Krebs on Security

AUGUST 6, 2020

A group of thieves thought to be responsible for collecting millions in fraudulent small business loans and unemployment insurance benefits from COVID-19 economic relief efforts gathered personal data on people and businesses they were impersonating by leveraging several compromised accounts at a little-known U.S.

Accountability 362

Accountability Identity Theft Hacking Insurance 362

Troy Hunt

APRIL 12, 2021

This post has been brewing for a while, but the catalyst finally came after someone (I'll refer to him as Jimmy) recently emailed me regarding the LOQBOX data breach from 2020. The data never began circling within the usual hacking groups, it never turned up publicly and thus never appeared in Have I Been Pwned (HIBP).

Data breaches 348

Data breaches Phishing Scams Advertising 348

Troy Hunt

SEPTEMBER 27, 2024

As it relates to the UK GDPR, there are two essential concepts to understand, and they're the first two bulleted items in their personal data breaches guide : The UK GDPR introduces a duty on all organisations to report certain personal data breaches to the relevant supervisory authority.

Data breaches 303

Data breaches Risk Passwords Government 303

Krebs on Security

AUGUST 15, 2024

A great many readers this month reported receiving alerts that their Social Security Number, name, address and other personal information were exposed in a breach at a little-known but aptly-named consumer data broker called NationalPublicData.com. Many media outlets mistakenly reported that the National Public data breach affects 2.9

Hacking 349

Hacking Data breaches Identity Theft Accountability 349

Troy Hunt

JUNE 24, 2024

I've been harbouring some thoughts about the state of data breaches over recent months, and I feel they've finally manifested themselves into a cohesive enough story to write down. That's who the board is accountable to, and maintaining the corporate reputation and profitability of the firm is their number one priority.

Data breaches 299

Data breaches Identity Theft InfoSec Accountability 299

Security Affairs

DECEMBER 8, 2024

“Additionally, Anna Jaques reminds its employees and patients to remain vigilant in reviewing financial account statements on a regular basis for any fraudulent activity. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking,Anna Jaques Hospital)

Data breaches 116

Data breaches Insurance Healthcare Ransomware 116

Krebs on Security

AUGUST 16, 2021

” The intrusion came to light on Twitter when the account @und0xxed started tweeting the details. Reached via direct message, Und0xxed said they were not involved in stealing the databases but was instead in charge of finding buyers for the stolen T-Mobile customer data. . WHO HACKED T-MOBILE?

Mobile 339

Mobile Data breaches Accountability Wireless 339

Krebs on Security

JANUARY 7, 2025

Besieged by scammers seeking to phish user accounts over the telephone, Apple and Google frequently caution that they will never reach out unbidden to users this way. The phishers also abused legitimate Google services to send Tony an email from google.com, and to send a Google account recovery prompt to all of his signed-in devices.

Phishing 338

Phishing Cryptocurrency Accountability Social Engineering 338

Hacker's King

DECEMBER 28, 2024

Data breaches and account hacks are a growing concern for users, especially with the personal and professional information shared on the platform. If youre worried about your Instagram account being hacked , it's essential to take proactive steps to protect your data.

Data breaches 52

Data breaches Hacking Passwords Accountability 52

Security Affairs

DECEMBER 29, 2024

notifies customers of credit card data breach, after threat actors hacked a third-party app from its e-commerce provider. disclosed a data breach that exposed its customers’ credit card data after threat actors hacked a third-party application from its e-commerce providerBigCommerce.

Data breaches 81

Data breaches Computers and Electronics Wireless Hacking 81

Krebs on Security

AUGUST 16, 2022

There was no reason to believe Holistic-K1ller had fabricated their breach claim. This identity has been highly active on Breached and its predecessor RaidForums for more than two years, mostly selling databases from hacked Mexican entities. That same month, they also sold data on 1.4

Data breaches 318

Data breaches Banking Cybercrime Marketing 318

Troy Hunt

JUNE 1, 2020

closed or ia idk | BLM (@pjnkmin) May 31, 2020 Just to be clear: there's not necessarily a direct link between whoever put the video above together and the data now doing the rounds and attribution is tricky once you get a bunch of different people under different accounts and pseudonyms all flying the "Anonymous" banner.

Hacking 364

Hacking Passwords Data breaches Accountability 364

Security Affairs

JANUARY 3, 2025

Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking,data breach) Emergency care and patient admissions remained unaffected during the incident. RUMC offered 12 months of free credit monitoring to those individuals with compromised Social Security numbers.

Data breaches 76

Data breaches Ransomware Insurance Healthcare 76

Security Affairs

DECEMBER 7, 2024

The 8Base ransomware group attacked Croatia’s Port of Rijeka, stealing sensitive data, including contracts and accounting info. A cyber attack hit the Port of Rijeka in Croatia, the 8Base ransomware group claimed responsibility for the security breach. The Port of Rijeka (Luka Rijeka d.d.),

Ransomware 124

Ransomware Hacking Accountability Cyber Attacks 124

Security Affairs

JANUARY 16, 2025

The law firm Wolf Haldenstein disclosed a data breach that exposed the personal information of nearly 3.5 The law firm Wolf Haldenstein disclosed a 2023 data breach that exposed the personal information of nearly 3.5 The law firm pointed out that it has no evidence the exposed data has been misused.

Data breaches 96

Data breaches Identity Theft Consumer Protection Data collection 96

Malwarebytes

FEBRUARY 14, 2025

Over the years Zacks has suffered a few data breaches. In 2023, data allegedly belonging to Zacks containing 8,615,098 records was leaked online. The most recent data in this database is from May 2020. This would be the 2nd (hacked back in 2020) major data breach for Zacks. Check the vendors advice.

Accountability 84

Accountability Data breaches Passwords Phishing 84

Schneier on Security

APRIL 2, 2020

Marriott announced another data breach, this one affecting 5.2 name, mailing address, email address, and phone number) Loyalty Account Information (e.g., account number and points balance, but not passwords) Additional Personal Details (e.g., company, gender, and birthday day and month) Partnerships and Affiliations (e.g.,

Hacking 271

Hacking Accountability Data breaches Government 271

Krebs on Security

JUNE 15, 2024

A 22-year-old man from the United Kingdom arrested this week in Spain is allegedly the ringleader of Scattered Spider , a cybercrime group suspected of hacking into Twilio , LastPass , DoorDash , Mailchimp , and nearly 130 other organizations over the past two years. man arrested was a SIM-swapper who went by the alias “ Tyler.”

Hacking 332

Hacking Phishing Cybercrime Passwords 332

Security Affairs

OCTOBER 28, 2024

. “Free was “the victim of a cyberattack targeting a management tool” leading to “unauthorized access to some of the personal data associated with the accounts of certain subscribers ,” the second largest telephone operator in France confirmed to Agence France-Presse (AFP) on Saturday, October 26.

Cyber Attacks 126

Cyber Attacks Telecommunications Data breaches Banking 126

Krebs on Security

JULY 22, 2020

The New York Times last week ran an interview with several young men who claimed to have had direct contact with those involved in last week’s epic hack against Twitter. A screenshot of a Discord discussion between the key Twitter hacker “Kirk” and several people seeking to hijack high-value Twitter accounts.

Hacking 327

Hacking Accountability Scams Media 327

Krebs on Security

DECEMBER 13, 2022

Meanwhile, the hackers responsible are communicating directly with members through the InfraGard portal online — using a new account under the assumed identity of a financial industry CEO that was vetted by the FBI itself. USDoD’s InfraGard sales thread on Breached. Department of Defense. Department of Justice in April.

Hacking 363

Hacking Energy and Utilities Cybercrime Accountability 363

Security Affairs

JULY 24, 2024

The academic medical center of the University of Michigan, Michigan Medicine, suffered a data breach that impacted 56953 patients. Michigan Medicine notified patients of the data breach. The threat actors accessed the employee email accounts on May 23 and May 29.

Data breaches 145

Data breaches Insurance Accountability Cyber Attacks 145

Krebs on Security

FEBRUARY 16, 2022

The ICRC said the hacked servers contained data relating to the organization’s Restoring Family Links services, which works to reconnect people separated by war, violence, migration and other causes. .” In their online statement about the hack (updated on Feb. Image: Ke-la.com. ” Update, 2:00 p.m.,

Hacking 295

Hacking Ransomware Media Accountability 295

Security Affairs

NOVEMBER 18, 2024

T-Mobile confirmed being a victim of recent hacking campaigns linked to China-based threat actors targeting telecom companies. T-Mobile confirms it was hacked as part of a long-running cyber espionage campaign targeting Telco companies. and its allies for hacking activities in July. Wall Street Journal reported.

Mobile 113

Mobile Telecommunications Data breaches Hacking 113

Schneier on Security

JUNE 28, 2023

The stalkerware company LetMeSpy has been hacked : TechCrunch reviewed the leaked data, which included years of victims’ call logs and text messages dating back to 2013. The database we reviewed contained current records on at least 13,000 compromised devices, though some of the devices shared little to no data with LetMeSpy.

Hacking 253

Hacking Spyware Accountability Data breaches 253

Krebs on Security

MARCH 14, 2023

men have been charged with hacking into a U.S. Both are alleged to be part of a larger criminal organization that specializes in using fake emergency data requests from compromised police and government email accounts to publicly threaten and extort their victims. federal government portal without authorization.

Hacking 299

Hacking Government Media Accountability 299

Security Affairs

DECEMBER 17, 2024

Texas Tech University reports a data breach affecting 1.4 million, exposing personal, health, and financial data from its health sciences centers. Texas Tech University disclosed a data breach that impacted over 1.4 terabytes of data, including patient data, medical research, and a large set of SQL databases.

Data breaches 59

Data breaches Insurance Ransomware Cyber Attacks 59

Krebs on Security

AUGUST 19, 2024

According to the breach tracking service Constella Intelligence , the passwords included in the source code archive are identical to credentials exposed in previous data breaches that involved email accounts belonging to NPD’s founder, an actor and retired sheriff’s deputy from Florida named Salvatore “Sal” Verini.

Passwords 357

Passwords Data breaches Accountability Data privacy 357

Joseph Steinberg

JULY 7, 2022

A mischievous hacker, or group of hackers, took over Disneyland’s official Instagram and Facebook accounts earlier today, and, apparently, defaced them both with a series of profane and racist posts. Walt Disney Company has confirmed the breach, which appears to have occurred around 7 AM US Eastern time.

Accountability 258

Accountability Artificial Intelligence Media Data breaches 258

The Last Watchdog

AUGUST 19, 2021

At the start of this week, word got out that hackers claimed to have seized personal data for as many as 100 million T-Mobile patrons. Related: Kaseya hack worsens supply chain risk. Often inadvertent data breaches stem from a well-meaning employee trying to meet the needs of clients but without the technical systems to facilitate.

Mobile 235

Mobile Data breaches Authentication Accountability 235

Bleeping Computer

MARCH 11, 2024

Roku has disclosed a data breach impacting over 15,000 customers after hacked accounts were used to make fraudulent purchases of hardware and streaming subscriptions. [.]

Accountability 140

Accountability Hacking Data breaches 140

Security Affairs

MARCH 10, 2025

authorities seized $23M in crypto linked to a $150M Ripple wallet theft, experts believe the incident is linked to the 2022 LastPass breach. authorities seized $23M in crypto tied to a $150M Ripple hack, suspected to have been carried out by hackers from the 2022 LastPass breach. ” reads the complaint.

Password Management 87

Password Management Cryptocurrency Passwords Data breaches 87

Security Affairs

OCTOBER 13, 2024

The Mexican Drug Cartels Want You Casio: Notice of Partial Service Outage and Information Leak Caused by Ransomware Attack He founded a “startup” to access sanctioned Russian websites: the cyber police of Khmelnytskyi region exposed the hacker Hacked ‘AI Girlfriend’ Data Shows Prompts Describing Child Sexual Abuse Malware Over 300,000!

Data breaches 116

Data breaches Cryptocurrency Artificial Intelligence Cybercrime 116

Krebs on Security

OCTOBER 28, 2020

That transaction included credentials to a Remote Desktop Protocol (RDP) account apparently set up by a Gunnebo Group employee who wished to access the company’s internal network remotely. Five months later, Gunnebo disclosed it had suffered a cyber attack targeting its IT systems that forced the shutdown of internal servers.

Hacking 358

Hacking Ransomware Banking Accountability 358

Security Affairs

AUGUST 17, 2024

Background check service National Public Data confirms a data breach that exploded millions of social security numbers and other sensitive information. “There appears to have been a data security incident that may have involved some of your personal information. ” reads the statement published by the company.

Data breaches 142

Data breaches Hacking Accountability Cybersecurity 142

Krebs on Security

NOVEMBER 14, 2024

But not long after KrebsOnSecurity reported in April that Shefel/Rescator also was behind the theft of Social Security and tax information from a majority of South Carolina residents in 2012, Mr. Shefel began contacting this author with the pretense of setting the record straight on his alleged criminal hacking activities. Image: U.S.

Retail 253

Retail Advertising Cryptocurrency Marketing 253

Security Affairs

MARCH 4, 2024

American Express warns customers that their credit cards were exposed due to a data breach experienced by a third-party merchant processor. American Express (Amex) notifies customers that their credit card information has been compromised in a data breach involving a third-party merchant processor.

Data breaches 135

Data breaches Accountability Hacking Mobile 135