SecureWorld News

DECEMBER 29, 2020

Now headlines about ransomware, cyberattacks and data breaches pour into social media feeds at a steady drumbeat. SecureWorld now takes a look at some of the largest data breaches to ever occur. Top 10 most significant data breaches. Yahoo data breach (2013). Equifax data breach (2017).

Data breaches 98

Data breaches Passwords Accountability Government 98

Malwarebytes

JULY 12, 2024

In a new episode of Spy vs Spy , the mobile monitoring app mSpy has suffered a data breach that exposed information about millions of its customers. This is the third known mSpy data breach since the company began in around 2010.

Data breaches 123

Data breaches Mobile Surveillance Advertising 123

SecureWorld News

NOVEMBER 30, 2021

The Starwood reservation system it was acquiring had been hacked, because of a data breach that began long before the two companies became one. DNA testing company data breach impacts personal information. The impacted database was associated with a national genetic testing organization system that DDC acquired in 2012.

Data breaches 98

Data breaches Insurance Cyber Risk Risk 98

Troy Hunt

NOVEMBER 22, 2019

I've become more familiar with this sector over recent years due to the frequency with which it's been suffering data breaches that have ultimately landed in my inbox. i'm also the creator of the data breach aggregation service known as "have i been pwned".

Data breaches 363

Data breaches Technology Software Accountability 363

Security Affairs

MAY 29, 2019

Flipboard said that most of the passwords were hashed with bcrypt, while the passworts for users that have not logged into their account since March 14, 2012, were protected with SHA-1 hashing algorithm and uniquely salted. At the time it is not clear the extent of the breach, anyway, the company forced a password reset for all its users.

Data breaches 97

Data breaches Accountability Passwords Advertising 97

Security Affairs

FEBRUARY 26, 2021

Data Breach: WizCase team uncovered a massive data leak containing private information about Turkish Citizens through a misconfigured Amazon S3 bucket. Inova has been operating since 2012 and has handled thousands of cases since then. How Did the Data Breach Happen? How and Why We Discovered the Breach.

Data breaches 121

Data breaches Insurance Identity Theft Education 121

Troy Hunt

JANUARY 19, 2023

But there's an indicator that's very easy to cross-check, and that's the occurrence of the email address in previous data breaches. Hence, "Pwned or Bot" and this is precisely the methodology organisations have been using HIBP data for.

Data breaches 358

Data breaches Risk Identity Theft Accountability 358

Security Affairs

MAY 15, 2020

Data appears to come from past data breaches, the oldest one dates back as 2012 while the latest one dates April 2020. million phone numbers that are part of Dubsmash data breach that occurred in 2018. million April 2018 Netlog.com (Twoo.com) 57 million November 2012 Dubsmash.com Phone numbers 47.1

Data breaches 132

Data breaches Advertising Passwords Hacking 132

CSO Magazine

APRIL 15, 2021

Yes, tons of people still use “123456” as a password, according to NordPass's 200 most common passwords of the year for 2020, which is based on analysis of passwords exposed by data breaches.

Passwords 145

Passwords Data breaches 145

Krebs on Security

JUNE 25, 2019

com 2012-11-26 ALIBABA CLOUD COMPUTING (BEIJING) CO., com 2012-11-26 ALIBABA CLOUD COMPUTING (BEIJING) CO., com 2012-12-09 ALIBABA CLOUD COMPUTING (BEIJING) CO., com 2012-11-26 ALIBABA CLOUD COMPUTING (BEIJING) CO., com 2012-11-26 ALIBABA CLOUD COMPUTING (BEIJING) CO., 2333youxi[.]com blazefire[.]com blazefire[.]net

Mobile 275

Mobile Technology Manufacturing Malware 275

Adam Levin

JANUARY 15, 2020

Only families & friends can have access to baby’s moments at your control,” says the app’s description, which has been downloaded over a million times since 2012. Bithouse has yet to comment on the leak or take the leaked data offline. Every Baby’s photos, audios & videos or diaries will be stored in secured space.

Data privacy 225

Data privacy Data breaches 225

Security Affairs

JULY 11, 2020

The Russian hacker Yevgeniy Nikulin found guilty for LinkedIn, Dropbox, and Formspring data breach back in 2012 and the sale of their users’ data. Nikulin used data stolen from Linkedin to launch spear-phishing attacks against employees at other companies, including Dropbox. Source: US Defense Watch.com.

Hacking 116

Hacking Cybercrime Advertising Data breaches 116

Dark Reading

MARCH 19, 2020

The collections contained information collected by a UK research firm on data breaches from the years 2012 to 2019.

Data breaches 91

Data breaches 91

Dark Reading

NOVEMBER 9, 2022

Massachusetts Attorney General announced settlements across multiple states for damages from Experian's 2012 and 2015 breaches that violated consumer protection and notification laws.

Data breaches 74

Data breaches Consumer Protection Mobile 74

Malwarebytes

MAY 13, 2024

Last week on Malwarebytes Labs: Dell notifies customers about data breach DocGo patient health data stolen in cyberattack Desperate Taylor Swift fans defrauded by ticket scams Tracing what went wrong in 2012 for today’s teens, with Dr. Jean Twenge: Lock and Code S04E10 Last week on ThreatDown: Ransomware review: May 2024 FakeBat threat profile Law (..)

Data breaches 90

Data breaches Scams Ransomware 90

Security Affairs

MARCH 22, 2020

The expert Bob Diachenko has discovered an unsecured Elasticsearch install belonging to a UK security firm that contained 5 billion records of data leaked in previous incidents that took place between 2012 and 2019. “Our hope is to minimize harm to end users whose data.” Pierluigi Paganini.

Data breaches 109

Data breaches Advertising DNS Engineering 109

Troy Hunt

JUNE 10, 2019

Back in 2013, I was beginning to get the sense that data breaches were becoming a big thing. Increasingly, I was writing about what I thought was a pretty fascinating segment of the infosec industry; password reuse across Gawker and Twitter resulting in a breach of the former sending Acai berry spam via the latter.

Data breaches 279

Data breaches Passwords InfoSec Accountability 279

Krebs on Security

FEBRUARY 16, 2022

Asked to comment on Sheriff’s claims, the ICRC issued the following statement: “Right now, we do not have any conclusive evidence that this information from the data breach has been published or is being traded. Our cybersecurity team has looked into any reported allegation of data being available on the dark web.”

Hacking 302

Hacking Ransomware Media Accountability 302

CSO Magazine

MARCH 21, 2022

Anyone who follows cybersecurity is aware of the steady drumbeat of data breaches and attacks. 2012: Court Ventures gets social-engineered. 2012: Court Ventures gets social-engineered. So, an attack needs to really stand out to earn the name "disaster." Sign up for CSO newsletters. ]. Sign up for CSO newsletters. ].

Social Engineering 113

Social Engineering CSO Engineering Data breaches 113

SiteLock

AUGUST 27, 2021

It’s been a busy time for data breaches in the social media world with Myspace, LinkedIn and Twitter all experiencing them. In each of these cases, the cybercriminals behind the breaches were after usernames and passwords. Peace stole data from over 360 million Myspace accounts. 29 milliseconds to crack them.

Data breaches 52

Data breaches Media Passwords Accountability 52

Security Affairs

JULY 19, 2021

The oil giant employs has over $200 billion in annual revenue, and the threat actors are offering the stolen data at an initial price of $5 million. Bleeping Computer reached the company who confirmed a data breach on third-party contractors, but pointed out that the incident had no impact on Aramco’s operations.

Engineering 144

Engineering Data breaches Telecommunications Wireless 144

Troy Hunt

OCTOBER 13, 2017

This week I've been dealing with data breaches - lots of data breaches. Disqus did an awesome job of their disclosure (have we ever seen a breach as large of this disclosed within 24 hours?). SHA-1 was really starting to show its age in 2012 (there's a link to save you searching for me with no clothes).

Data breaches 110

Data breaches 110

Security Affairs

JULY 24, 2024

Remote attackers can exploit the flaw to execute arbitrary code via a crafted web site that triggers access to an object that (1) was not properly allocated or (2) is deleted, as demonstrated by a CDwnBindInfo object, and exploited in the wild in December 2012. is a use-after-free issue in Microsoft Internet Explorer 6 through 8.

Internet 110

Internet Internet Hacking Accountability 110

Troy Hunt

NOVEMBER 6, 2023

I like to think of investigating data breaches as a sort of scientific search for truth. You start out with a theory (a set of data coming from an alleged source), but you don't have a vested interested in whether the claim is true or not, rather you follow the evidence and see where it leads.

Data breaches 354

Data breaches Accountability Passwords 354

Troy Hunt

JULY 18, 2022

I think it was around the end of 2012, and they were terrible! I wanted to build a data breach search service. Ok, obvious answer, but I'd just found both my personal and Pfizer email addresses in the Adobe data breach which was somewhere I never expected to see them. Did that make them the product?

Data breaches 295

Data breaches Passwords Password Management Software 295

Krebs on Security

JUNE 25, 2019

com 2012-11-26 ALIBABA CLOUD COMPUTING (BEIJING) CO., com 2012-11-26 ALIBABA CLOUD COMPUTING (BEIJING) CO., com 2012-12-09 ALIBABA CLOUD COMPUTING (BEIJING) CO., com 2012-11-26 ALIBABA CLOUD COMPUTING (BEIJING) CO., com 2012-11-26 ALIBABA CLOUD COMPUTING (BEIJING) CO., 2333youxi[.]com blazefire[.]com blazefire[.]net

Mobile 186

Mobile Technology Manufacturing Software 186

Krebs on Security

DECEMBER 3, 2021

All of these domains date back to between 2012 and 2013. A different UK phone number in a more recent record for the wwwebuygold[.]com com domain — 44.0472882112 — is tied to two more domains – howtounlockiphonefree[.]com com , and portalsagepay[.]com.

Ransomware 349

Ransomware Passwords Accountability Cybercrime 349

Krebs on Security

SEPTEMBER 17, 2018

14, KrebsOnSecurity alerted GovPayNet that its site was exposing at least 14 million customer receipts dating back to 2012. Until this past weekend it was possible to view millions of customer records simply by altering digits in the Web address displayed by each receipt. On Friday, Sept.

Mobile 272

Mobile Government Identity Theft Telecommunications 272

Security Affairs

FEBRUARY 7, 2020

Just last week, Japan’s Ministry of Defense announced in addition to Mitsubishi Electric and the NEC defense business division other two unnamed contractors suffered a data breach. Pasco is Japan’s largest geospatial provider and Kobe Steel is one of the major steel manufacturers.

Manufacturing 142

Manufacturing Advertising Data breaches Antivirus 142

Security Affairs

JANUARY 25, 2020

“On June 28, last year, a suspicious behavior was detected and investigated on a terminal in our company, and as a result of unauthorized access by a third party, data was transmitted to the outside,” reads a data breach notification published by the company.

Antivirus 145

Antivirus Hacking Advertising Media 145

Krebs on Security

SEPTEMBER 26, 2024

The United States today unveiled sanctions and indictments against the alleged proprietor of Joker’s Stash , a now-defunct cybercrime store that peddled tens of millions of payment cards stolen in some of the largest data breaches of the past decade. This batch of some five million cards put up for sale Sept.

Cryptocurrency 299

Cryptocurrency Cybercrime Retail Government 299

Security Affairs

MARCH 22, 2020

The expert Bob Diachenko has discovered an unsecured Elasticsearch install belonging to the security firm Keepnet Labs that contained 5 billion records of data leaked in previous incidents that took place between 2012 and 2019. ” wrote Security Discovery’s researcher Bob Diachenko.

Advertising 93

Advertising Data breaches DNS Engineering 93

Centraleyes

FEBRUARY 20, 2024

Data breaches have become an unfortunate reality in today’s digital landscape, affecting organizations of all sizes. In the aftermath of a third-party data breach, organizations, especially small and medium-sized businesses (SMBs), often encounter challenges that can exacerbate the impact.

Data breaches 52

Data breaches Risk Cybersecurity Education 52

Security Affairs

JUNE 25, 2020

In 2012, Assange communicated directly with a leader of the hacking group LulzSec (who by then was cooperating with the FBI), and provided a list of targets for LulzSec to hack. “In 2010, Assange gained unauthorized access to a government computer system of a NATO country. ” states DoJ.

Hacking 103

Hacking Advertising Passwords Government 103

Duo's Security Blog

NOVEMBER 20, 2023

“It took nearly 11 months (328 days) to identity and contain data breaches resulting from stolen or compromised credentials.” – IBM’s Cost of Data Breach Report 2023 I recently came across a 2012 article from CSO Online , and realized that it has been more than 11 years since the phrase “Identity is the new perimeter” was coined!

Threat Detection 138

Threat Detection Authentication Accountability Data breaches 138

Malwarebytes

JUNE 30, 2021

In a statement, Privacy Shark garnered from Leonna Spilman, who spoke on behalf of LinkedIn, the company claims there is really no breach: “While we’re still investigating this issue, our initial analysis indicates that the dataset includes information scraped from LinkedIn as well as information obtained from other sources.

Data breaches 145

Data breaches Accountability VPN Scams 145

SC Magazine

JUNE 2, 2021

A woman speaking on a mobile phone walks past a cloud computing presentation ahead of the CeBIT technology trade fair in 2012. While this raises some concerns, the Thales 2021 Data Threat Report , based on a study by 451 Research, pointed to some improvement in regulated industries. Sean Gallup/Getty Images).

Encryption 103

Encryption Data breaches Accountability Threat Detection 103