Security Affairs

APRIL 15, 2024

Cisco Duo warns that a data breach involving one of its telephony suppliers exposed multifactor authentication (MFA) messages sent by the company via SMS and VOIP to its customers. ” reads the data breach notification send to the impacted individuals. date and time of the message, type of message, etc.).”

Data breaches 139

Data breaches Social Engineering Engineering Authentication 139

Security Affairs

NOVEMBER 16, 2023

Samsung Electronics disclosed a data breach that exposed customer personal information to an unauthorized individual. Samsung Electronics suffered a data breach that exposed the personal information of some of its customers to an unauthorized individual. “What information was involved?

Data breaches 138

Data breaches eCommerce Hacking Passwords 138

Security Affairs

SEPTEMBER 3, 2022

Electronics giant Samsung has confirmed a new data breach after some of its US systems were compromised in July. After the attack that hit the company in late July 2022, Samsung disclosed a data breach. Threat actors had access to internal company data, including the source code of Galaxy models.

Data breaches 145

Data breaches Hacking Authentication Cybersecurity 145

Security Affairs

OCTOBER 4, 2023

Sony Interactive Entertainment has notified current and former employees and their family members about a data breach. Sony Interactive Entertainment (SIE) has notified current and former employees and their family members about a data breach that exposed their personal information.

Data breaches 144

Data breaches Ransomware Hacking Software 144

Malwarebytes

MARCH 16, 2022

As part of the proposed settlement, Residual Pumpkin and PlanetArt (the previous and current owners of CafePress) will be required to implement comprehensive information security programs that will address the problems that led to the data breaches at CafePress. Reusing passwords. Stay safe, everyone!

Data breaches 135

Data breaches Passwords Authentication Social Engineering 135

Security Affairs

NOVEMBER 2, 2023

Okta warns approximately 5,000 employees that their personal information was compromised due to a third-party vendor data breach. “On October 12, 2023, Rightway informed Okta that an unauthorized actor gained access to an eligibility census file maintained by Rightway in its provision of services to Okta.

Data breaches 139

Data breaches Hacking Social Engineering Healthcare 139

Security Affairs

MAY 13, 2024

Firstmac Limited disclosed a data breach after the new Embargo extortion group leaked over 500GB of data allegedly stolen from the company. Firstmac Limited, one of the largest non-bank lenders in Australia, disclosed a data breach. The company is notifying the impacted customers. ” continues the notice.

Data breaches 127

Data breaches Cyber Attacks Identity Theft Banking 127

Security Affairs

OCTOBER 26, 2023

On August 10, 2023, the Japanese maker of watches Seiko disclosed a data breach following a cyber attack. Seiko Group Corporation (hereinafter referred to as “the Company” or “we”) has confirmed that on July 28th of this year, the Company suffered a possible data breach.

Data breaches 142

Data breaches Ransomware Education Cybersecurity 142

Security Affairs

AUGUST 24, 2022

The company disclosed a data breach after threat actors have access to a limited subset of data stored in a compromised database. Exposed data includes emails, usernames, and encrypted passwords. According to the company, financial and payment data were not compromised because are not stored on its servers.

Data breaches 133

Data breaches Passwords Media Accountability 133

Security Affairs

MARCH 30, 2024

AT&T confirmed that a data breach impacted 73 million current and former customers after its data were leaked on a cybercrime forum. In March 2024, more than 70,000,000 records from an unspecified division of AT&T were leaked onto Breached forum, vx-underground researchers reported.

Data breaches 144

Data breaches Telecommunications Cybercrime Hacking 144

Security Affairs

SEPTEMBER 24, 2023

educational nonprofit organization National Student Clearinghouse disclosed a data breach that impacted approximately 900 US schools. “On May 31, 2023, the Clearinghouse was informed by our third-party software provider, Progress Software, of a cybersecurity issue involving the provider’s MOVEit Transfer solution.

Data breaches 134

Data breaches Education Ransomware Software 134

Security Affairs

FEBRUARY 23, 2024

Australian telecommunications provider Tangerine disclosed a data breach that impacted roughly 230,000 individuals. Tangerine suffered a data breach that exposed the personal information of roughly 230,000 individuals.

Data breaches 130

Data breaches Telecommunications Banking Mobile 130

Security Affairs

NOVEMBER 20, 2023

The Canadian government discloses a data breach after threat actors hacked two of its contractors. “On October 19 th , 2023, Brookfield Global Relocation Services (BGRS) informed the Government of Canada of a breach involving Government of Canada information held by BGRS and SIRVA Canada systems.”

Data breaches 136

Data breaches Government Hacking Backups 136

Security Affairs

OCTOBER 26, 2020

Nitro PDF suffered a massive data breach that impacts many major organizations, including Apple, Chase, Citibank, Google, and Microsoft. A massive data breach suffered by the Nitro PDF might have a severe impact on well-known organizations, including Google, Apple, Microsoft, Chase, and Citibank. Nitro Software , Inc.

Data breaches 128

Data breaches Advertising Software Accountability 128

Security Affairs

DECEMBER 30, 2024

Cisco confirmed the authenticity of the 4GB of leaked data, the data was compromised in a recent security breach, marking the second leak in the incident. Cisco confirmed the authenticity of the 4GB of leaked data, which was compromised in a recent security breach, marking it as the second leak in the incident.

Data breaches 122

Data breaches Cybercrime Authentication Technology 122

Security Affairs

APRIL 10, 2024

AT&T confirmed that the data breach impacted 51 million former and current customers and is notifying them. AT&T revealed that the recently disclosed data breach impacts more than 51 million former and current customers and is notifying them. ” reads the data breach notification.

Data breaches 125

Data breaches Telecommunications Identity Theft Hacking 125

Malwarebytes

JULY 24, 2024

SIM swapping (and the very similar port-out fraud) is the unlawful use of someone’s personal information to steal their phone number and swap or transfer it to another device. With this, criminals can intercept calls, messages, and certain multi-factor authentication (MFA) codes. Enable two-factor authentication (2FA).

Data breaches 96

Data breaches Wireless Passwords Phishing 96

Security Affairs

NOVEMBER 2, 2024

is an inadequate authentication mechanisms that could allow an attacker to access sensitive information like usernames, MD5 password hashes, and configuration data. Attackers can also trigger flaws to extract network details to infiltrate connected systems, increasing the risk of data breaches and ransomware attacks.

Firmware 119

Firmware Manufacturing IoT Healthcare 119

Security Affairs

JANUARY 4, 2022

The Broward Health public health system disclosed a massive data breach that has impacted more than 1.3 The Broward Health public health system has suffered a data breach that impacted 1,357,879 individuals. ” reads the data breach notification letter sent to the impacted individuals.

Data breaches 108

Data breaches Healthcare Identity Theft Insurance 108

Security Affairs

MAY 29, 2024

A credential stuffing attack is a type of cyber attack where hackers use large sets of username and password combinations, typically obtained from previous data breaches, phishing campaigns, or info-stealer infections, to gain unauthorized access to user accounts on various online services. ” reads advisory.

Authentication 123

Authentication Accountability Passwords Data breaches 123

Security Affairs

APRIL 10, 2025

No OCI customer data has been viewed or stolen. No OCI service has been interrupted or compromised in any way,” Last week, Oracle confirmed a data breach and started informing customers while downplaying the impact of the incident. .”No OCI customer environment has been penetrated.

Hacking 116

Hacking Data breaches Encryption Passwords 116

Security Affairs

JULY 29, 2022

Therefore, strong authentication methods are needed. Therefore, strong authentication methods are needed to improve security without hindering user convenience. What is Strong Authentication? The IAM Security Boundary Strong authentication is a critical component of modern-day identity and access management.

Authentication 123

Authentication Passwords Data privacy Identity Theft 123

Security Affairs

SEPTEMBER 6, 2022

“Our security team investigated this statement and determined that the code in question is completely unrelated to TikTok’s backend source code,” a spokesperson added. The popular data breach hunter Bob Diachenko and his team analyzed publicly exposed data and confirmed their authenticity, but they are unable to determine the origin.

Data breaches 101

Data breaches Hacking Media Authentication 101

Krebs on Security

APRIL 27, 2023

Customers can access a Salesforce Community website in two ways: Authenticated access (requiring login), and guest user access (no login required). This misconfigured Salesforce Community site from the state of Vermont was leaking pandemic assistance loan application data, including names, SSNs, email address and bank account information.

Banking 346

Banking Government Information Security Authentication 346

Security Affairs

JANUARY 3, 2023

A post published on a popular hacking forum claims Volvo Cars has suffered a new data breach, alleging stolen data available for sale. French cybersecurity Anis Haboubi yesterday first noticed that a threat actor was attempting to sell data allegedly stolen from Volvo Cars on a popular hacking forum. Pierluigi Paganini.

Data breaches 98

Data breaches Hacking Ransomware Manufacturing 98

Security Affairs

AUGUST 31, 2022

The Russian subscription-based streaming service Start discloses a data breach affecting 7.5 The Russian media streaming platform START disclosed a data breach that impacted 7.5 Russian news outlet Medusa verified that the leaked data are valid. ” reads the data breach notice published on Telegram.

Data breaches 98

Data breaches Passwords Banking Media 98

Security Affairs

AUGUST 8, 2022

Communications company Twilio discloses a data breach after threat actors have stolen employee credentials in an SMS phishing attack. Communications company Twilio discloses a data breach, threat actors had access to the data of some of its customers. SecurityAffairs – hacking, data breach).

Data breaches 103

Data breaches Social Engineering Phishing Accountability 103

Security Affairs

MARCH 25, 2021

Researchers discovered the availability in the DarK Web of 30M of records of Americans affected by the Astoria Company data breach. Night Lion Security’s CEO, Vinny Troia, reported to Astoria Company the flaw in their database on January 29, 2021 and the availability of their data on Dark Web. Pierluigi Paganini.

Data breaches 125

Data breaches Insurance Banking Hacking 125

Security Affairs

MAY 13, 2023

A data breach disclosed by Toyota Motor Corporation exposed info of more than 2 million customers for ten years Toyota Motor Corporation disclosed a data breach that exposed the car-location information of 2,150,000 customers between November 6, 2013, and April 17, 2023.

Data breaches 98

Data breaches Authentication Internet Internet 98

Webroot

MARCH 3, 2025

During this time, many government agencies and consumer protection organizations come together to help educate consumers on how to keep their personal and financial information secure. The growing risks to your data During the third quarter of 2024, data breaches exposed more than 422 million records worldwide.

Consumer Protection 88

Consumer Protection Identity Theft Scams Social Engineering 88

Security Affairs

JANUARY 20, 2023

PayPal is sending out data breach notifications to thousands of users because their accounts were compromised through credential stuffing attacks. The company added that the unauthorized accessed were the result of credential stuffing attacks and that its systems were not breached. .” What is credential stuffing?

Data breaches 98

Data breaches Identity Theft Accountability Passwords 98

Security Affairs

JANUARY 30, 2025

.” The researchers noted that the leak could have allowed attackers to take full control of the database and potentially escalate privileges within the DeepSeek environment, without any authentication. The experts used ClickHouses HTTP interface and accessed the /play path to execute arbitrary SQL queriesvia the browser.

Authentication 119

Authentication Passwords Hacking Risk 119

Security Affairs

SEPTEMBER 7, 2022

In the digital age, authentication is paramount to a strong security strategy. Which are the challenges of user authentication? In the digital age, authentication is paramount to a strong security strategy. User authentication seems easy, but there are inherent challenges to be aware of. User Authentication.

Authentication 101

Authentication Passwords Risk Education 101

Security Affairs

JUNE 5, 2023

The BBC and British Airways were both impacted by the data breach suffered by the payroll provider Zellis. As a result of the cyber attack on the payroll provider Zellis, the personal data of employees at the BBC and British Airways has been compromised and exposed. reads the advisory published by the company.

Data breaches 98

Data breaches Retail Software Cyber Attacks 98

Security Affairs

MAY 8, 2023

The authenticity of the leaked private key was confirmed by Alex Matrosov, founder of firmware security firm Binarly. The Money Message group initially threatened to publish the stolen files by April 12, 2023, if the company will not pay the ransom.

Data breaches 98

Data breaches Ransomware Firmware Manufacturing 98

The Last Watchdog

APRIL 4, 2022

SMBs and enterprises alike have been struggling with APIs as a mechanism for information security. According to Forbes, “the first half of 2018 was marked by an increase in API-related data breaches, with the 10 largest companies reporting the loss of 63 million personal records.”

Hacking 222

Hacking Penetration Testing Data breaches Authentication 222

Krebs on Security

NOVEMBER 21, 2018

The researcher said he informed the USPS about his finding more than a year ago yet never received a response. ” Nicholas Weaver , a researcher at the International Computer Science Institute and lecturer at UC Berkeley , said the API should have validated that the account making the request had permission to read the data requested.

Accountability 279

Accountability Authentication Identity Theft Advertising 279