Adam Levin

OCTOBER 16, 2020

Barnes & Noble has confirmed a data breach following a cyberattack that took many of their services offline. . Barnes & Noble customers are strongly encouraged to update any related passwords and to keep an eye for irregular activity on their accounts. .

Data breaches 286

Data breaches VPN Passwords Accountability 286

Krebs on Security

MAY 19, 2020

In January 2019, dozens of media outlets raised the alarm about a new “megabreach” involving the release of some 773 million stolen usernames and passwords that was breathlessly labeled “the largest collection of stolen data in history.” “ Sanixer “) from the Ivano-Frankivsk region of the country.

Passwords 362

Passwords Accountability Hacking Password Management 362

Malwarebytes

OCTOBER 25, 2024

The Office for Civil Rights (OCR) at the HHS confirmed that it prioritized and opened investigations of Change Healthcare and UnitedHealth Group, focused on whether a breach of protected health information (PHI) occurred and on the entities’ compliance with the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Rules.

Healthcare 117

Healthcare Data breaches Passwords Identity Theft 117

Troy Hunt

SEPTEMBER 27, 2024

As it relates to the UK GDPR, there are two essential concepts to understand, and they're the first two bulleted items in their personal data breaches guide : The UK GDPR introduces a duty on all organisations to report certain personal data breaches to the relevant supervisory authority.

Data breaches 310

Data breaches Risk Passwords Government 310

Krebs on Security

JANUARY 11, 2021

Ubiquiti , a major vendor of cloud-enabled Internet of Things (IoT) devices such as routers, network video recorders, security cameras and access control systems, is urging customers to change their passwords and enable multi-factor authentication. The data may also include your address and phone number if you have provided that to us.”

Passwords 362

Passwords Authentication Firmware Accountability 362

Troy Hunt

MARCH 10, 2021

Pwned Passwords is a repository of 613M passwords exposed in previous data breaches, which makes them very poor choices for future use. They're totally free and they have a really cool anonymity API that ensures no useful information about the password being searched for is ever exposed.

Passwords 355

Passwords IoT Password Management Data breaches 355

SecureWorld News

FEBRUARY 6, 2025

Grubhub recently confirmed a data breach stemming from a third-party vendor, exposing the ongoing risks associated with supply chain security. Grubhub detected unusual activity within its environment, later traced to an account associated with a third-party service provider used for customer support. What happened?

Data breaches 83

Data breaches Accountability Social Engineering Passwords 83

Krebs on Security

JANUARY 19, 2023

T-Mobile today disclosed a data breach affecting tens of millions of customer accounts, its second major data exposure in as many years. APIs are essentially instructions that allow applications to access data and interact with web databases. Image: customink.com In a filing today with the U.S.

Mobile 340

Mobile Accountability Data breaches Identity Theft 340

Troy Hunt

FEBRUARY 25, 2025

We've also added 244M passwords we've never seen before to Pwned Passwords and updated the counts against another 199M that were already in there. This is just one of many channels involved in cybercrime, but it's noteworthy due to the huge amount of freely accessible data.

Passwords 338

Passwords Accountability VPN Malware 338

Krebs on Security

DECEMBER 2, 2020

For at least the third time in its existence, OGUsers — a forum overrun with people looking to buy, sell and trade access to compromised social media accounts — has been hacked. An offer by the apparent hackers of OGUsers, offering to remove account information from the eventual database leak in exchange for payment.

Accountability 345

Accountability Hacking Scams Media 345

Krebs on Security

SEPTEMBER 22, 2023

The password manager service LastPass is now forcing some of its users to pick longer master passwords. But critics say the move is little more than a public relations stunt that will do nothing to help countless early adopters whose password vaults were exposed in a 2022 breach at LastPass.

Passwords 321

Passwords Encryption Password Management Cryptocurrency 321

Malwarebytes

FEBRUARY 25, 2025

Employment screening company DISA Global Solutions has filed a data breach notification after a cyber incident on their network. Protecting yourself after a data breach There are some actions you can take if you are, or suspect you may have been, the victim of a data breach. Change your password.

Data breaches 96

Data breaches Passwords Phishing Password Management 96

Malwarebytes

FEBRUARY 14, 2025

Over the years Zacks has suffered a few data breaches. In 2023, data allegedly belonging to Zacks containing 8,615,098 records was leaked online. The most recent data in this database is from May 2020. This would be the 2nd (hacked back in 2020) major data breach for Zacks. Change your password.

Accountability 82

Accountability Data breaches Passwords Phishing 82

Krebs on Security

MAY 7, 2022

Apple , Google and Microsoft announced this week they will soon support an approach to authentication that avoids passwords altogether, and instead requires users to merely unlock their smartphones to sign in to websites or online services. “I worry about forgotten password recovery for cloud accounts.”

Passwords 270

Passwords Authentication Accountability Mobile 270

The Last Watchdog

NOVEMBER 22, 2021

With so much critical data now stored in the cloud, how can people protect their accounts? Until biometrics or a quantum solution change our everyday approach to encryption, passwords remain our first line of defense against data breaches, hackers, and thieves. 1) Create sufficiently-complex passwords.

Passwords 244

Passwords Password Management Accountability Data breaches 244

Troy Hunt

MARCH 4, 2020

Since launching version 2 of Pwned Passwords with the k-anonymity model just over 2 years ago now, the thing has really gone nuts (read that blog post for background otherwise nothing from here on will make much sense). They could be searching for any password whose SHA-1 hash begins with those characters. Very slick!

Passwords 281

Passwords Data breaches Risk Encryption 281

The Last Watchdog

OCTOBER 10, 2024

Where a traditional threat intelligence or investigations tool may provide a small number of records directly correlated to the search input, IDLink expands the pool of results to include identity data correlated across shared usernames, emails, passwords, and PII – with flexible options around pivoting depth, confidence levels, and visualization.

Risk 286

Risk Cybercrime Identity Theft Phishing 286

Security Affairs

OCTOBER 28, 2024

. “Free was “the victim of a cyberattack targeting a management tool” leading to “unauthorized access to some of the personal data associated with the accounts of certain subscribers ,” the second largest telephone operator in France confirmed to Agence France-Presse (AFP) on Saturday, October 26.

Cyber Attacks 123

Cyber Attacks Telecommunications Data breaches Banking 123

Krebs on Security

DECEMBER 19, 2024

A search in the threat intelligence platform Intel 471 shows a user by the name Araneida promoted the scanner on two cybercrime forums since 2022, including Breached and Nulled. In 2022, Araneida told fellow Breached members they could be reached on Discord at the username “ Ornie#9811.” 2023 on the forum Cracked.

Hacking 230

Hacking Cybercrime Advertising Data breaches 230

Security Affairs

MARCH 20, 2025

A data breach at the Pennsylvania State Education Association exposed the personal information of over 500,000 individuals. The Pennsylvania State Education Association (PSEA) suffered a data breach that impacted 517,487 individuals. ” reads the data breach notification.

Education 61

Education Data breaches Identity Theft Insurance 61

Krebs on Security

AUGUST 6, 2020

A group of thieves thought to be responsible for collecting millions in fraudulent small business loans and unemployment insurance benefits from COVID-19 economic relief efforts gathered personal data on people and businesses they were impersonating by leveraging several compromised accounts at a little-known U.S.

Accountability 362

Accountability Identity Theft Hacking Insurance 362

Hacker's King

DECEMBER 28, 2024

Data breaches and account hacks are a growing concern for users, especially with the personal and professional information shared on the platform. If youre worried about your Instagram account being hacked , it's essential to take proactive steps to protect your data.

Data breaches 52

Data breaches Hacking Passwords Accountability 52

Malwarebytes

NOVEMBER 4, 2024

In a data breach notification filed by the Attorney General for the state of Maine, the cybersecurity incident that affected Columbus, Ohio impacted half a million people. Because of the data breach notification from Maine’s Attorney General, that number now has a little more clarity. Change your password.

Data breaches 113

Data breaches Passwords Ransomware Phishing 113

Krebs on Security

JULY 12, 2024

disclosed today that a new data breach has exposed phone call and text message records for roughly 110 million people — nearly all of its customers. AT&T also acknowledged the customer records were exposed in a cloud database that was protected only by a username and password (no multi-factor authentication needed).

Data breaches 348

Data breaches Passwords Authentication Accountability 348

Troy Hunt

JUNE 1, 2020

I've now seen several versions of the same set of email addresses and passwords albeit with different attribution up the top of the file. There are 798 email addresses in the data set but only 689 unique ones. That's a hit rate of 95% which is massively higher than any all-new legitimate breach.

Hacking 364

Hacking Passwords Data breaches Accountability 364

Malwarebytes

JUNE 1, 2024

Live Nation Entertainment has confirmed what everyone has been speculating on for the last week : Ticketmaster has suffered a data breach. The third party it refers to is likely Snowflake, a cloud company used by thousands of companies to store, manage, and analyze large volumes of data. Change your password.

Data breaches 145

Data breaches Passwords Phishing Password Management 145

Malwarebytes

MARCH 25, 2025

There are no changes to the way the company stores, manages, or protects customer data. In 2023, not only did the company suffer a major data breach , it also placed some of the blame on the victims who, according to 23andMe, negligently recycled and failed to update their passwords. Select View.

Passwords 113

Passwords Accountability Data breaches Phishing 113

Security Affairs

JULY 24, 2024

The academic medical center of the University of Michigan, Michigan Medicine, suffered a data breach that impacted 56953 patients. Michigan Medicine notified patients of the data breach. The threat actors accessed the employee email accounts on May 23 and May 29.

Data breaches 145

Data breaches Insurance Accountability Cyber Attacks 145

Security Boulevard

JANUARY 29, 2025

Old accounts are often unmaintained and forgotten - which can be problematic when you want to "clean up" some of your digital footprint by deleting them or go back to secure them with stronger passwords/MFA. How do you find these old accounts when your recollection isn't enough? Some methods may be more effective for some users.

Accountability 52

Accountability Password Management Data breaches Passwords 52

Security Affairs

MARCH 10, 2025

This aligns with prior findings that cybercriminals cracked master passwords from LastPass to carry out major heists. DoJ, threat actors may have used private keys extracted by cracking the victim’s password vault stolen from the 2022 security breach suffered by an online password manager.

Password Management 85

Password Management Cryptocurrency Passwords Data breaches 85

Malwarebytes

MARCH 26, 2025

Your account has been flagged due to a spam complaint, and as a result, you are temporarily unable to send emails until this issue is resolved, the email read. To fix the issue, Hunt was asked to sign into his Mailchimp account. The phishing email was convincingly designed, and it threatened consequences if its recipient failed to act.

Phishing 97

Phishing Data breaches Password Management Scams 97

The Last Watchdog

APRIL 28, 2022

Passwords have become ubiquitous with digital. The humble password is nothing more than a digital key that opens a door. And they use passwords to open a device, a system, an account, a file and so on. Which begs the question: why do people create their own passwords? Related: The coming of passwordless access.

Passwords 237

Passwords Encryption Phishing Social Engineering 237

Krebs on Security

JULY 29, 2021

Every time there is another data breach, we are asked to change our password at the breached entity. Here’s a closer look at what typically transpires in the weeks or months before an organization notifies its users about a breached database.

Passwords 363

Passwords Password Management Phishing Scams 363

Schneier on Security

APRIL 2, 2020

Marriott announced another data breach, this one affecting 5.2 name, mailing address, email address, and phone number) Loyalty Account Information (e.g., account number and points balance, but not passwords) Additional Personal Details (e.g., Marriott announced another data breach, this one affecting 5.2

Hacking 274

Hacking Accountability Data breaches Government 274

The Last Watchdog

AUGUST 19, 2021

Often inadvertent data breaches stem from a well-meaning employee trying to meet the needs of clients but without the technical systems to facilitate. Compromising that could make other unrelated accounts vulnerable. as well as insurance and merchant accounts, to commit insurance fraud and wire fraud.

Mobile 235

Mobile Data breaches Authentication Accountability 235

Malwarebytes

MARCH 19, 2025

Sperm donor giant California Cryobank has announced it has suffered a data breach that exposed customers’ personal information. The data breach notification states that the breach occurred on April 20, 2024 and CCB discovered it on October 4, 2024. Change your password. Check the vendors advice.

Banking 90

Banking Data breaches Computers and Electronics Passwords 90

Malwarebytes

FEBRUARY 21, 2025

One of the most impactful data breaches last year was of Change HealthCare, which impacted an estimated 190 million people. In recent news, security researcher Jeremiah Fowler, who specializes in finding unprotected databases, uncovered a non-password-protected database that contained over 1.6 Change your password.

Healthcare 114

Healthcare Data breaches Passwords Phishing 114