Krebs on Security

JUNE 15, 2024

A 22-year-old man from the United Kingdom arrested this week in Spain is allegedly the ringleader of Scattered Spider , a cybercrime group suspected of hacking into Twilio , LastPass , DoorDash , Mailchimp , and nearly 130 other organizations over the past two years. man arrested was a SIM-swapper who went by the alias “ Tyler.”

Hacking 344

Hacking Cybercrime Phishing Passwords 344

Security Affairs

AUGUST 20, 2024

Toyota has confirmed a data breach after a threat actor leaked 240GB of data stolen from its infrastructure on a cybercrime forum. Toyota disclosed a data breach after a threat actor leaked an archive of 240GB of data stolen from its systems on a cybercrime forum, BleepingComputer reported.

Data breaches 117

Data breaches Cybercrime Financial Services Hacking 117

Krebs on Security

MAY 15, 2025

In what experts are calling a novel legal outcome, the 22-year-old former administrator of the cybercrime community Breachforums will forfeit nearly $700,000 to settle a civil lawsuit from a health insurance company whose customer data was posted for sale on the forum in 2023. Conor Brian Fitzpatrick , a.k.a.

Healthcare 218

Healthcare Insurance Data breaches Government 218

Krebs on Security

JANUARY 7, 2025

” Perm is the current administrator of Star Fraud , one of the more consequential cybercrime communities on Telegram and one that has emerged as a foundry of innovation in voice phishing attacks. As we’ll see in a moment, that phishing kit is operated and rented out by a cybercriminal known as “ Perm ” a.k.a.

Phishing 338

Phishing Cryptocurrency Accountability Social Engineering 338

Security Affairs

OCTOBER 16, 2024

However, the Brazilian national turned into more complex cybercriminal activities by 2022. The link between Luan’s hacktivism and cybercrime was established due to his bad Operational security (opsec). Then Federal Police arrested him as part of a recently launched Operation code-named “Operation Data Breach.”

Data breaches 125

Data breaches Media Cybercrime Accountability 125

SecureWorld News

MAY 14, 2025

The FBI's Internet Crime Complaint Center (IC3) has released its 2024 Internet Crime Report, marking a record-breaking year in cybercrime. Since 2022, the U.S. The report highlights a staggering $16.6 Key findings in the report include: Record-breaking financial losses: Total reported losses reached $16.6 billion in losses.

Cybercrime 71

Cybercrime Scams Cryptocurrency Internet 71

Security Affairs

JANUARY 15, 2025

A previously unknown threat actor released config files and VPN passwords for Fortinet FortiGate devices on a popular cybercrime forum. “The data includes: IPs. The analysis of the configuration files revealed that all the FortiOS versions in the data set were older than version 7.2.2, released in October 2022.

VPN 129

VPN Passwords Firewall Firmware 129

Krebs on Security

SEPTEMBER 13, 2023

In December 2022, KrebsOnSecurity broke the news that a cybercriminal using the handle “ USDoD ” had infiltrated the FBI ‘s vetted information sharing network InfraGard , and was selling the contact information for all 80,000 members. But on Sept. defense contractors. USDoD’s avatar used to be the seal of the U.S.

Cybercrime 344

Cybercrime Passwords Authentication Malware 344

Security Affairs

SEPTEMBER 3, 2022

Electronics giant Samsung has confirmed a new data breach after some of its US systems were compromised in July. After the attack that hit the company in late July 2022, Samsung disclosed a data breach. At the same time, Social Security or credit card numbers were not exposed in the security breach.

Data breaches 145

Data breaches Hacking Authentication Accountability 145

Security Affairs

MARCH 16, 2024

Unemployment agency France Travail (Pôle Emploi) recently suffered a data breach that could impact 43 million people. On August 2023, the French government employment agency Pôle emploi suffered a data breach and notified 10 million individuals impacted by the security breach.

Data breaches 138

Data breaches Cybercrime Government Ransomware 138

Security Affairs

DECEMBER 4, 2024

The group claimed to have stolen 500GB of data including Finacial data, Organisation data, Users data and personal documents, NDA’s, Confidential data, and more. As proof of the data breach, the group published multiple screenshots, including pictures of passports and other documents. reads the CSA.

Ransomware 124

Ransomware Telecommunications Healthcare Insurance 124

SecureWorld News

MARCH 15, 2023

Alright, how many of you saw a cryptocurrency ad on TV in 2022? The FBI's Internet Crime Complaint Center (IC3) has released its 2022 Internet Crime Report , which reveals the trends and impacts of cybercrime in the United States. However, phishing schemes were not the most costly type of cybercrime in terms of financial losses.

Cybercrime 136

Cybercrime Scams Cryptocurrency Identity Theft 136

Security Affairs

DECEMBER 9, 2022

. “As you are aware, on October 2, 2022, CommonSpirit Health experienced a ransomware attack that impacted some of our systems. ” reads an update provided by the company on December 1st, 2022. SecurityAffairs – hacking, data breach). The company is notifying the impacted individuals. Pierluigi Paganini.

Data breaches 134

Data breaches Ransomware Media Hacking 134

Security Affairs

OCTOBER 9, 2023

Flagstar Bank announced a data breach suffered by a third-party service provider exposed the personal information of over 800,000 US customers. Flagstar Bank is warning 837,390 US customers that their personal information was exposed after threat actors breached the third-party service provider Fiserv.

Data breaches 133

Data breaches Banking Hacking Mobile 133

Security Affairs

JULY 13, 2024

The American drugstore chain Rite Aid Corporation disclosed a data breach following the cyber attack that hit the company in June. The American drugstore chain giant Rite Aid suffered a data breach following a cyberattack in June conducted by the RansomHub ransomware group. 148 in the Fortune 500 in 2022.

Data breaches 138

Data breaches Ransomware Hacking Insurance 138

Security Affairs

JULY 4, 2022

Unknown threat actors claimed to have obtained data of a billion Chinese residents after breaching a database of the Shanghai police. If the incident will be confirmed, this data breach is the largest one in the country’s history. The hacker is offering the database on a popular cybercrime forum for 10 bitcoins.

Cybercrime 145

Cybercrime Data breaches Cryptocurrency Internet 145

Security Affairs

MARCH 7, 2024

The FBI Internet Crime Complaint Center (IC3) 2023 report states that reported cybercrime losses reached $12.5 The 2023 Internet Crime Report published the FBI’s Internet Crime Complaint Center (IC3) reveals that reported cybercrime losses reached $12.5 The figure marks a 22% surge in reported losses compared to 2022.

Cybercrime 139

Cybercrime Internet Internet Scams 139

Krebs on Security

JANUARY 30, 2024

technology companies during the summer of 2022. stole at least $800,000 from at least five victims between August 2022 and March 2023. 2022 that an intrusion had exposed a “limited number” of Twilio customer accounts through a sophisticated social engineering attack designed to steal employee credentials.

Social Engineering 359

Social Engineering Mobile Cybercrime Passwords 359

Security Affairs

APRIL 26, 2024

Media reported [ 1 , 2 ] that the company is notifying millions of current and former members of a data breach. In a notice filed with the US government, the integrated managed care consortium disclosed a data breach impacting 13.4 The exposed data included names, medical records, dates of service, and lab test results.

Data breaches 137

Data breaches Healthcare Advertising Mobile 137

Krebs on Security

DECEMBER 13, 2022

Federal Bureau of Investigation (FBI) to build cyber and physical threat information sharing partnerships with the private sector, this week saw its database of contact information on more than 80,000 members go up for sale on an English-language cybercrime forum. Department of Justice in April.

Hacking 363

Hacking Cybercrime Energy and Utilities Accountability 363

Identity IQ

JANUARY 19, 2022

5 Data Breach Trends to Anticipate This Year. In its recent annual Data Breach Industry Forecast, credit reporting agency Experian made five predictions for cybercrime and data breach trends to expect this year. Here are five data breach and cybercrime trends to anticipate this year.

Data breaches 111

Data breaches Scams Cybercrime Phishing 111

Krebs on Security

JANUARY 19, 2023

T-Mobile today disclosed a data breach affecting tens of millions of customer accounts, its second major data exposure in as many years. In October, mobile provider Optus disclosed that hackers abused a poorly secured API to steal data on 10 million customers in Australia.

Mobile 339

Mobile Accountability Data breaches Identity Theft 339

Krebs on Security

MAY 28, 2024

KrebsOnSecurity identified one of the three men in a July 2022 investigation into 911 S5, which was massively hacked and then closed ten days later. The 911 S5 botnet-powered proxy service, circa July 2022. 911 built its proxy network mainly by offering “free” virtual private networking (VPN) services.

VPN 297

VPN Banking Cybercrime Internet 297

Security Affairs

MARCH 10, 2025

authorities seized $23M in crypto linked to a $150M Ripple wallet theft, experts believe the incident is linked to the 2022 LastPass breach. authorities seized $23M in crypto tied to a $150M Ripple hack, suspected to have been carried out by hackers from the 2022 LastPass breach. ” reads the complaint.

Password Management 86

Password Management Cryptocurrency Passwords Data breaches 86

Security Affairs

JULY 4, 2024

Healthcare firm HealthEquity disclosed a data breach caused by a partner’s compromised account that exposed protected health information. Healthcare fintech firm HealthEquity disclosed a data breach after a partner’s compromised account was used to access its systems. million HSA accounts with $20.5

Data breaches 122

Data breaches Healthcare Accountability Insurance 122

Krebs on Security

JULY 29, 2022

The 911 service as it existed until July 28, 2022. re, a proxy service that since 2015 has sold access to hundreds of thousands of Microsoft Windows computers daily, announced this week that it is shutting down in the wake of a data breach that destroyed key components of its business operations.

Cybercrime 325

Cybercrime Backups Software VPN 325

SecureList

DECEMBER 16, 2024

In general, the number of unique threads discussing drainers on underground markets increased from 55 in 2022 to 129 in 2024, which is remarkable. Cloud platforms and IT services often store and process corporate data from multiple organizations, so a breach at just one company can open the door to many others.

Marketing 104

Marketing Data breaches Cryptocurrency Malware 104

Security Affairs

APRIL 6, 2022

Block disclosed a data breach related to the Cash App investing app and is notifying 8.2 The data breach involved a former employee that downloaded some unspecified reports of its Cash App Investing app that contained some U.S. “On April 4, 2022, Block, Inc. “On April 4, 2022, Block, Inc.

Data breaches 138

Data breaches Cryptocurrency Accountability Banking 138

Security Affairs

JULY 12, 2024

AT&T disclosed a new data breach that exposed phone call and text message records for approximately 110 million people. AT&T suffered a massive data breach, attackers stole the call logs for approximately 110 million customers, which are almost all of the company’s mobile customers.

Data breaches 131

Data breaches Wireless Mobile Hacking 131

Krebs on Security

JANUARY 24, 2023

First advertised in the cybercrime underground in 2014, RSOCKS was the web-based storefront for hacked computers that were sold as “proxies” to cybercriminals looking for ways to route their Web traffic through someone else’s device. A copy of the passport for Denis Emelyantsev, a.k.a. Denis Kloster, as posted to his Vkontakte page in 2019.

Cybercrime 297

Cybercrime Advertising IoT Malware 297

Security Affairs

FEBRUARY 28, 2024

Pharmaceutical giant Cencora disclosed a data breach after it was the victim of a cyberattack. billion in revenue for fiscal year 2022 and had approximately 44,000 employees. Cencora, Inc. The Company had $238.6

Data breaches 132

Data breaches Healthcare Insurance Ransomware 132

Security Affairs

MAY 27, 2022

The FBI warns organizations in the higher education sector of credentials sold on cybercrime forums that can allow threat actors to access their networks. Security Affairs is one of the finalists for the best European Cybersecurity Blogger Awards 2022 – VOTE FOR YOUR WINNERS. Follow me on Twitter: @securityaffairs and Facebook.

Cybercrime 145

Cybercrime Education Accountability Phishing 145

Krebs on Security

JANUARY 25, 2023

23, 2022, KrebsOnSecurity alerted big-three consumer credit reporting bureau Experian that identity thieves had worked out how to bypass its security and access any consumer’s full credit report — armed with nothing more than a person’s name, address, date of birth, and Social Security number. 9, 2022 and Dec.

Cybercrime 340

Cybercrime Web Fraud Data breaches 340

Krebs on Security

SEPTEMBER 24, 2022

A native of Omsk, Russia, Kloster came into focus after KrebsOnSecurity followed clues from the RSOCKS botnet master’s identity on the cybercrime forums to Kloster’s personal blog , which featured musings on the challenges of running a company that sells “security and anonymity services to customers around the world.”

Cybercrime 264

Cybercrime Data breaches Malware Information Security 264

Krebs on Security

NOVEMBER 3, 2022

In late October 2022, Kivimaki was charged (and arrested in absentia, according to the Finns) with attempting to extort money from the Vastaamo Psychotherapy Center. . “According to Vastaamo, the data breach in Vastaamo’s customer databases took place in November 2018,” Iltalehti reported last month.

Data breaches 259

Data breaches Cybercrime Telecommunications Accountability 259

SecureList

MAY 25, 2022

The Verizon 2022 Data Breach Investigations Report is out. We are proud to collaborate as a supporting contributor to this year’s data efforts once again and to have contributed for the past 8 years. The report provides interesting analysis of a full amount of global incident data.

Social Engineering 121

Social Engineering Cybercrime Ransomware IoT 121

Security Affairs

SEPTEMBER 28, 2022

Elbit Systems of America, a subsidiary of defense giant Elbit Systems, disclosed a data breach after Black Basta ransomware gang claimed to have hacked it. Now the company has confirmed the data breach that took place on June 8, 2022 and impacted 369 people. Elbit Systems of America, LLC is a U.S.

Data breaches 98

Data breaches Ransomware Hacking Encryption 98