Troy Hunt

SEPTEMBER 27, 2024

As it relates to the UK GDPR, there are two essential concepts to understand, and they're the first two bulleted items in their personal data breaches guide : The UK GDPR introduces a duty on all organisations to report certain personal data breaches to the relevant supervisory authority.

Data breaches 338

Data breaches Risk Passwords Government 338

Adam Levin

FEBRUARY 21, 2020

The personal information of over 10.6 MGM Resorts confirmed the leaked data as being the result of a data breach that occurred last year. We are confident that no financial, payment card or password data was involved in this matter.”. million customers of MGM Resorts has been published online.

Data breaches 305

Data breaches Identity Theft Passwords Technology 305

Malwarebytes

DECEMBER 31, 2024

Huge increase in numbers As we reported in July , the number of data breach victims went up 1,170% in Q2 2024, compared to Q2 2023 (from 81,958,874 victims to 1,041,312,601). The huge increase is no big surprise if you look at the size of some of these breaches. Dell notifies customers about data breach (49 million customers) 4.

Data breaches 106

Data breaches Healthcare Passwords Banking 106

Security Affairs

FEBRUARY 4, 2025

Online food ordering and delivery platform GrubHub suffered a data breach that exposed the personal information of drivers and customers. This week the online food ordering and delivery firm GrubHub disclosed a data breach that exposed customer and driver information. The company reset affected passwords.

Data breaches 113

Data breaches Passwords Accountability Hacking 113

Adam Levin

OCTOBER 16, 2020

Barnes & Noble has confirmed a data breach following a cyberattack that took many of their services offline. . The bookseller sent an email to customers notifying them that their personal information had been exposed, but that their financial information had not been compromised. .

Data breaches 286

Data breaches VPN Passwords Accountability 286

Malwarebytes

APRIL 15, 2025

The Hertz Corporation, on behalf of Hertz, Dollar, and Thrifty brands, is sending breach notifications to customers who may have had their name, contact information, driver’s license, andin rare casesSocial Security Number exposed in a data breach. Change your password. Check the vendors advice.

Data breaches 100

Data breaches Ransomware Passwords B2B 100

Krebs on Security

AUGUST 19, 2024

New details are emerging about a breach at National Public Data (NPD), a consumer data broker that recently spilled hundreds of millions of Americans’ Social Security Numbers, addresses, and phone numbers online. In April, a cybercriminal named USDoD began selling data stolen from NPD. Very informative.”

Passwords 355

Passwords Data breaches Accountability Data privacy 355

Malwarebytes

OCTOBER 25, 2024

The Office for Civil Rights (OCR) at the HHS confirmed that it prioritized and opened investigations of Change Healthcare and UnitedHealth Group, focused on whether a breach of protected health information (PHI) occurred and on the entities’ compliance with the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Rules.

Healthcare 116

Healthcare Data breaches Passwords Identity Theft 116

Krebs on Security

MAY 19, 2020

In January 2019, dozens of media outlets raised the alarm about a new “megabreach” involving the release of some 773 million stolen usernames and passwords that was breathlessly labeled “the largest collection of stolen data in history.” “ Sanixer “) from the Ivano-Frankivsk region of the country.

Passwords 362

Passwords Accountability Hacking Password Management 362

The Last Watchdog

OCTOBER 23, 2024

Tip 1: Educating and Training the Workforce Regularly Human error remains one of the leading causes of data breaches. According to the Verizon 2024 Data Breach Investigations Report , 68% of cybersecurity breaches are caused by human error. Many cyber attacks exploit vulnerabilities in outdated software.

Small Business 162

Small Business Data breaches Backups Passwords 162

SecureWorld News

FEBRUARY 6, 2025

Grubhub recently confirmed a data breach stemming from a third-party vendor, exposing the ongoing risks associated with supply chain security. Hashed passwords for certain legacy systems (though Grubhub proactively rotated affected credentials).

Data breaches 97

Data breaches Accountability Social Engineering Passwords 97

Troy Hunt

SEPTEMBER 3, 2020

You've possibly just found out you're in a data breach. The organisation involved may have contacted you and advised your password was exposed but fortunately, they encrypted it. Isn't the whole point of encryption that it protects data when exposed to unintended parties? But you should change it anyway.

Passwords 364

Passwords Encryption Data breaches Risk 364

Krebs on Security

JANUARY 11, 2021

Ubiquiti , a major vendor of cloud-enabled Internet of Things (IoT) devices such as routers, network video recorders, security cameras and access control systems, is urging customers to change their passwords and enable multi-factor authentication. The data may also include your address and phone number if you have provided that to us.”

Passwords 362

Passwords Authentication Firmware Accountability 362

Malwarebytes

FEBRUARY 25, 2025

Employment screening company DISA Global Solutions has filed a data breach notification after a cyber incident on their network. The attacker may have accessed over three million files containing personal information. These data brokers gather information from several sources and sell them on to interested buyers.

Data breaches 96

Data breaches Passwords Phishing Password Management 96

Security Affairs

JANUARY 30, 2025

“This database contained a significant volume of chat history, backend data and sensitive information, including log streams, API Secrets, and operational details.” It was hosted at oauth2callback.deepseek.com:9000 and dev.deepseek.com:9000.” ” reads the report published by Wiz. ” concludes the report.

Authentication 119

Authentication Passwords Hacking Risk 119

Webroot

APRIL 22, 2025

Whether its an email address, a credit card number, or even medical records, your personal information is incredibly valuable in the wrong hands. Because whether you know it or not, many companies are collecting and storing your private data. billion people received notices that their information was exposed in a data breach.

Data breaches 70

Data breaches Identity Theft Passwords eCommerce 70

Security Affairs

JANUARY 15, 2025

A previously unknown threat actor released config files and VPN passwords for Fortinet FortiGate devices on a popular cybercrime forum. A previously unknown threat actor named Belsen Group published configuration files and VPN passwords for over 15,000 Fortinet FortiGate appliances. “The data includes: IPs.

VPN 129

VPN Passwords Firewall Firmware 129

Troy Hunt

JUNE 30, 2024

Last week, I wrote about The State of Data Breaches and got loads of feedback. Let me explain: Hackers This is where most data breaches begin, with someone illegally accessing a protected system and snagging the data. It's awkward, talking to the first party responsible for the breach.

Data breaches 306

Data breaches Government InfoSec Passwords 306

Security Affairs

OCTOBER 31, 2024

Peruvian Interbank confirmed a data breach after threat actors accessed its systems and leaked stolen information online. Interbank disclosed a data breach after a threat actor claimed the hack of the organization and leaked stolen data online. TB of company data related to 3 million customers.

Data breaches 127

Data breaches Financial Services Hacking Mobile 127

Security Affairs

OCTOBER 28, 2024

French internet service provider (ISP) Free disclosed a cyber attack, threat actors allegedly had access to customer personal information. that provides voice, video, data, and Internet telecommunications to consumers in France. The seller also published a sample of the stolen data and some screenshots. Free S.A.S.

Cyber Attacks 124

Cyber Attacks Telecommunications Data breaches Banking 124

Malwarebytes

APRIL 24, 2025

The tech giant may have used this data for targeted advertising, according to Blue Shield, which is one of the largest health insurers in the US. In a data breach notice on its website, Blue Shield says it had begun notifying certain members of a potential data breach that may have included elements of their protected health information.

Insurance 113

Insurance Data breaches Passwords Phishing 113

Troy Hunt

FEBRUARY 25, 2025

We've also added 244M passwords we've never seen before to Pwned Passwords and updated the counts against another 199M that were already in there. This is just one of many channels involved in cybercrime, but it's noteworthy due to the huge amount of freely accessible data.

Passwords 361

Passwords Accountability VPN Malware 361

Security Affairs

OCTOBER 21, 2024

Despite being informed weeks prior, the organization’s failure to rotate exposed API keys, particularly the Zendesk token with access to over 800,000 support tickets, reflects poor incident response. Poor cyber hygiene increases the risk of further data breaches and could undermine user trust.

Internet 127

Internet Internet Data breaches Authentication 127

Malwarebytes

NOVEMBER 4, 2024

In a data breach notification filed by the Attorney General for the state of Maine, the cybersecurity incident that affected Columbus, Ohio impacted half a million people. The attack was later claimed by the Rhysida ransomware group on their leak site, where the group posts information about victims that are unwilling to pay.

Data breaches 113

Data breaches Passwords Ransomware Phishing 113

The Last Watchdog

NOVEMBER 22, 2021

Until biometrics or a quantum solution change our everyday approach to encryption, passwords remain our first line of defense against data breaches, hackers, and thieves. Proper password hygiene doesn’t require a degree in rocket science. 1) Create sufficiently-complex passwords. No personal information.

Passwords 244

Passwords Password Management Accountability Data breaches 244

Krebs on Security

DECEMBER 19, 2024

The cracked software is being resold as a cloud-based attack tool by at least two different services, one of which KrebsOnSecurity traced to an information technology firm based in Turkey. “We have been playing cat and mouse for a while with these guys,” said Matt Sciberras , chief information security officer at Invicti.

Hacking 234

Hacking Cybercrime Advertising Data breaches 234

Krebs on Security

JANUARY 7, 2025

In the first step of the attack, they peppered the target’s Apple device with notifications from Apple by attempting to reset his password. The target told Michael that someone was trying to change his password, which Michael calmly explained they would investigate. “Password is changed,” the man said.

Phishing 334

Phishing Cryptocurrency Accountability Social Engineering 334

The Last Watchdog

JUNE 12, 2023

Information privacy and information security are two different things. Related: Tapping hidden pools of security talent Information privacy is the ability to control who (or what) can view or access information that is collected about you or your customers. They take all this private information, and then they sell it.

Information Security 202

Information Security Data breaches CISO Encryption 202

Security Affairs

MARCH 20, 2025

A data breach at the Pennsylvania State Education Association exposed the personal information of over 500,000 individuals. The Pennsylvania State Education Association (PSEA) suffered a data breach that impacted 517,487 individuals. ” reads the data breach notification.

Education 63

Education Data breaches Identity Theft Insurance 63

Malwarebytes

JUNE 1, 2024

Live Nation Entertainment has confirmed what everyone has been speculating on for the last week : Ticketmaster has suffered a data breach. As appropriate, we are also notifying regulatory authorities and users with respect to unauthorized access to personal information. Change your password. Watch out for fake vendors.

Data breaches 144

Data breaches Passwords Phishing Password Management 144

Hacker's King

DECEMBER 28, 2024

Data breaches and account hacks are a growing concern for users, especially with the personal and professional information shared on the platform. If youre worried about your Instagram account being hacked , it's essential to take proactive steps to protect your data. Revoke access to any app you no longer use or trust.

Data breaches 52

Data breaches Hacking Passwords Accountability 52

Krebs on Security

JULY 29, 2021

Every time there is another data breach, we are asked to change our password at the breached entity. But the reality is that in most cases by the time the victim organization discloses an incident publicly the information has already been harvested many times over by profit-seeking cybercriminals.

Passwords 363

Passwords Password Management Phishing Scams 363

Malwarebytes

MAY 10, 2024

Dell is warning its customers about a data breach after a cybercriminal offered a 49 million-record database of information about Dell customers on a cybercrime forum. It is up to date information registered at Dell servers. I am the only person who has the data.” Change your password.

Data breaches 141

Data breaches Passwords Phishing Big data 141

Security Affairs

JULY 24, 2024

A cyber attack against Michigan Medicine resulted in the compromise of the personal and health information of approximately 57,000 patients. The academic medical center of the University of Michigan, Michigan Medicine, suffered a data breach that impacted 56953 patients. Michigan Medicine notified patients of the data breach.

Data breaches 145

Data breaches Insurance Accountability Cyber Attacks 145

Malwarebytes

SEPTEMBER 10, 2024

Payment provider Slim CD has disclosed a security incident that may have exposed the full credit card information of anyone paying at a merchant that uses Slim CD’s services. However, the company said the criminals only had access to credit card and other information between June 14 and June 15, 2024. Change your password.

Data breaches 119

Data breaches Identity Theft Passwords Phishing 119

Krebs on Security

JULY 12, 2024

disclosed today that a new data breach has exposed phone call and text message records for roughly 110 million people — nearly all of its customers. AT&T also acknowledged the customer records were exposed in a cloud database that was protected only by a username and password (no multi-factor authentication needed).

Data breaches 344

Data breaches Passwords Authentication Accountability 344

Webroot

APRIL 30, 2025

In todays digital world, passwords have become a necessary part of life. May 1, 2025, is World Password Day , a reminder that passwords are the unsung heroes of cybersecurity, the first line of defense for all your sensitive personal data. World Password Day is more relevant than ever in todays evolving threat landscape.

Passwords 60

Passwords Password Management Malware Accountability 60