Troy Hunt

MARCH 10, 2021

Pwned Passwords is a repository of 613M passwords exposed in previous data breaches, which makes them very poor choices for future use. They're totally free and they have a really cool anonymity API that ensures no useful information about the password being searched for is ever exposed.

Passwords 346

Passwords IoT Password Management Data breaches 346

Krebs on Security

JANUARY 11, 2021

Ubiquiti , a major vendor of cloud-enabled Internet of Things (IoT) devices such as routers, network video recorders, security cameras and access control systems, is urging customers to change their passwords and enable multi-factor authentication. The data may also include your address and phone number if you have provided that to us.”

Passwords 355

Passwords Authentication Firmware Accountability 355

Troy Hunt

NOVEMBER 13, 2024

Additionally, the threat actor with… pic.twitter.com/tqsyb8plPG — HackManac (@H4ckManac) February 28, 2024 When Jason found his email address and other info in this corpus, he had the same question so many others do when their data turns up in a place they've never heard of before - how?

Data breaches 283

Data breaches Passwords B2B Technology 283

The Last Watchdog

NOVEMBER 22, 2021

Until biometrics or a quantum solution change our everyday approach to encryption, passwords remain our first line of defense against data breaches, hackers, and thieves. Proper password hygiene doesn’t require a degree in rocket science. 1) Create sufficiently-complex passwords. No personal information.

Passwords 244

Passwords Password Management Accountability Data breaches 244

Security Affairs

OCTOBER 11, 2024

The Internet Archive disclosed a data breach, the security incident impacted more than 31 million users of its “The Wayback Machine.” Starting from Wednesday, the website archive.org was displaying a message informing visitors that it was hacked. Hunt will add the information of the impacted users to HIBP very soon.

Data breaches 128

Data breaches Internet Internet DDOS 128

The Last Watchdog

JUNE 12, 2023

Information privacy and information security are two different things. Related: Tapping hidden pools of security talent Information privacy is the ability to control who (or what) can view or access information that is collected about you or your customers. They take all this private information, and then they sell it.

Information Security 202

Information Security Data breaches CISO Encryption 202

Malwarebytes

SEPTEMBER 10, 2024

Payment provider Slim CD has disclosed a security incident that may have exposed the full credit card information of anyone paying at a merchant that uses Slim CD’s services. However, the company said the criminals only had access to credit card and other information between June 14 and June 15, 2024. Change your password.

Data breaches 132

Data breaches Identity Theft Passwords Phishing 132

Troy Hunt

JUNE 30, 2024

Last week, I wrote about The State of Data Breaches and got loads of feedback. Let me explain: Hackers This is where most data breaches begin, with someone illegally accessing a protected system and snagging the data. It's awkward, talking to the first party responsible for the breach.

Data breaches 250

Data breaches Government InfoSec Passwords 250

Malwarebytes

JUNE 1, 2024

Live Nation Entertainment has confirmed what everyone has been speculating on for the last week : Ticketmaster has suffered a data breach. As appropriate, we are also notifying regulatory authorities and users with respect to unauthorized access to personal information. Change your password. Watch out for fake vendors.

Data breaches 145

Data breaches Passwords Phishing Password Management 145

Krebs on Security

JULY 29, 2021

Every time there is another data breach, we are asked to change our password at the breached entity. But the reality is that in most cases by the time the victim organization discloses an incident publicly the information has already been harvested many times over by profit-seeking cybercriminals.

Passwords 362

Passwords Password Management Phishing Scams 362

Security Affairs

JULY 24, 2024

A cyber attack against Michigan Medicine resulted in the compromise of the personal and health information of approximately 57,000 patients. The academic medical center of the University of Michigan, Michigan Medicine, suffered a data breach that impacted 56953 patients. Michigan Medicine notified patients of the data breach.

Data breaches 145

Data breaches Insurance Accountability Banking 145

Security Affairs

DECEMBER 23, 2023

Mobile virtual network operator Mint Mobile suffered a new data breach, threat actors had access to customers’ personal information. Mint Mobile experienced a recent data breach, exposing customers’ personal information to unauthorized access by threat actors.

Mobile 141

Mobile Data breaches Wireless Data collection 141

Malwarebytes

JULY 19, 2024

The Identity Theft Resource Center (ITRC) tracked 1,041,312,601 data breach victims in Q2 2024, an increase of 1,170% over Q2 2023 (81,958,874 victims). Because both of these breaches were announced/updated in the second quarter of 2024 they have a huge impact on the numbers. Change your password.

Data breaches 135

Data breaches Passwords Identity Theft Phishing 135

Malwarebytes

MARCH 25, 2024

.” An investigation revealed that the incident involved some personal information of Vans’ customers. The data incident turned out to be a ransomware attack. Corporation stated the hackers disrupted business operations and stole the personal information of approximately 35.5 Change your password.

Data breaches 140

Data breaches Phishing Identity Theft Passwords 140

Krebs on Security

JULY 12, 2024

disclosed today that a new data breach has exposed phone call and text message records for roughly 110 million people — nearly all of its customers. AT&T also acknowledged the customer records were exposed in a cloud database that was protected only by a username and password (no multi-factor authentication needed).

Data breaches 336

Data breaches Passwords Authentication Accountability 336

Security Affairs

APRIL 26, 2024

Media reported [ 1 , 2 ] that the company is notifying millions of current and former members of a data breach. TechCrunch reported that the company confirmed it shared patients’ information with third-party organizations, including Google, Microsoft and X, for advertising purposes. million residents.

Data breaches 142

Data breaches Healthcare Advertising Mobile 142

Malwarebytes

OCTOBER 8, 2024

Money transfer company MoneyGram has notified its customers of a data breach in which it says certain customers had their personal information taken between September 20 and 22, 2024. The UK’s Information Commissioner’s Office (ICO) confirmed to TechCrunch that the watchdog had received a report from MoneyGram. “We

Data breaches 135

Data breaches Identity Theft Passwords Phishing 135

Malwarebytes

OCTOBER 10, 2024

A non-profit that benefits millions of people has fallen victim to a data breach and a DDoS attack. It is often used for academic research and data analysis. Cybercriminals managed to breach the site and steal a user authentication database containing 31 million records. Change your password.

Data breaches 138

Data breaches DDOS Internet Internet 138

Malwarebytes

JUNE 14, 2024

The online handle of the seller immediately raised the suspicion that this was yet another Snowflake related data breach. Post by Sp1d3r on breach forum The post also mentions Suntrust bank because Truist Bank arose after SunTrust Banks and BB&T (Branch Banking and Trust Company) merged in December 2019.

Data breaches 128

Data breaches Banking Passwords Phishing 128

Security Affairs

NOVEMBER 16, 2023

Samsung Electronics disclosed a data breach that exposed customer personal information to an unauthorized individual. Samsung Electronics suffered a data breach that exposed the personal information of some of its customers to an unauthorized individual. “What information was involved?

Data breaches 142

Data breaches eCommerce Hacking Authentication 142

Security Affairs

MAY 16, 2024

The Spanish bank Santander disclosed a data breach at a third-party provider that impacted customers in Chile, Spain, and Uruguay. The Spanish financial institution Santander revealed a data breach involving a third-party provider that affected customers in Chile, Spain, and Uruguay. ” continues the statement.

Data breaches 142

Data breaches Banking Passwords Marketing 142

The Last Watchdog

AUGUST 19, 2021

TMobile has now issued a formal apology and offered free identity theft recovery services to nearly 48 million customers for whom the telecom giant failed to protect their sensitive personal information. At the start of this week, word got out that hackers claimed to have seized personal data for as many as 100 million T-Mobile patrons.

Mobile 235

Mobile Data breaches Authentication Accountability 235

Malwarebytes

AUGUST 27, 2024

The Texas Dow Employees Credit Union (TDECU) has filed a data breach notification , reporting that the data of 500,474 people has been accessed in an external system breach. Protecting yourself after a data breach There are some actions you can take if you are, or suspect you may have been, the victim of a data breach.

Data breaches 131

Data breaches Passwords Phishing Password Management 131

Security Affairs

MARCH 16, 2024

Unemployment agency France Travail (Pôle Emploi) recently suffered a data breach that could impact 43 million people. On August 2023, the French government employment agency Pôle emploi suffered a data breach and notified 10 million individuals impacted by the security breach.

Data breaches 142

Data breaches Cybercrime Government Ransomware 142

Security Affairs

JULY 8, 2024

Threat actors leaked the largest password compilation ever, known as RockYou2024, on a popular hacking forum. The Cybernews researchers reported that threat actors leaked the largest password compilation ever, known as RockYou2024, on a popular hacking forum. billion passwords from various internet data leaks.

Passwords 137

Passwords Data breaches Hacking Accountability 137

Malwarebytes

OCTOBER 25, 2024

The Office for Civil Rights (OCR) at the HHS confirmed that it prioritized and opened investigations of Change Healthcare and UnitedHealth Group, focused on whether a breach of protected health information (PHI) occurred and on the entities’ compliance with the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Rules.

Healthcare 132

Healthcare Data breaches Passwords Identity Theft 132

Malwarebytes

JANUARY 15, 2024

As is often the case these days, it turns out that the cyberincident was very likely a ransomware attack that included a data breach. Ransomware operators typically steal data from the compromised systems to use as extra leverage against the victim. Change your password. Check the vendor’s advice.

Data breaches 135

Data breaches Identity Theft Passwords Ransomware 135

Malwarebytes

JUNE 4, 2024

The US debt collection agency Financial Business and Consumer Solutions (FBCS) has filed a data breach notification , listing the the total number of people affected as 3,226,631. FBCS has sent data breach notifications to those affected, detailing what data was compromised and offering 12 months of free credit monitoring.

Data breaches 134

Data breaches Passwords Phishing Password Management 134

Security Affairs

FEBRUARY 23, 2024

Australian telecommunications provider Tangerine disclosed a data breach that impacted roughly 230,000 individuals. Tangerine suffered a data breach that exposed the personal information of roughly 230,000 individuals. ” reads the statement published by the company. ”continues the statement.

Data breaches 138

Data breaches Telecommunications Banking Mobile 138

Security Affairs

SEPTEMBER 27, 2023

DarkBeam left an Elasticsearch and Kibana interface unprotected, exposing records from previously reported and non-reported data breaches. DarkBeam has apparently been collecting information to alert its customers in case of a data breach. Sample of leaked data. Sample of leaked data. billion records.

Passwords 145

Passwords Data breaches Phishing Hacking 145

Malwarebytes

OCTOBER 1, 2024

Ireland’s privacy watchdog Data Protection Commission (DPC) has fined Meta €91M ($101M) after the discovery in 2019 that Meta had stored 600 million Facebook and Instagram passwords in plaintext. The DPC ruled that Meta was in violation of GDPR on several occasions related to this breach.

Passwords 145

Passwords Data breaches Media Phishing 145

Malwarebytes

MARCH 5, 2024

In a subsequent update, American Express explained that it was not a service provider, but a merchant processor that suffered the breach. The account information of some card holders may have fallen into the wrong hands. The accessed information includes account numbers, names, and card expiration dates. Change your password.

Data breaches 139

Data breaches Passwords Accountability Identity Theft 139

Security Affairs

JANUARY 19, 2024

American global apparel and footwear company VF Corp revealed that the December data breach impacted 35.5 Now the company confirmed attackers stole corporate and personal information impacting 35.5 VF immediately began taking measures to remediate the attack and launched an investigation into the security breach.

Data breaches 140

Data breaches Retail Insurance Passwords 140

Security Affairs

DECEMBER 11, 2023

Toyota Financial Services (TFS) disclosed a data breach, threat actors had access to sensitive personal and financial data. Toyota Financial Services (TFS) is warning customers it has suffered a data breach that exposed sensitive personal and financial data. Affected customers have now been informed.

Financial Services 142

Financial Services Data breaches Identity Theft Banking 142

Malwarebytes

JULY 2, 2024

million people had been impacted by the resulting data breach. At first, Prudential said it believed only 36,000 people had had their data stolen, but that number has now been revised to 2.5 million in a new breach notification. million in a new breach notification. Change your password.

Data breaches 133

Data breaches Identity Theft Passwords Phishing 133

Malwarebytes

APRIL 2, 2024

Malwarebytes VP of Consumer Privacy, Oren Arar, describes the AT&T breach as “especially risky” because much of the type of data that’s been exposed. While AT&T has made this determination, it is not yet known whether the data in those fields originated from AT&T or one of its vendors.

Data breaches 145

Data breaches Passwords Phishing Accountability 145

Malwarebytes

JULY 3, 2024

‘Buy now, pay later’ payment specialist Affirm has warned that holders of its payment cards had their personal information exposed after a ransomware attack and data breach at Evolve Bank & Trust. Evolve refused to pay the ransom, and so the attackers leaked the data they downloaded. Change your password.

Data breaches 126

Data breaches Banking Passwords Phishing 126