Krebs on Security

DECEMBER 19, 2024

Rumors of a cracked version of Acunetix being used by attackers surfaced in June 2023 on Twitter/X , when researchers first posited a connection between observed scanning activity and Araneida. According to an August 2023 report (PDF) from the U.S. co — first came online in February 2023. 2023 on the forum Cracked.

Hacking 229

Hacking Cybercrime Advertising Data breaches 229

Security Affairs

JANUARY 16, 2025

The law firm Wolf Haldenstein disclosed a data breach that exposed the personal information of nearly 3.5 The law firm Wolf Haldenstein disclosed a 2023 data breach that exposed the personal information of nearly 3.5 The law firm pointed out that it has no evidence the exposed data has been misused.

Data breaches 95

Data breaches Identity Theft Consumer Protection Data collection 95

Malwarebytes

FEBRUARY 14, 2025

Over the years Zacks has suffered a few data breaches. In 2023, data allegedly belonging to Zacks containing 8,615,098 records was leaked online. The most recent data in this database is from May 2020. This would be the 2nd (hacked back in 2020) major data breach for Zacks. Check the vendors advice.

Accountability 83

Accountability Data breaches Passwords Phishing 83

Krebs on Security

AUGUST 19, 2024

12 , saying it dates back to a security incident in December 2023. In an interview last week, USDoD blamed the July data leak on another malicious hacker who also had access to the company’s database, which they claimed has been floating around the underground since December 2023. consumer data broker USInfoSearch.com.

Passwords 356

Passwords Data breaches Accountability Data privacy 356

Security Affairs

MAY 22, 2024

The digital imaging products manufacturer OmniVision disclosed a data breach after the 2023 ransomware attack. In 2023, OmniVision employed 2,200 people and had an annual revenue of $1.4 In 2023, the imaging sensors manufacturer was the victim of a Cactus ransomware attack. OmniVision Technologies Inc.

Data breaches 133

Data breaches Ransomware Manufacturing Encryption 133

Security Affairs

NOVEMBER 18, 2024

In 2023, the carrier disclosed two data breaches , one in January and another in May. In May 2023, T-Mobile threat actors had access to the personal information of hundreds of customers starting in late February 2023. The security breach impacted a limited number of customers, only 836 individuals.

Mobile 113

Mobile Telecommunications Data breaches Hacking 113

Security Affairs

OCTOBER 23, 2023

The City of Philadelphia discloses a data breach that resulted from a cyber attack that took place on May 24 and that compromised City email accounts. The incident was discovered on May 24, but further investigation revealed that threat actors have had access to the compromised email accounts at least since March 2023.

Data breaches 133

Data breaches Identity Theft Accountability Scams 133

Krebs on Security

NOVEMBER 14, 2024

In December 2023, KrebsOnSecurity revealed the real-life identity of Rescator , the nickname used by a Russian cybercriminal who sold more than 100 million payment cards stolen from Target and Home Depot between 2013 and 2014. Mr. Shefel did not respond to requests for comment in advance of that December 2023 profile. Image: U.S.

Retail 254

Retail Advertising Cryptocurrency Marketing 254

Security Affairs

MAY 19, 2024

WebTPA, a third-party administrator that provides healthcare management and administrative services, disclosed a data breach. The US company disclosed a data breach that impacted almost 2.5 The investigation revealed that an unauthorized actor may have obtained personal information between April 18 and April 23, 2023.

Data breaches 137

Data breaches Healthcare Insurance Identity Theft 137

Security Affairs

DECEMBER 23, 2023

Mobile virtual network operator Mint Mobile suffered a new data breach, threat actors had access to customers’ personal information. Mint Mobile experienced a recent data breach, exposing customers’ personal information to unauthorized access by threat actors.

Data breaches 136

Data breaches Mobile Wireless Data collection 136

Krebs on Security

JULY 12, 2024

disclosed today that a new data breach has exposed phone call and text message records for roughly 110 million people — nearly all of its customers. Earlier this year, AT&T reset passwords for millions of customers after the company finally acknowledged a data breach from 2018 involving approximately 7.6

Data breaches 347

Data breaches Passwords Authentication Accountability 347

Security Affairs

JANUARY 6, 2024

Law firm Orrick, Herrington & Sutcliffe disclosed a data breach that took place in early 2023, which impacted roughly 600,000 individuals. The law firm Orrick, Herrington & Sutcliffe, disclosed a data breach that impacted 638,000 individuals. ” reads the data breach notification.

Data breaches 134

Data breaches Insurance Technology Hacking 134

Security Affairs

AUGUST 17, 2024

Background check service National Public Data confirms a data breach that exploded millions of social security numbers and other sensitive information. The company states that the security incident may have occurred in late December 2023, with potential leaks of certain data in April 2024 and summer 2024.

Data breaches 142

Data breaches Hacking Accountability Cybersecurity 142

Security Affairs

JANUARY 10, 2024

The Healthcare services provider HMG Healthcare has disclosed a data breach that impacted 40 affiliated nursing facilities. In November 2023, the Healthcare services provider HMG Healthcare discovered a data breach that exposed personal health information related to residents and employees at HMG affiliated nursing facilities.

Data breaches 132

Data breaches Healthcare Hacking Ransomware 132

Security Affairs

JANUARY 4, 2024

Healthcare technology company HealthEC disclosed a data breach that exposed the personal information of 4.5 Healthcare technology company HealthEC (HEC) disclosed a data breach that impacted 4.5 million Individuals. million customers of its business partners. ” reads a notice published by the company on its website.

Data breaches 137

Data breaches Healthcare Artificial Intelligence Identity Theft 137

Security Affairs

AUGUST 31, 2023

Fashion retailer Forever 21 disclosed a data breach that exposed the personal information of more than 500,000 individuals. On March 20, 2023, the fashion retailer Forever 21 has discovered a cyber incident that impacted a limited number of systems. The retailer also notified law enforcement.

Retail 138

Retail Data breaches Identity Theft Banking 138

Security Affairs

OCTOBER 8, 2024

MoneyGram disclosed a data breach following a cyberattack in September, during which threat actors stole customer data. ” reads the notice of data breach published by MoneyGram. MoneyGram International was acquired by private equity firm Madison Dearborn Partners on June 1, 2023, for $11.00

Data breaches 125

Data breaches Government Banking Hacking 125

Malwarebytes

JULY 19, 2024

The Identity Theft Resource Center (ITRC) tracked 1,041,312,601 data breach victims in Q2 2024, an increase of 1,170% over Q2 2023 (81,958,874 victims). Because both of these breaches were announced/updated in the second quarter of 2024 they have a huge impact on the numbers. Nope, that headline’s not a typo.

Data breaches 126

Data breaches Passwords Identity Theft Phishing 126

Krebs on Security

SEPTEMBER 13, 2023

The FBI responded by reverifying InfraGard members and by seizing the cybercrime forum where the data was being sold. 11, 2023, USDoD resurfaced after a lengthy absence to leak sensitive employee data stolen from the aerospace giant Airbus , while promising to visit the same treatment on top U.S. But on Sept. Microsoft Corp.

Cybercrime 338

Cybercrime Passwords Authentication Malware 338

Security Affairs

DECEMBER 9, 2023

Kentucky health system Norton Healthcare disclosed a data breach after it was a victim of a ransomware attack in May. Norton Healthcare disclosed a data breach after a ransomware attack that hit the organization on May 9, 2023. On May 25, 2023, the AlphV/ BlackCat group claimed responsibility for the attack.

Healthcare 136

Healthcare Data breaches Ransomware Insurance 136

Security Affairs

DECEMBER 11, 2023

Toyota Financial Services (TFS) disclosed a data breach, threat actors had access to sensitive personal and financial data. Toyota Financial Services (TFS) is warning customers it has suffered a data breach that exposed sensitive personal and financial data.

Financial Services 139

Financial Services Data breaches Identity Theft Banking 139

Security Affairs

APRIL 4, 2024

US cancer center City of Hope suffered a data breach that impacted 800,000 individuals, personal and health information was compromised. City of Hope suffered a data breach, the organization started notifying 827149 individuals that their personal and health information was compromised. medical record number).”

Data breaches 126

Data breaches Identity Theft Insurance Banking 126

Krebs on Security

AUGUST 15, 2024

On July 21, 2024, denizens of the cybercrime community Breachforums released more than 4 terabytes of data they claimed was stolen from nationalpublicdata.com, a Florida-based company that collects data on consumers and processes background checks. Many media outlets mistakenly reported that the National Public data breach affects 2.9

Hacking 349

Hacking Data breaches Identity Theft Accountability 349

Security Affairs

SEPTEMBER 24, 2023

educational nonprofit organization National Student Clearinghouse disclosed a data breach that impacted approximately 900 US schools. “On May 31, 2023, the Clearinghouse was informed by our third-party software provider, Progress Software, of a cybersecurity issue involving the provider’s MOVEit Transfer solution.

Data breaches 135

Data breaches Education Ransomware Software 135

Malwarebytes

NOVEMBER 12, 2024

All the company’s social media accounts haven’t been updated since 2023 at the latest. Customers were only able to look at their test results online, these were not downloadable, so now they are not only unable to see them, but they also have no idea what has happened to that data.

Insurance 145

Insurance Accountability Risk Data breaches 145

Krebs on Security

NOVEMBER 5, 2024

At the end of 2023, malicious hackers learned that many large companies had uploaded huge volumes of sensitive customer data to Snowflake accounts that were protected with little more than a username and password (no multi-factor authentication required). “The rest is just ransom.” CRACKDOWN ON HARM GROUPS?

Cybercrime 274

Cybercrime Mobile Media Hacking 274

Schneier on Security

MAY 17, 2024

The seizure messages include ways to contact the FBI about the seizure, including an email, a Telegram account, a TOX account, and a dedicated page hosted on the FBI’s Internet Crime Complaint Center (IC3). “From June 2023 until May 2024, BreachForums (hosted at breachforums.st/.cx/.is/.vc ”

Hacking 317

Hacking Accountability Ransomware Internet 317

Security Affairs

NOVEMBER 10, 2023

McLaren Health Care (McLaren) experienced a data breach that compromised the sensitive personal information of approximately 2.2 McLaren Health Care (McLaren) disclosed a data breach that occurred between late July and August. The security breach exposed the sensitive personal information of 2,192,515 people.

Data breaches 136

Data breaches Identity Theft Insurance Ransomware 136

Security Affairs

FEBRUARY 13, 2024

Bank of America revealed that the personal information of some customers was stolen in a data breach affecting a third-party services provider. Bank of America began notifying some customers following a data breach at the third-party services provider Infosys McCamish System (IMS).

Data breaches 138

Data breaches Banking Identity Theft Ransomware 138

Security Affairs

OCTOBER 16, 2024

Among them, it was possible to identify tax registration, email addresses, registered domains, IP addresses, social media accounts, telephone number and city. CrowdStrike identified Luan by tracing this email, which was tied to personal accounts, GitHub edits, domain registrations, and social media profiles.

Data breaches 126

Data breaches Media Cybercrime Accountability 126

SecureWorld News

NOVEMBER 14, 2024

Compared to 2023, healthcare providers are facing a higher frequency of ransomware incidents, impacting their ability to deliver essential services and protect sensitive patient data. As of the first three quarters of 2024, there were already 264 ransomware incidents affecting healthcare providers—nearly matching all of 2023's figures.

Healthcare 114

Healthcare Ransomware Identity Theft Data breaches 114

Malwarebytes

MARCH 25, 2024

Skater brand Vans emailed customers last week to tell them about a recent “data incident.” On December 13, 2023, Vans said it detected unauthorized activities on its IT systems, attributed to “external threat actors.” The data incident turned out to be a ransomware attack. Check the vendor’s advice. Take your time.

Data breaches 133

Data breaches Phishing Identity Theft Passwords 133

The Last Watchdog

MARCH 19, 2025

Holistic Identity: The New Cyber Battleground Organizations have traditionally focused on securing individual account credentials, but SpyClouds research indicates that cybercriminals have expanded their tactics beyond conventional account takeover. About SpyCloud: SpyCloud transforms recaptured darknet data to disrupt cybercrime.

Cyber Risk 113

Cyber Risk Risk Phishing Cybercrime 113

Security Affairs

SEPTEMBER 30, 2024

Community Clinic of Maui experienced a data breach impacting over 120,000 people following a LockBit ransomware attack. LockBit breached the Community Healthcare Clinic of Maui as they are still rebuilding from the devastating fire last year. .’ ” reads the notice of breach published by Malama.

Data breaches 134

Data breaches Ransomware Healthcare Cyber Attacks 134

Security Affairs

DECEMBER 23, 2023

The LockBit ransomware claims to have hacked accountancy firm Xeinadin threatens to leak the alleged stolen data. The LockBit ransomware claims responsibility for hacking the Xeinadin accountancy firm and threatens to disclose the alleged stolen data. tb of customer data is alleged. Account balances.

Accountability 141

Accountability Ransomware Data breaches Hacking 141

Security Affairs

APRIL 27, 2024

Threat actors accessed more than 19,000 online accounts on a California state platform for welfare programs. Threat actors breached over 19,000 online accounts on a California state platform dedicated to welfare programs. Your account may have been one of those accessed.” ” continues the notification.

Accountability 139

Accountability Passwords Data breaches Hacking 139

Malwarebytes

AUGUST 27, 2024

The Texas Dow Employees Credit Union (TDECU) has filed a data breach notification , reporting that the data of 500,474 people has been accessed in an external system breach. Protecting yourself after a data breach There are some actions you can take if you are, or suspect you may have been, the victim of a data breach.

Data breaches 117

Data breaches Passwords Phishing Password Management 117