Krebs on Security

DECEMBER 19, 2024

Rumors of a cracked version of Acunetix being used by attackers surfaced in June 2023 on Twitter/X , when researchers first posited a connection between observed scanning activity and Araneida. According to an August 2023 report (PDF) from the U.S. co — first came online in February 2023. 2023 on the forum Cracked.

Hacking 232

Hacking Cybercrime Advertising Data breaches 232

Krebs on Security

NOVEMBER 14, 2024

In December 2023, KrebsOnSecurity revealed the real-life identity of Rescator , the nickname used by a Russian cybercriminal who sold more than 100 million payment cards stolen from Target and Home Depot between 2013 and 2014. Mr. Shefel did not respond to requests for comment in advance of that December 2023 profile. Image: U.S.

Retail 258

Retail Advertising Cryptocurrency Marketing 258

Krebs on Security

JULY 12, 2024

disclosed today that a new data breach has exposed phone call and text message records for roughly 110 million people — nearly all of its customers. AT&T also acknowledged the customer records were exposed in a cloud database that was protected only by a username and password (no multi-factor authentication needed).

Data breaches 348

Data breaches Passwords Authentication Accountability 348

Krebs on Security

SEPTEMBER 13, 2023

The FBI responded by reverifying InfraGard members and by seizing the cybercrime forum where the data was being sold. 11, 2023, USDoD resurfaced after a lengthy absence to leak sensitive employee data stolen from the aerospace giant Airbus , while promising to visit the same treatment on top U.S. But on Sept.

Cybercrime 340

Cybercrime Passwords Authentication Malware 340

Security Affairs

NOVEMBER 16, 2023

Samsung Electronics disclosed a data breach that exposed customer personal information to an unauthorized individual. Samsung Electronics suffered a data breach that exposed the personal information of some of its customers to an unauthorized individual. ” reads the data breach notification sent to the customers.

Data breaches 139

Data breaches eCommerce Hacking Passwords 139

Malwarebytes

JULY 19, 2024

The Identity Theft Resource Center (ITRC) tracked 1,041,312,601 data breach victims in Q2 2024, an increase of 1,170% over Q2 2023 (81,958,874 victims). Because both of these breaches were announced/updated in the second quarter of 2024 they have a huge impact on the numbers. Change your password.

Data breaches 123

Data breaches Passwords Identity Theft Phishing 123

Krebs on Security

JUNE 15, 2024

.” In a SIM-swapping attack, crooks transfer the target’s phone number to a device they control and intercept any text messages or phone calls sent to the victim — including one-time passcodes for authentication, or password reset links sent via SMS. In January 2024, U.S.

Hacking 336

Hacking Cybercrime Phishing Passwords 336

Security Affairs

DECEMBER 23, 2023

Mobile virtual network operator Mint Mobile suffered a new data breach, threat actors had access to customers’ personal information. Mint Mobile experienced a recent data breach, exposing customers’ personal information to unauthorized access by threat actors.

Data breaches 136

Data breaches Mobile Wireless Data collection 136

Malwarebytes

JUNE 11, 2024

The British and Canadian privacy authorities have announced they will undertake a joint investigation into the data breach at global genetic testing company 23andMe that was discovered in October 2023. These combinations are usually stolen from another breach and then put up for sale on the dark web.

Data breaches 141

Data breaches Accountability Passwords Risk 141

Malwarebytes

AUGUST 27, 2024

The Texas Dow Employees Credit Union (TDECU) has filed a data breach notification , reporting that the data of 500,474 people has been accessed in an external system breach. Protecting yourself after a data breach There are some actions you can take if you are, or suspect you may have been, the victim of a data breach.

Data breaches 113

Data breaches Passwords Phishing Password Management 113

Security Affairs

DECEMBER 11, 2023

Toyota Financial Services (TFS) disclosed a data breach, threat actors had access to sensitive personal and financial data. Toyota Financial Services (TFS) is warning customers it has suffered a data breach that exposed sensitive personal and financial data.

Financial Services 139

Financial Services Data breaches Identity Theft Banking 139

Security Affairs

MARCH 16, 2024

Unemployment agency France Travail (Pôle Emploi) recently suffered a data breach that could impact 43 million people. On August 2023, the French government employment agency Pôle emploi suffered a data breach and notified 10 million individuals impacted by the security breach.

Data breaches 139

Data breaches Cybercrime Government Ransomware 139

Malwarebytes

MARCH 25, 2024

Skater brand Vans emailed customers last week to tell them about a recent “data incident.” On December 13, 2023, Vans said it detected unauthorized activities on its IT systems, attributed to “external threat actors.” Change your password. You can make a stolen password useless to thieves by changing it.

Data breaches 129

Data breaches Phishing Identity Theft Passwords 129

Krebs on Security

SEPTEMBER 5, 2023

In November 2022, the password manager service LastPass disclosed a breach in which hackers stole password vaults containing both encrypted and plaintext data for more than 25 million users. Then on Aug. But on Nov.

Cryptocurrency 362

Cryptocurrency Passwords Encryption Accountability 362

Malwarebytes

JUNE 14, 2024

The online handle of the seller immediately raised the suspicion that this was yet another Snowflake related data breach. Post by Sp1d3r on breach forum The post also mentions Suntrust bank because Truist Bank arose after SunTrust Banks and BB&T (Branch Banking and Trust Company) merged in December 2019.

Data breaches 108

Data breaches Banking Passwords Phishing 108

The Last Watchdog

MARCH 19, 2025

Attackers now have access to extensive identity data from multiple sourcesincluding data breaches, infostealer malware infections, phishing campaigns, and combolistsposing a challenge for organizations whose security measures have not yet adapted to address the full scope of interconnected identity exposures holistically.

Cyber Risk 113

Cyber Risk Risk Phishing Cybercrime 113

Security Affairs

JANUARY 19, 2024

American global apparel and footwear company VF Corp revealed that the December data breach impacted 35.5 In December 2023, VF Corp announced it was the victim of a ransomware attack and was forced to take some systems down to contain the threat. million customers. In 2015, the company controlled 55% of the U.S.

Data breaches 135

Data breaches Retail Insurance Passwords 135

Malwarebytes

JANUARY 15, 2024

In November 2023, real estate services company Fidelity National Financial (FNF) got its systems knocked offline for a week after a cyberincident. As is often the case these days, it turns out that the cyberincident was very likely a ransomware attack that included a data breach. Change your password.

Data breaches 117

Data breaches Identity Theft Passwords Ransomware 117

Malwarebytes

JULY 12, 2024

Protecting yourself after a data breach There are some actions you can take if you are, or suspect you may have been, the victim of a data breach. Every breach is different, so check with the vendor to find out what’s happened, and follow any specific advice they offer. Change your password.

Data breaches 143

Data breaches Passwords Phishing Password Management 143

Malwarebytes

FEBRUARY 14, 2025

Over the years Zacks has suffered a few data breaches. In 2023, data allegedly belonging to Zacks containing 8,615,098 records was leaked online. The most recent data in this database is from May 2020. This would be the 2nd (hacked back in 2020) major data breach for Zacks. Change your password.

Accountability 78

Accountability Data breaches Passwords Phishing 78

Krebs on Security

JANUARY 19, 2023

T-Mobile today disclosed a data breach affecting tens of millions of customer accounts, its second major data exposure in as many years. Image: customink.com In a filing today with the U.S. The company said it first learned of the incident on Jan. OpenClassActions.com says the filing deadline is Jan. Why do I suggest this?

Mobile 340

Mobile Accountability Data breaches Identity Theft 340

Krebs on Security

NOVEMBER 5, 2024

At the end of 2023, malicious hackers learned that many large companies had uploaded huge volumes of sensitive customer data to Snowflake accounts that were protected with little more than a username and password (no multi-factor authentication required). Binns never explained why he sent this in Feb. CRACKDOWN ON HARM GROUPS?

Cybercrime 277

Cybercrime Mobile Media Hacking 277

Security Affairs

AUGUST 20, 2024

Toyota has confirmed a data breach after a threat actor leaked 240GB of data stolen from its infrastructure on a cybercrime forum. Toyota disclosed a data breach after a threat actor leaked an archive of 240GB of data stolen from its systems on a cybercrime forum, BleepingComputer reported.

Data breaches 117

Data breaches Cybercrime Financial Services Hacking 117

Security Affairs

JANUARY 1, 2024

These are the Top 2023 Security Affairs cybersecurity stories … enjoy it. CYBERCRIMINALS LAUNCHED “LEAKSMAS” EVENT IN THE DARK WEB EXPOSING MASSIVE VOLUMES OF LEAKED PII AND COMPROMISED DATA Leaksmas: On Christmas Eve, multiple threat actors released substantial data leaks, Resecurity experts reported.

Cybersecurity 133

Cybersecurity Data breaches Spyware Passwords 133

Malwarebytes

JULY 2, 2024

million people had been impacted by the resulting data breach. As one of the largest insurance companies in the US, Prudential employs 40,000 people worldwide and reported revenues of over $50 billion in 2023. million in a new breach notification. Change your password. Check the vendor’s advice.

Data breaches 112

Data breaches Identity Theft Passwords Phishing 112

Malwarebytes

SEPTEMBER 10, 2024

A subsequent investigation by a third-party specialist revealed that cybercriminals had access to Slim CD’s systems for 10 months, between August 17, 2023, and June 15, 2024. Protecting yourself after a data breach There are some actions you can take if you are, or suspect you may have been, the victim of a data breach.

Data breaches 118

Data breaches Identity Theft Passwords Phishing 118

Malwarebytes

NOVEMBER 12, 2024

All the company’s social media accounts haven’t been updated since 2023 at the latest. Customers were only able to look at their test results online, these were not downloadable, so now they are not only unable to see them, but they also have no idea what has happened to that data.

Insurance 145

Insurance Accountability Risk Data breaches 145

Security Affairs

MARCH 13, 2024

Threat actors behind the ransomware attacks that hit Stanford University in 2023 gained access to 27,000 people. Stanford University confirmed that threat actors behind the September 2023 ransomware attack had access to 27,000 people. The Akira ransomware gang claimed the theft of 430 GB of data from the university’s systems.

Ransomware 131

Ransomware Data breaches Passwords Hacking 131

Malwarebytes

DECEMBER 18, 2023

On Wednesday December 13, 2023, MongoDB’s staff detected suspicious activity and began an investigation. Scammers often try to take advantage of data breaches. They know that the breached company is likely to be contacting victims, and that the victims will be looking out for emails from the company.

Data breaches 113

Data breaches Social Engineering Phishing Authentication 113

SecureWorld News

JULY 12, 2024

The compromised data included files containing AT&T records of calls and texts from cellular customers, wireless network customers, and landline customers between May 2022 and October 2022, and records from January 2, 2023, for a small number of customers.

Data breaches 119

Data breaches Passwords Authentication Artificial Intelligence 119

Security Affairs

JANUARY 23, 2023

The recent Mailchimp data breach has impacted multiple organizations, some of them are already notifying their customers. The popular email marketing and newsletter platform Mailchimp recently disclosed a news data breach , the incident exposed the data of 133 customers. reads the post published by TechCrunch.

Data breaches 98

Data breaches Accountability Social Engineering Small Business 98

Security Affairs

APRIL 21, 2023

The American Bar Association (ABA) disclosed a data breach, threat actors gained access to older credentials for 1,466,000 members. The security breach was detected on March 17, 2003 and according to the company the intrusion begun on or about March 6, 2023. The ABA has 166,000 members as of 2022.

Data breaches 98

Data breaches Passwords Education Accountability 98

Krebs on Security

AUGUST 15, 2024

The snippets of stolen data that USDoD offered as teasers showed rows of names, addresses, phone numbers, and Social Security Numbers (SSNs). Many media outlets mistakenly reported that the National Public data breach affects 2.9 billion people (that figure actually refers to the number of rows in the leaked data sets).

Hacking 350

Hacking Data breaches Identity Theft Accountability 350

Security Affairs

NOVEMBER 21, 2024

“In that case, officials at the president’s press office later said the information appeared to have been downloaded using the password of a former employee.” appeared in the threat landscape in May 2023. ” reported the Associated Press. Experts believe RansomHub is a rebrand of the Knight ransomware.

Government 144

Government Hacking Ransomware Insurance 144

Malwarebytes

JULY 3, 2024

‘Buy now, pay later’ payment specialist Affirm has warned that holders of its payment cards had their personal information exposed after a ransomware attack and data breach at Evolve Bank & Trust. Change your password. You can make a stolen password useless to thieves by changing it.

Data breaches 102

Data breaches Banking Passwords Phishing 102

SecureWorld News

MAY 10, 2024

Dell, one of the world's largest technology companies, has just disclosed a major data breach that may have compromised the personal information of tens of millions of current and former customers. The breach went undetected for several months before finally being discovered in early 2023.

Data breaches 124

Data breaches Identity Theft Risk CISO 124

Troy Hunt

DECEMBER 3, 2023

” Anyone can type in an email address into the site to check if their personal data has been compromised in a security breach. Inevitably, "because data breaches", and it's nuts just how much exposure this project has had because of them. Or the UK's NCA to be feeding data in.

Data breaches 363

Data breaches Passwords Internet Internet 363