Krebs on Security

JANUARY 19, 2023

T-Mobile today disclosed a data breach affecting tens of millions of customer accounts, its second major data exposure in as many years. APIs are essentially instructions that allow applications to access data and interact with web databases. Image: customink.com In a filing today with the U.S.

Mobile 334

Mobile Accountability Data breaches Identity Theft 334

Security Affairs

DECEMBER 8, 2024

“Additionally, Anna Jaques reminds its employees and patients to remain vigilant in reviewing financial account statements on a regular basis for any fraudulent activity. .” reads a statement published on the hospital’s website.

Data breaches 116

Data breaches Insurance Healthcare Ransomware 116

Adam Levin

JULY 15, 2020

The discovery of a database for sale on the dark web suggests the 2019 data breach of MGM Resorts was significantly larger than initially reported. Access to the database was made available on a dark web cybercrime marketplace for roughly $3,000. The records themselves were aggregated from previous data breaches and leaks.

Data breaches 198

Data breaches Cybercrime Accountability Technology 198

Security Affairs

OCTOBER 28, 2024

Free disclosed a cyber attack over the weekend after a threat actor attempted to sell the stolen data on a popular cybercrime forum. The threat actors had access to the internal management tool and gained access to some subscribers’ personal data. The seller also published a sample of the stolen data and some screenshots.

Cyber Attacks 126

Cyber Attacks Telecommunications Data breaches Banking 126

Security Affairs

JANUARY 7, 2022

The appointment scheduling service FlexBooker discloses a data breach that impacted over 3.7 million accounts. Threat actors compromised the FlexBooker accounts of more than 3.7 Stolen data are now available for sale on multiple cybercrime forums. million accounts. million accounts.

Data breaches 145

Data breaches Accountability Passwords Cybercrime 145

Security Affairs

JANUARY 3, 2025

Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking,data breach) Emergency care and patient admissions remained unaffected during the incident. RUMC offered 12 months of free credit monitoring to those individuals with compromised Social Security numbers.

Data breaches 76

Data breaches Ransomware Insurance Healthcare 76

Security Affairs

JANUARY 16, 2025

The law firm Wolf Haldenstein disclosed a data breach that exposed the personal information of nearly 3.5 The law firm Wolf Haldenstein disclosed a 2023 data breach that exposed the personal information of nearly 3.5 The law firm pointed out that it has no evidence the exposed data has been misused.

Data breaches 96

Data breaches Identity Theft Consumer Protection Data collection 96

Krebs on Security

AUGUST 6, 2020

A group of thieves thought to be responsible for collecting millions in fraudulent small business loans and unemployment insurance benefits from COVID-19 economic relief efforts gathered personal data on people and businesses they were impersonating by leveraging several compromised accounts at a little-known U.S.

Accountability 361

Accountability Identity Theft Hacking Insurance 361

Security Affairs

DECEMBER 29, 2024

notifies customers of credit card data breach, after threat actors hacked a third-party app from its e-commerce provider. disclosed a data breach that exposed its customers’ credit card data after threat actors hacked a third-party application from its e-commerce providerBigCommerce.

Data breaches 81

Data breaches Computers and Electronics Wireless Hacking 81

Krebs on Security

JULY 22, 2019

The New York Times reported earlier today that it was thought to be the largest settlement ever paid by a company over a data breach, but that statement doesn’t appear anywhere in their current story. “Had the bill been in effect prior to the 2017 Equifax breach, the company would have had to pay at least $1.5

Data breaches 275

Data breaches Identity Theft Banking Cybercrime 275

Security Affairs

AUGUST 20, 2024

Toyota has confirmed a data breach after a threat actor leaked 240GB of data stolen from its infrastructure on a cybercrime forum. Toyota disclosed a data breach after a threat actor leaked an archive of 240GB of data stolen from its systems on a cybercrime forum, BleepingComputer reported.

Data breaches 118

Data breaches Cybercrime Financial Services Hacking 118

Krebs on Security

MARCH 13, 2019

[ NASDAQ: SZMK ] says it is investigating a security incident in which a hacker was reselling access to a user account with the ability to modify ads and analytics for a number of big-name advertisers. He acknowledged that the purloined account had the ability to add or modify the advertising creatives that get run on customer ad campaigns.

Accountability 244

Accountability Passwords Advertising Penetration Testing 244

Krebs on Security

NOVEMBER 14, 2024

Shefel claims the true mastermind behind the Target and other retail breaches was Dmitri Golubov , an infamous Ukrainian hacker known as the co-founder of Carderplanet, among the earliest Russian-language cybercrime forums focused on payment card fraud. “I’m also godfather of his second son.” Image: U.S.

Retail 242

Retail Advertising Cryptocurrency Marketing 242

The Last Watchdog

FEBRUARY 4, 2025

Identity security vendors have focused narrowly on securing corporate accounts, leaving organizations vulnerable to cybercriminals exploiting the broader identity exposures of employees, consumers, and suppliers. The impact of these exposures is evident: nearly a quarter of data breaches resulted from compromised identity data.

Cybercrime 124

Cybercrime Phishing Accountability Malware 124

Krebs on Security

SEPTEMBER 13, 2023

The FBI responded by reverifying InfraGard members and by seizing the cybercrime forum where the data was being sold. 11, 2023, USDoD resurfaced after a lengthy absence to leak sensitive employee data stolen from the aerospace giant Airbus , while promising to visit the same treatment on top U.S. But on Sept. But on Sept.

Cybercrime 330

Cybercrime Passwords Authentication Malware 330

Security Affairs

OCTOBER 13, 2024

CISA adds Windows and Qualcomm bugs to its Known Exploited Vulnerabilities catalog Three new Ivanti CSA zero-day actively exploited in attacks Ukrainian national pleads guilty in U.S.

Data breaches 116

Data breaches Cryptocurrency Artificial Intelligence Cybercrime 116

Security Affairs

DECEMBER 29, 2021

T-Mobile discloses a new data breach that impacted a “very small number of customers” who were victim of SIM swap attacks. T-Mobile has suffered another security breach, threat actors gained access to the accounts of “a small number of” customers.’. SecurityAffairs – hacking, data breach).

Data breaches 145

Data breaches Mobile Accountability Wireless 145

Krebs on Security

DECEMBER 13, 2022

Federal Bureau of Investigation (FBI) to build cyber and physical threat information sharing partnerships with the private sector, this week saw its database of contact information on more than 80,000 members go up for sale on an English-language cybercrime forum. USDoD’s InfraGard sales thread on Breached. Department of Defense.

Hacking 363

Hacking Energy and Utilities Cybercrime Accountability 363

Security Affairs

DECEMBER 17, 2024

Texas Tech University reports a data breach affecting 1.4 million, exposing personal, health, and financial data from its health sciences centers. Texas Tech University disclosed a data breach that impacted over 1.4 million individuals following a cyber attack.

Data breaches 59

Data breaches Insurance Ransomware Cyber Attacks 59

Security Affairs

MARCH 30, 2024

AT&T confirmed that a data breach impacted 73 million current and former customers after its data were leaked on a cybercrime forum. In March 2024, more than 70,000,000 records from an unspecified division of AT&T were leaked onto Breached forum, vx-underground researchers reported.

Data breaches 144

Data breaches Telecommunications Cybercrime Hacking 144

Security Affairs

OCTOBER 16, 2024

Among them, it was possible to identify tax registration, email addresses, registered domains, IP addresses, social media accounts, telephone number and city. The link between Luan’s hacktivism and cybercrime was established due to his bad Operational security (opsec).

Data breaches 127

Data breaches Media Cybercrime Accountability 127

Krebs on Security

JUNE 15, 2024

A 22-year-old man from the United Kingdom arrested this week in Spain is allegedly the ringleader of Scattered Spider , a cybercrime group suspected of hacking into Twilio , LastPass , DoorDash , Mailchimp , and nearly 130 other organizations over the past two years. man arrested was a SIM-swapper who went by the alias “ Tyler.”

Hacking 323

Hacking Phishing Cybercrime Passwords 323

Security Affairs

OCTOBER 7, 2024

238,000 Comcast customers were impacted by the FBCS data breach following the February ransomware attack, Comcast reports. Telecommunications giant Comcast is notifying approximately 238,000 customers impacted by the Financial Business and Consumer Solutions (FBCS) data breach. reads the notice of data breach.

Data breaches 131

Data breaches Telecommunications Ransomware Accountability 131

Security Affairs

NOVEMBER 22, 2021

GoDaddy suffered a data breach that impacted up to 1.2 million of its managed WordPress customer accounts. GoDaddy discloses a data breach that impacted up to 1.2 million of its customers, threat actors breached the company’s Managed WordPress hosting environment. Pierluigi Paganini.

Data breaches 141

Data breaches Passwords Accountability Information Security 141

Security Affairs

AUGUST 17, 2024

Background check service National Public Data confirms a data breach that exploded millions of social security numbers and other sensitive information. The organization recommends the impacted individuals closely monitor their financial accounts and report any unauthorized activity to their financial institution.

Data breaches 142

Data breaches Hacking Accountability Cybersecurity 142

Security Affairs

JANUARY 4, 2022

UScellular, one of the largest wireless carriers in the US, has disclosed a data breach after the hack suffered in December 2021. UScellular has disclosed a data breach after the attack that compromised the company’s billing system in December 2021. ” reads the data breach notification letter.

Data breaches 139

Data breaches Wireless Accountability Retail 139

Security Affairs

APRIL 15, 2024

Cisco Duo warns that a data breach involving one of its telephony suppliers exposed multifactor authentication (MFA) messages sent by the company via SMS and VOIP to its customers. The security breach occurred on April 1, 2024, the threat actors used a Provider employee’s credentials that illicitly obtained through a phishing attack.

Data breaches 140

Data breaches Social Engineering Engineering Authentication 140

Security Affairs

SEPTEMBER 6, 2024

Car rental giant Avis disclosed a data breach that impacted one of its business applications in August compromising customers’ personal information. Car rental company Avis notified customers impacted in an Augus data breach. ” reads the data breach notification letter sent to the impacted individuals.

Data breaches 130

Data breaches Identity Theft Cybersecurity Hacking 130

Security Affairs

MAY 13, 2024

Firstmac Limited disclosed a data breach after the new Embargo extortion group leaked over 500GB of data allegedly stolen from the company. Firstmac Limited, one of the largest non-bank lenders in Australia, disclosed a data breach. The company is notifying the impacted customers. ” continues the notice.

Data breaches 129

Data breaches Cyber Attacks Identity Theft Banking 129

Security Affairs

AUGUST 25, 2022

Password management software firm LastPass has suffered a data breach, threat actors have stole source code and other data. The company engaged a leading cybersecurity and forensics firm to investigate the incident, it confirmed that the data breach did not compromise users’ Master Passwords.

Data breaches 144

Data breaches Password Management Passwords Architecture 144

Security Affairs

AUGUST 24, 2022

The company disclosed a data breach after threat actors have access to a limited subset of data stored in a compromised database. Exposed data includes emails, usernames, and encrypted passwords. The company is urging all users to immediately reset account passwords and log out of all devices connected to its service.

Data breaches 135

Data breaches Passwords Media Accountability 135

Krebs on Security

AUGUST 15, 2024

On July 21, 2024, denizens of the cybercrime community Breachforums released more than 4 terabytes of data they claimed was stolen from nationalpublicdata.com, a Florida-based company that collects data on consumers and processes background checks. Their asking price? criminal records. “I was not the first one to get it.”

Hacking 345

Hacking Data breaches Identity Theft Accountability 345

Security Affairs

APRIL 29, 2024

Financial Business and Consumer Solutions (FBCS) suffered a data breach that exposed information 2 million individuals. Debt collection agency Financial Business and Consumer Solutions (FBCS) disclosed a data breach that may have impacted 1,955,385 individuals. ” reads the notice of data breach.

Data breaches 134

Data breaches Hacking Accountability Cybercrime 134

Security Affairs

OCTOBER 17, 2022

Australian retail giant Woolworths disclosed a data breach that impacted approximately 2.2 Bad news for the customers of the MyDeal online marketplace, the Australian retail giant Woolworths disclosed a data breach that impacted approximately 2.2 Also, no customer account passwords were accessed. million of them.

Data breaches 137

Data breaches Retail Passwords Accountability 137

Security Affairs

JULY 4, 2024

Healthcare firm HealthEquity disclosed a data breach caused by a partner’s compromised account that exposed protected health information. Healthcare fintech firm HealthEquity disclosed a data breach after a partner’s compromised account was used to access its systems. million accounts.

Data breaches 123

Data breaches Healthcare Accountability Insurance 123

Security Affairs

JUNE 1, 2024

Ticketmaster owner Live Nation confirmed the Ticketmaster data breach that compromised the data of 560 million customers. TB of data, including full details of 560 million customers, for $500,000. Stolen data includes names, emails, addresses, phone numbers, ticket sales, and order details.

Data breaches 138

Data breaches Hacking Accountability Risk 138

Security Affairs

MAY 1, 2024

Panda Restaurant Group disclosed a data breach that occurred in March, resulting in the theft of associates’ personal information. Panda Restaurant Group disclosed a data breach that occurred in March, resulting in the theft of personal information belonging to its associates. Panda Restaurant Group , Inc.

Data breaches 135

Data breaches Identity Theft Hacking Accountability 135