staff to gain information on a "limited number" of accounts. The social-engineering attack was bent on stealing employee credentials, the company said, calling the as-yet-unidentified adversary "well-organized" and "methodical | Data Breach Threat | ||
|
2022-06-21 02:46:21 | Former Amazon Employee Found Guilty in 2019 Capital One Data Breach (lien direct) | A 36-year-old former Amazon employee was convicted of wire fraud and computer intrusions in the U.S. for her role in the theft of personal data of no fewer than 100 million people in the 2019 Capital One breach. Paige Thompson, who operated under the online alias "erratic" and worked for the tech giant till 2016, was found guilty of wire fraud, five counts of unauthorized access to a protected | Data Breach | ||
|
2022-04-06 02:01:34 | Block Admits Data Breach Involving Cash App Data Accessed by Former Employee (lien direct) | Block, the company formerly known as Square, has disclosed a data breach that involved a former employee downloading unspecified reports pertaining to its Cash App Investing that contained information about its U.S. customers. "While this employee had regular access to these reports as part of their past job responsibilities, in this instance these reports were accessed without permission after | Data Breach | ||
|
2022-04-05 02:28:02 | Hackers Breach Mailchimp Email Marketing Firm to Launch Crypto Phishing Scams (lien direct) | Email marketing service Mailchimp on Monday revealed a data breach that resulted in the compromise of an internal tool to gain unauthorized access to customer accounts and stage phishing attacks. The development was first reported by Bleeping Computer. The company, which was acquired by financial software firm Intuit in September 2021, told the publication that it became aware of the incident | Data Breach Tool | ||
|
2022-03-08 04:11:29 | Samsung Confirms Data Breach After Hackers Leak Galaxy Source Code (lien direct) | Samsung on Monday confirmed a security breach that resulted in the exposure of internal company data, including the source code related to its Galaxy smartphones. "According to our initial analysis, the breach involves some source code relating to the operation of Galaxy devices, but does not include the personal information of our consumers or employees," the electronics giant told Bloomberg. | Data Breach | ||
|
2022-02-02 03:36:43 | Cynet\'s Keys to Extend Threat Visibility (lien direct) | We hear about the need for better visibility in the cybersecurity space – detecting threats earlier and more accurately. We often hear about the dwell time and the time to identify and contain a data breach. Many of us are familiar with IBM's Cost of a Data Breach Report that has been tracking this statistic for years. In the 2021 report, IBM found that, on average, it takes an average of 212 | Data Breach Threat | ||
|
2021-11-30 01:36:45 | Panasonic Suffers Data Breach After Hackers Hack Into Its Network (lien direct) | Japanese consumer electronics giant Panasonic has disclosed a security breach wherein an unauthorized third-party broke into its network and potentially accessed data from one of its file servers. "As the result of an internal investigation, it was determined that some data on a file server had been accessed during the intrusion," the company said in a short statement published on November 26. | Data Breach Hack | ||
|
2021-11-22 23:39:14 | GoDaddy Data Breach Exposes Over 1 Million WordPress Customers\' Data (lien direct) | Web hosting giant GoDaddy on Monday disclosed a data breach that resulted in the unauthorized access of data belonging to a total of 1.2 million active and inactive customers, making it the third security incident to come to light since 2018. In a filing with the U.S. Securities and Exchange Commission (SEC), the world's largest domain registrar said that a malicious third-party managed to gain | Data Breach | ||
|
2021-11-19 00:53:26 | A Simple 5-Step Framework to Minimize the Risk of a Data Breach (lien direct) | Today's businesses run on data. They collect it from customers at every interaction, and they use it to improve efficiency, increase their agility, and provide higher levels of service. But it's becoming painfully obvious that all of that data businesses collect has also made them an enticing target for cybercriminals. With each passing day, the evidence of that grows. In the last few months, | Data Breach | ||
|
2021-11-09 00:44:10 | Robinhood Trading App Suffers Data Breach Exposing 7 Million Users\' Information (lien direct) | Robinhood on Monday disclosed a security breach affecting approximately 7 million customers, roughly a third of its user base, that resulted in unauthorized access of personal information by an unidentified threat actor.
The commission-free stock trading and investing platform said the incident happened "late in the evening of November 3," adding it's in the process of notifying affected users. |
Data Breach Threat | ||
|
2021-09-30 02:09:19 | ImmuniWeb Launches Free Cloud Security Test to Detect Unprotected Storage (lien direct) | The IDC cloud security survey 2021 states that as many as 98% of companies were victims of a cloud data breach within the past 18 months.
Fostered by the pandemic, small and large organizations from all over the world are migrating their data and infrastructure into a public cloud, while often underestimating novel and cloud-specific security or privacy issues.
Nearly every morning, the |
Data Breach | ||
|
2021-08-23 06:48:23 | Researchers Detail Modus Operandi of ShinyHunters Cyber Crime Group (lien direct) | ShinyHunters, a notorious cybercriminal underground group that's been on a data breach spree since last year, has been observed searching companies' GitHub repository source code for vulnerabilities that can be abused to stage larger scale attacks, an analysis of the hackers' modus operandi has revealed.
"Primarily operating on Raid Forums, the collective's moniker and motivation can partly be |
Data Breach | ||
|
2021-06-13 23:59:46 | Chinese Hackers Believed to be Behind SITA, Air India Data Breach (lien direct) | The cyber assault on Air India that came to light last month lasted for a period of at least two months and 26 days, new research has revealed, which attributed the incident with moderate confidence to a Chinese nation-state threat actor called APT41.
Group-IB dubbed the campaign "ColunmTK" based on the names of the command-and-control (C2) server domains that were used for communications. "The |
Data Breach Threat Guideline | APT 41 | |
|
2021-05-21 22:01:08 | Air India Hack Exposes Credit Card and Passport Info of 4.5 Million Passengers (lien direct) | India's flag carrier airline, Air India, has disclosed a data breach affecting 4.5 million of its customers over a period stretching nearly 10 years after its Passenger Service System (PSS) provider SITA fell victim to a cyber attack earlier this year.
The breach involves personal data registered between Aug. 26, 2011 and Feb. 3, 2021, including details such as names, dates of birth, contact |
Data Breach Hack | ||
|
2021-04-30 00:24:38 | Passwordstate Warns of Ongoing Phishing Attacks Following Data Breach (lien direct) | Click Studios, the Australian software firm which confirmed a supply chain attack affecting its Passwordstate password management application, has warned customers of an ongoing phishing attack by an unknown threat actor.
"We have been advised a bad actor has commenced a phishing attack with a small number of customers having received emails requesting urgent action," the company said in an |
Data Breach Threat | ||
|
2021-04-12 09:04:02 | Indian Brokerage Firm Upstox Suffers Data Breach Leaking 2.5 Millions Users\' Data (lien direct) | Online trading and discount brokerage platform Upstox has become the latest Indian company to suffer a security breach of its systems, resulting in the exposure of sensitive information of approximately 2.5 million users on the dark web.
The leaked information includes names, email addresses, dates of birth, bank account information, and about 56 million know your customer (KYC) documents pulled |
Data Breach | ||
|
2021-04-05 07:52:56 | How the Work-From-Home Shift Impacts SaaS Security (lien direct) | The data is in. According to IBM Security's 2020 Cost of a Data Breach Report, there is a 50% increase in cloud usage for enterprises across all industries. The number of threats targeting cloud services, predominantly collaboration services like Office 365, has increased 630%.
Moreover, 75% of respondents report that discovery and recovery time from data breaches has significantly increased due |
Data Breach | ||
|
2021-03-29 23:21:45 | MobiKwik Suffers Major Breach - KYC Data of 3.5 Million Users Exposed (lien direct) | Popular Indian mobile payments service MobiKwik on Monday came under fire after 8.2 terabytes (TB) of data belonging to millions of its users began circulating on the dark web in the aftermath of a major data breach that came to light earlier this month.
The leaked data includes sensitive personal information such as:customer names,hashed passwords,email addresses,residential addresses,GPS |
Data Breach | ||
|
2021-03-04 01:49:19 | (Déjà vu) Extortion Gang Breaches Cybersecurity Firm Qualys Using Accellion Exploit (lien direct) | Enterprise cloud security firm Qualys has become the latest victim to join a long list of entities to have suffered a data breach after zero-day vulnerabilities in its Accellion File Transfer Appliance (FTA) server were exploited to steal sensitive business documents.
As proof of access to the data, the cybercriminals behind the recent hacks targeting Accellion FTA servers have shared |
Data Breach | ||
|
2021-02-12 20:39:52 | (Déjà vu) Yandex Employee Caught Selling Access to Users\' Email Inboxes (lien direct) | Russian Dutch-domiciled search engine, ride-hailing and email service provider Yandex on Friday disclosed a data breach that compromised 4,887 email accounts of its users.
The company blamed the incident on an unnamed employee who had been providing unauthorized access to the users' mailboxes for personal gain.
"The employee was one of three system administrators with the necessary access |
Data Breach | ||
|
2020-08-20 14:39:35 | Former Uber Security Chief Charged Over Covering Up 2016 Data Breach (lien direct) | The federal prosecutors in the United States have charged Uber's former chief security officer, Joe Sullivan, for covering up a massive data breach that the ride-hailing company suffered in 2016.
According to the press release published by the U.S. Department of Justice, Sullivan "took deliberate steps to conceal, deflect, and mislead the Federal Trade Commission about the breach" that also |
Data Breach Guideline | Uber | |
|
2020-08-20 11:22:31 | Experian South Africa Suffers Data Breach Affecting Millions; Attacker Identified (lien direct) | The South African arm of one of the world's largest credit check companies Experian yesterday announced a data breach incident that exposed personal information of millions of its customers.
While Experian itself didn't mention the number of affect customers, in a report, the South African Banking Risk Information Centre-an anti-fraud and banking non-profit organization who worked with |
Data Breach | ||
|
2020-08-07 05:33:51 | Capital One Fined $80 Million for 2019 Data Breach Affecting 106 Million Users (lien direct) | A United States regulator has fined the credit card provider Capital One Financial Corp with $80 million over last year's data breach that exposed the personal information of more than 100 million credit card applicants of Americans.
The fine was imposed by the Office of the Comptroller of the Currency (OCC), an independent bureau within the United States Department of the Treasury that |
Data Breach | ||
|
2020-06-01 04:34:02 | Joomla Resources Directory (JRD) Portal Suffers Data Breach (lien direct) | Joomla, one of the most popular Open-source content management systems (CMS), last week announced a new data breach impacting 2,700 users who have an account with its resources directory (JRD) website, i.e., resources.joomla.org.
The breach exposed affected users' personal information, such as full names, business addresses, email addresses, phone numbers, and encrypted passwords.
The |
Data Breach | ||
|
2020-05-19 06:50:41 | British Airline EasyJet Suffers Data Breach Exposing 9 Million Customers\' Data (lien direct) | British low-cost airline EasyJet today admitted that the company has fallen victim to a cyber-attack, which it labeled "highly sophisticated," exposing email addresses and travel details of around 9 million of its customers.
In an official statement released today, EasyJet confirmed that of the 9 million affected users, a small subset of customers, i.e., 2,208 customers, have also had their |
Data Breach |
To see everything:
Our RSS (filtrered)
