Krebs on Security

JANUARY 19, 2023

T-Mobile today disclosed a data breach affecting tens of millions of customer accounts, its second major data exposure in as many years. APIs are essentially instructions that allow applications to access data and interact with web databases. .” Image: customink.com In a filing today with the U.S.

Mobile 336

Mobile Accountability Data breaches Identity Theft 336

Security Affairs

DECEMBER 8, 2024

“After a thorough forensic investigation and manual document review, on November 5, 2024, the investigation determined certain files containing information was accessed by an unauthorized party.” While we conducted our investigation, out of anbundance of caution, on Janurary 24, 2024, Anna Jaques posted a notice on ther website.”

Data breaches 115

Data breaches Insurance Healthcare Ransomware 115

Krebs on Security

AUGUST 6, 2020

A group of thieves thought to be responsible for collecting millions in fraudulent small business loans and unemployment insurance benefits from COVID-19 economic relief efforts gathered personal data on people and businesses they were impersonating by leveraging several compromised accounts at a little-known U.S.

Accountability 363

Accountability Identity Theft Hacking Insurance 363

Krebs on Security

MAY 31, 2019

On May 24, KrebsOnSecurity broke the news that First American had just fixed a weakness in its Web site that exposed approximately 885 million documents — many of them with Social Security and bank account numbers — going back at least 16 years. No authentication was needed to access the digitized records.

Financial Services 257

Financial Services Insurance Banking Authentication 257

Security Affairs

DECEMBER 29, 2021

T-Mobile discloses a new data breach that impacted a “very small number of customers” who were victim of SIM swap attacks. T-Mobile has suffered another security breach, threat actors gained access to the accounts of “a small number of” customers.’. SecurityAffairs – hacking, data breach).

Data breaches 144

Data breaches Mobile Accountability Wireless 144

Security Affairs

DECEMBER 7, 2024

The 8Base ransomware group attacked Croatia’s Port of Rijeka, stealing sensitive data, including contracts and accounting info. A cyber attack hit the Port of Rijeka in Croatia, the 8Base ransomware group claimed responsibility for the security breach. The Port of Rijeka (Luka Rijeka d.d.),

Ransomware 122

Ransomware Hacking Accountability Cyber Attacks 122

Security Affairs

JULY 2, 2024

Fintech firms Wise and Affirm confirmed they were both impacted by the recent data breach suffered by Evolve Bank. Fintech companies Wise and Affirm have confirmed that they were both affected by the recent data breach at Evolve Bank. Evolve has not yet reveal which Wise data has been compromised by the security incident.

Data breaches 128

Data breaches Banking Retail Accountability 128

Security Affairs

DECEMBER 11, 2023

Toyota Financial Services (TFS) disclosed a data breach, threat actors had access to sensitive personal and financial data. Toyota Financial Services (TFS) is warning customers it has suffered a data breach that exposed sensitive personal and financial data.

Financial Services 138

Financial Services Data breaches Identity Theft Banking 138

Krebs on Security

NOVEMBER 14, 2024

A week after breaking the story about the 2013 data breach at Target, KrebsOnSecurity published Who’s Selling Cards from Target? . “I’m also godfather of his second son.” ” Dmitri Golubov, circa 2005. Image: U.S. Postal Investigative Service. “Hi, how are you?” ” he inquired.

Retail 258

Retail Advertising Cryptocurrency Marketing 258

Security Affairs

OCTOBER 8, 2024

MoneyGram disclosed a data breach following a cyberattack in September, during which threat actors stole customer data. ” reads the notice of data breach published by MoneyGram. ” reads the notice of data breach published by MoneyGram.

Data breaches 123

Data breaches Government Banking Hacking 123

Security Affairs

APRIL 7, 2025

Cybercriminals exploit compromised accounts for EDR-as-a-Service (Emergency Data Requests – EDR), targeting major platforms According to a detailed analysis conducted by Meridian Group, an increasingly complex and structured phenomenon, commonly referred to as EDR-as-a-Service, is taking hold in the cybersecurity landscape.

Cybercrime 137

Cybercrime Social Engineering Accountability Government 137

Krebs on Security

JUNE 17, 2020

Central Intelligence Agency produced in the wake of a mammoth data breach in 2016 that led to Wikileaks publishing thousands of classified documents stolen from the agency’s offensive cyber operations division. A redacted portion of the CIA’s report on the Wikileaks breach. DIVIDED WE STAND, UNITED WE FALL.

Data breaches 342

Data breaches Security Awareness Surveillance Media 342

Security Affairs

SEPTEMBER 16, 2022

Uber on Thursday disclosed a security breach, threat actors gained access to its network, and stole internal documents. Uber on Thursday suffered a cyberattack, the attackers were able to penetrate its internal network and access internal documents, including vulnerability reports. states the message. Pierluigi Paganini.

Hacking 143

Hacking Data breaches Information Security Engineering 143

SecureWorld News

MARCH 24, 2022

Now, headlines about ransomware, cyberattacks, and data breaches pour into social media feeds as steady as a river flows. SecureWorld News takes a look at some of the largest data breaches to ever occur. Top 10 most significant data breaches. Yahoo data breach (2013). Who attacked: no attacker.

Data breaches 130

Data breaches Passwords Accountability Government 130

Malwarebytes

OCTOBER 8, 2024

Money transfer company MoneyGram has notified its customers of a data breach in which it says certain customers had their personal information taken between September 20 and 22, 2024. driver’s licenses) Other identification documents (e.g. driver’s licenses) Other identification documents (e.g. Check the vendor’s advice.

Data breaches 121

Data breaches Passwords Identity Theft Phishing 121

Hot for Security

APRIL 30, 2021

(A few years ago, the company was claiming to have one million users – which would put the number of exposed accounts at north of 10,000.). It’s not the first time that DigitalOcean has suffered a data breach that exposed customer information. ”

Data breaches 145

Data breaches Banking Accountability 145

Security Affairs

MAY 22, 2024

The digital imaging products manufacturer OmniVision disclosed a data breach after the 2023 ransomware attack. ” reads the data Breach Notification. As proof of the data breach, the extortion group published data samples, including passport images, NDAs, contracts, and other documents.

Data breaches 132

Data breaches Ransomware Manufacturing Encryption 132

Security Affairs

FEBRUARY 23, 2024

Australian telecommunications provider Tangerine disclosed a data breach that impacted roughly 230,000 individuals. Tangerine suffered a data breach that exposed the personal information of roughly 230,000 individuals. ” reads the statement published by the company. ”continues the statement.

Data breaches 130

Data breaches Telecommunications Banking Mobile 130

Security Affairs

NOVEMBER 27, 2020

Maze ransomware operators started publishing data stolen from the company on its data leak site. The post Canon publicly confirms August ransomware attack and data breach appeared first on Security Affairs. The gang has published a 2.2 GB archive called “STRATEGICPLANNINGpart62.zip” ” reads the statement.

Data breaches 144

Data breaches Ransomware Banking Media 144

Krebs on Security

MARCH 23, 2021

A notice of breach posted by the California State Controller’s Office. In a “ Notice of Data Breach ” message posted on Saturday, Mar. In a “ Notice of Data Breach ” message posted on Saturday, Mar. ” The SCO has not responded to requests for comment first sent Monday.

Phishing 339

Phishing Data breaches Accountability Technology 339

Security Affairs

NOVEMBER 20, 2023

The Canadian government discloses a data breach after threat actors hacked two of its contractors. “On October 19 th , 2023, Brookfield Global Relocation Services (BGRS) informed the Government of Canada of a breach involving Government of Canada information held by BGRS and SIRVA Canada systems.”

Data breaches 136

Data breaches Government Hacking Backups 136

Security Affairs

OCTOBER 14, 2024

Nintendo Everything also reported the leak of Pokémon game source code, unseen Pokémon art, design documents, and other development materials surfacing online. In 2020, Nintendo, another co-owner of Pokémon, suffered a data breach , with attackers leaking source code, internal documents, and development tools.

Data breaches 119

Data breaches Hacking Cyber Attacks Media 119

Webroot

MARCH 3, 2025

The growing risks to your data During the third quarter of 2024, data breaches exposed more than 422 million records worldwide. As of 2024, the average cost of a data breach in the United States amounted to $9.36 In comparison, the global average cost per data breach was $4.88

Consumer Protection 92

Consumer Protection Identity Theft Scams Social Engineering 92

Security Affairs

SEPTEMBER 30, 2024

Community Clinic of Maui experienced a data breach impacting over 120,000 people following a LockBit ransomware attack. LockBit breached the Community Healthcare Clinic of Maui as they are still rebuilding from the devastating fire last year. .’ ” reads the notice of breach published by Malama.

Data breaches 133

Data breaches Ransomware Healthcare Cyber Attacks 133

Krebs on Security

JANUARY 7, 2021

The ongoing breach affecting thousands of organizations that relied on backdoored products by network software firm SolarWinds may have jeopardized the privacy of countless sealed court documents on file with the U.S. federal court system, according to a memo released Wednesday by the Administrative Office (AO) of the U.S.

Computers and Electronics 363

Computers and Electronics Software Engineering Accountability 363

Security Affairs

AUGUST 20, 2024

Toyota has confirmed a data breach after a threat actor leaked 240GB of data stolen from its infrastructure on a cybercrime forum. Toyota disclosed a data breach after a threat actor leaked an archive of 240GB of data stolen from its systems on a cybercrime forum, BleepingComputer reported.

Data breaches 116

Data breaches Cybercrime Financial Services Hacking 116

Troy Hunt

JULY 31, 2024

The email went on: The impact of this vulnerability is severe, potentially resulting in: Mass account takeovers by malicious actors. Exposure of sensitive user data including names, emails, addresses, and documents. Unauthorized transactions or malicious activities using compromised accounts. Of the total count, 89.7%

Scams 361

Scams Passwords Malware Accountability 361

Krebs on Security

JULY 15, 2024

Squarespace bought all assets of Google Domains a year ago, but many customers still haven’t set up their new accounts. Experts say malicious hackers learned they could commandeer any migrated Squarespace accounts that hadn’t yet been registered, merely by supplying an email address tied to an existing domain.

Accountability 328

Accountability Cryptocurrency Passwords DNS 328

Malwarebytes

JANUARY 6, 2022

million customers have had their user accounts compromised in credential stuffing attacks. Credential stuffing is the automated injection of stolen username and password pairs in to website login forms, in order to fraudulently gain access to user accounts. Using a forum or social media account to send phishing messages or spam.

Passwords 145

Passwords Accountability Identity Theft Password Management 145

Krebs on Security

MAY 24, 2019

NYSE:FAF ] leaked hundreds of millions of documents related to mortgage deals going back to 2003, until notified this week by KrebsOnSecurity. He said anyone who knew the URL for a valid document at the Web site could view other documents just by modifying a single digit in the link.

Insurance 279

Insurance Banking Identity Theft Scams 279

Krebs on Security

AUGUST 12, 2020

Several stories here have highlighted the importance of creating accounts online tied to your various identity, financial and communications services before identity thieves do it for you. ” In short, although you may not be required to create online accounts to manage your affairs at your ISP, the U.S. .”

Accountability 355

Accountability Mobile Banking Passwords 355

Krebs on Security

JUNE 21, 2020

In a post on Twitter , DDoSecrets said the BlueLeaks archive indexes “ten years of data from over 200 police departments, fusion centers and other law enforcement training and support resources,” and that “among the hundreds of thousands of documents are police and FBI reports, bulletins, guides and more.”

Government 363

Government Accountability Cyber threats Cyber Attacks 363

Krebs on Security

APRIL 6, 2021

To my mind, this just reinforces the need to remove mobile phone numbers from all of your online accounts wherever feasible. Meanwhile, if you’re a Facebook product user and want to learn if your data was leaked, there are easy ways to find out. The phone number associated with my late Facebook account (which I deleted in Jan.

Mobile 356

Mobile Accountability Passwords Authentication 356

eSecurity Planet

AUGUST 22, 2023

With the ever-present threat of data breaches, organizations need to adopt best practices to help prevent breaches and to respond to them when they occur to limit any damage. And breaches will occur – because bad guys make a living by figuring out ways to circumvent security best practices.

Data breaches 98

Data breaches Big data Penetration Testing Cyber Attacks 98

Krebs on Security

AUGUST 18, 2021

T-Mobile is warning that a data breach has exposed the names, date of birth, Social Security number and driver’s license/ID information of more than 40 million current, former or prospective customers who applied for credit with the company. It is not clear how many people total may be impacted by this breach.

Mobile 261

Mobile Identity Theft Accountability Cybercrime 261

Malwarebytes

JULY 12, 2024

In a new episode of Spy vs Spy , the mobile monitoring app mSpy has suffered a data breach that exposed information about millions of its customers. This is the third known mSpy data breach since the company began in around 2010. Such programs are easy to buy and install.

Data breaches 123

Data breaches Mobile Surveillance Advertising 123

SecureWorld News

OCTOBER 13, 2023

Securities and Exchange Commission (SEC) has initiated an investigation into Progress Software regarding the high-profile MOVEit data breach incident that unfolded earlier this year. An unnamed insurance company is also pursuing the recovery of expenses incurred due to the MOVEit vulnerability.

Data breaches 113

Data breaches Software Insurance Cybercrime 113