Security Affairs

APRIL 2, 2024

“In April 2024, almost 3M+ rows of data from the store company Pandabuy was posted to a popular hacking forum. The website was breached by @ Sanggiero and @ IntelBroker.” The data is available for sale on the cybercrime forum, Sanggiero published a sample as proof of the data breach.

Data breaches 132

Data breaches Cybercrime Hacking Information Security 132

Security Affairs

APRIL 15, 2024

Cisco Duo warns that a data breach involving one of its telephony suppliers exposed multifactor authentication (MFA) messages sent by the company via SMS and VOIP to its customers. The security breach occurred on April 1, 2024, the threat actors used a Provider employee’s credentials that illicitly obtained through a phishing attack.

Data breaches 128

Data breaches Social Engineering Engineering Authentication 128

Security Affairs

APRIL 14, 2024

The threat actor responsible for the post claims to have uploaded the complete database of the company that was stolen in March 2024. The threat actor behind the post claims to have uploaded the “full” database of Giant Tiger customer records stolen in March 2024. Financial data was not impacted in the alleged incident.

Retail 131

Retail Data breaches Hacking Cybercrime 131

Security Affairs

MAY 19, 2024

WebTPA, a third-party administrator that provides healthcare management and administrative services, disclosed a data breach. The US company disclosed a data breach that impacted almost 2.5 The exposed data may vary for each individual. million people. According to the report sent by the WebTPA to the U.S.

Data breaches 123

Data breaches Healthcare Insurance Identity Theft 123

Security Affairs

APRIL 8, 2024

Greylock McKinnon Associates, a service provider for the Department of Justice, suffered a data breach that exposed data of 341650 people. GMA disclosed a data breach that impacted medicare and other information belonging to 5465 people. ” reads the data breach notification.

Data breaches 125

Data breaches Identity Theft Insurance Hacking 125

Security Affairs

APRIL 29, 2024

The Los Angeles County Department of Health Services reported a data breach that exposed thousands of patients’ personal and health information. The Los Angeles County Department of Health Services disclosed a data breach that impacted thousands of patients.

Data breaches 129

Data breaches Phishing Hacking Cybercrime 129

Security Affairs

MAY 13, 2024

Firstmac Limited disclosed a data breach after the new Embargo extortion group leaked over 500GB of data allegedly stolen from the company. Firstmac Limited, one of the largest non-bank lenders in Australia, disclosed a data breach. “It is important to note that our systems are secure.

Data breaches 115

Data breaches Cyber Attacks Identity Theft Banking 115

Security Affairs

MAY 22, 2024

The digital imaging products manufacturer OmniVision disclosed a data breach after the 2023 ransomware attack. At the same time, we took proactive measures to remove the unauthorized party and ensure the security of OVT systems.” ” reads the data Breach Notification. OmniVision Technologies Inc.

Data breaches 120

Data breaches Ransomware Manufacturing Encryption 120

Security Affairs

MARCH 30, 2024

AT&T confirmed that a data breach impacted 73 million current and former customers after its data were leaked on a cybercrime forum. In March 2024, more than 70,000,000 records from an unspecified division of AT&T were leaked onto Breached forum, vx-underground researchers reported.

Data breaches 139

Data breaches Telecommunications Cybercrime Hacking 139

Security Affairs

MAY 17, 2024

The City of Wichita disclosed a data breach after the ransomware attack that hit the Kansas’s city earlier this month. On May 5th, 2024, the City of Wichita, Kansas, was the victim of a ransomware attack and shut down its network to contain the threat. ” reads the Notice of Data Event updated on May 14, 2024.

Data breaches 114

Data breaches Ransomware Hacking Cybercrime 114

Security Affairs

MAY 11, 2024

. “On or about December 24, 2023, the Ohio Lottery detected unauthorized access to our internal office network as a result of a cybersecurity incident that resulted in the exposure of the data we maintain. The incident did not impact the gaming network,” reads the notice of data breach sent to the impacted individuals.

Data breaches 115

Data breaches Identity Theft Cybercrime Cyber Attacks 115

Security Affairs

MARCH 16, 2024

Unemployment agency France Travail (Pôle Emploi) recently suffered a data breach that could impact 43 million people. On August 2023, the French government employment agency Pôle emploi suffered a data breach and notified 10 million individuals impacted by the security breach.

Data breaches 125

Data breaches Cybercrime Government Ransomware 125

Security Affairs

FEBRUARY 23, 2024

Australian telecommunications provider Tangerine disclosed a data breach that impacted roughly 230,000 individuals. Tangerine suffered a data breach that exposed the personal information of roughly 230,000 individuals. The company already notified impacted individuals by email on Wednesday 21 February 2024.

Data breaches 110

Data breaches Telecommunications Banking Mobile 110

Security Affairs

JANUARY 23, 2024

Financial services company LoanDepot disclosed a data breach that impacted roughly 16.6 LoanDepot disclosed this week a data breach that impacted roughly 16.6 LoanDepot disclosed this week a data breach that impacted roughly 16.6 million individuals. million individuals. million individuals.

Data breaches 120

Data breaches Financial Services Cybersecurity Encryption 120

Security Affairs

APRIL 4, 2024

US cancer center City of Hope suffered a data breach that impacted 800,000 individuals, personal and health information was compromised. City of Hope suffered a data breach, the organization started notifying 827149 individuals that their personal and health information was compromised.

Data breaches 113

Data breaches Identity Theft Insurance Banking 113

Security Affairs

MARCH 13, 2024

Acer Philippines disclosed a data breach after employee data was leaked by a threat actor on a hacking forum. Acer Philippines confirmed that employee data was compromised in an attack targeting a third-party service provider. pic.twitter.com/SXDeZ3I27B — Acer Philippines (@AcerPhils) March 12, 2024 Acer Inc.

Data breaches 124

Data breaches Computers and Electronics Hacking Cybercrime 124

Security Affairs

APRIL 10, 2024

AT&T confirmed that the data breach impacted 51 million former and current customers and is notifying them. AT&T revealed that the recently disclosed data breach impacts more than 51 million former and current customers and is notifying them. ” reads the data breach notification.

Data breaches 114

Data breaches Telecommunications Identity Theft Hacking 114

Security Affairs

DECEMBER 26, 2023

Cybersecurity company Resecurity has published the 2024 Cyber Threat Landscape Forecast. Resecurity, a Los Angeles-based cybersecurity company protecting Fortune 100 and government agencies worldwide, has compiled a comprehensive forecast outlining the imminent threats and novel security challenges anticipated in the upcoming year.

Cyber threats 127

Cyber threats Energy and Utilities Artificial Intelligence Cyber Attacks 127

Security Affairs

FEBRUARY 28, 2024

Pharmaceutical giant Cencora suffered a cyber attack and threat actors stole data from its infrastructure. Pharmaceutical giant Cencora disclosed a data breach after it was the victim of a cyberattack. The company discovered the security breach on February 21 and immediately launched an investigation into the incident.

Data breaches 109

Data breaches Healthcare Insurance Ransomware 109

Security Affairs

JANUARY 19, 2024

American global apparel and footwear company VF Corp revealed that the December data breach impacted 35.5 “Based on VF’s preliminary analysis from its ongoing investigation, VF currently estimates that the threat actor stole personal data of approximately 35.5 million customers. million individual consumers.”

Data breaches 124

Data breaches Retail Insurance Passwords 124

Security Affairs

APRIL 18, 2024

UNDP did not share details about the attack, however, on March 27, 2024, the ransomware group 8base added the agency to its Tor leak site (the Tor leak site is unavailable at the time of this writing). Source RansomFeed Project The extortion group as yet to publish the stolen data. ” continues the statement.

Data breaches 117

Data breaches Cyber Attacks Ransomware Hacking 117

Security Affairs

MAY 19, 2024

records on Chinese users Charges and Seizures Brought in Fraud Scheme Aimed at Denying Revenue for Workers Associated with North Korea U.S. elections face more threats from foreign actors and artificial intelligence Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, newsletter)

Artificial Intelligence 107

Artificial Intelligence Data breaches Ransomware Hacking 107

Security Boulevard

MAY 30, 2024

One of your greatest information security risks is likely your employees. Data from Verizon's 2024 Data Breach Investigations Report (DBIR) indicates that 76% of breaches involved the human element, and 68% of which were the result of human error. appeared first on Security Boulevard.

Data breaches 64

Data breaches Information Security Risk 64

Security Affairs

MAY 11, 2024

Notorius threat actor IntelBroker claims that Europol has suffered a data breach that exposed FOUO and other classified data. The threat actor IntelBroker announced on the cybercrime forum Breach the hack of the European law enforcement agency Europol. Thanks for reading, enjoy!” ” announced the hacker.

Hacking 113

Hacking Data breaches Cybercrime Cryptocurrency 113

Security Affairs

JUNE 2, 2024

Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Data breaches 91

Data breaches VPN Cloud Migration Cybercrime 91

Security Boulevard

MAY 14, 2024

Compliance and information security risk mitigation are a 24/7/365 business. The 2024 Verizon Data Breach Investigations Report indicates a substantial 180% increase in the exploitation of vulnerabilities since 2023.

Data breaches 59

Data breaches Information Security Risk 59

Security Affairs

APRIL 7, 2024

More than 16,000 Ivanti VPN gateways still vulnerable to RCE CVE-2024-21894 Cisco warns of XSS flaw in end-of-life small business routers Magento flaw exploited to deploy persistent backdoor hidden in XML Cyberattack disrupted services at Omni Hotels & Resorts HTTP/2 CONTINUATION Flood technique can be exploited in DoS attacks US cancer center (..)

Data breaches 116

Data breaches Small Business Hacking Malware 116

Security Affairs

MARCH 17, 2024

Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Data breaches 118

Data breaches Computers and Electronics Cybercrime Ransomware 118

Security Affairs

JANUARY 22, 2024

Resecurity has detected a noticeable increase in data leaks from consumer-focused platforms in Thailand, confirming that threat actors are actively targeting the personal data of citizens now at the beginning of 2024. But as we step into 2024, this trend might see a change.

Data breaches 127

Data breaches Government Technology Cybercrime 127

Security Affairs

APRIL 21, 2024

carmaker with phishing attacks Law enforcement operation dismantled phishing-as-a-service platform LabHost Previously unknown Kapeka backdoor linked to Russian Sandworm APT Cisco warns of a command injection escalation flaw in its IMC.

Data breaches 114

Data breaches Phishing Ransomware Malware 114

BH Consulting

MARCH 21, 2024

Its findings included data from Irish businesses, which ranked cyber attacks and data breaches as their top risk they face. Symantec has identified many of the tools gangs use to remove data from compromised networks. Sign up here The post Security Roundup March 2024 appeared first on BH Consulting.

Cyber threats 69

Cyber threats Ransomware Healthcare Risk 69

Security Affairs

MAY 12, 2024

Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Data breaches 96

Data breaches VPN Hacking Banking 96

Security Affairs

APRIL 27, 2024

“On February 9, 2024, BenefitsCal discovered that someone, that was not allowed, may have logged into accounts of some users of the BenefitsCal website using reused passwords taken from other websites. ” reads the data breach notification filed by officials at the California Statewide Automated Welfare System.

Accountability 125

Accountability Passwords Data breaches Hacking 125

Security Affairs

APRIL 14, 2024

Crooks manipulate GitHub’s search results to distribute malware BatBadBut flaw allowed an attacker to perform command injection on Windows Roku disclosed a new security breach impacting 576,000 accounts LastPass employee targeted via an audio deepfake call TA547 targets German organizations with Rhadamanthys malware CISA adds D-Link multiple (..)

Data breaches 116

Data breaches Social Engineering Malware Hacking 116

Security Affairs

MAY 16, 2024

Yesterday afternoon I was advised by a commercial health information organisation that it was the victim of a large-scale ransomware data breach incident. “In October last year, the ACCC granted authorisation for MediSecure to transfer all publicly- funded electronic prescriptions and data to eRx.”

Ransomware 120

Ransomware Data breaches Government Insurance 120

Security Affairs

FEBRUARY 26, 2024

“IntelBroker informed Hackread.com that they successfully executed the data breach by exploiting a vulnerability within one of the CRM systems utilized by the Los Angeles International Airport.” IntelBroker announced it had exploited a vulnerability in the target system, the attack took place this month.

Hacking 126

Hacking Data breaches Cybercrime Information Security 126

Security Affairs

MAY 24, 2024

An improper access control vulnerability occurs when an application or system does not adequately restrict user permissions, allowing unauthorized users to access resources, perform actions, or obtain data they should not be able to. This type of vulnerability can lead to unauthorized access, data breaches, and other security issues.

Healthcare 114

Healthcare Data breaches Hacking Risk 114