Security Affairs

MAY 15, 2025

Coinbase confirmed rogue contractors stole customer data and demanded a $20M ransom in a breach reported to the SEC. Coinbase said rogue contractors stole data on under 1% of users and demanded $20M; the data breach was disclosed in an SEC filing. “Criminals targeted our customer support agents overseas.

Data breaches 87

Data breaches Banking Accountability Retail 87

Krebs on Security

JANUARY 19, 2023

T-Mobile today disclosed a data breach affecting tens of millions of customer accounts, its second major data exposure in as many years. APIs are essentially instructions that allow applications to access data and interact with web databases. .” Image: customink.com In a filing today with the U.S.

Mobile 339

Mobile Accountability Data breaches Identity Theft 339

Security Affairs

DECEMBER 8, 2024

“After a thorough forensic investigation and manual document review, on November 5, 2024, the investigation determined certain files containing information was accessed by an unauthorized party.” While we conducted our investigation, out of anbundance of caution, on Janurary 24, 2024, Anna Jaques posted a notice on ther website.”

Data breaches 118

Data breaches Insurance Healthcare Ransomware 118

Krebs on Security

MAY 31, 2019

On May 24, KrebsOnSecurity broke the news that First American had just fixed a weakness in its Web site that exposed approximately 885 million documents — many of them with Social Security and bank account numbers — going back at least 16 years. No authentication was needed to access the digitized records.

Financial Services 267

Financial Services Insurance Banking Authentication 267

Krebs on Security

AUGUST 6, 2020

A group of thieves thought to be responsible for collecting millions in fraudulent small business loans and unemployment insurance benefits from COVID-19 economic relief efforts gathered personal data on people and businesses they were impersonating by leveraging several compromised accounts at a little-known U.S.

Accountability 363

Accountability Identity Theft Hacking Insurance 363

Security Affairs

MAY 21, 2025

Cryptocurrency exchange Coinbase announced that the recent data breach exposed data belonging to 69,461 individuals. Coinbase disclosed that a data breach impacted 69,461 individuals after overseas support staff improperly accessed customer and corporate data. The final impact remains under review.

Data breaches 74

Data breaches Banking Accountability Retail 74

Security Affairs

DECEMBER 29, 2021

T-Mobile discloses a new data breach that impacted a “very small number of customers” who were victim of SIM swap attacks. T-Mobile has suffered another security breach, threat actors gained access to the accounts of “a small number of” customers.’. SecurityAffairs – hacking, data breach).

Data breaches 145

Data breaches Mobile Accountability Wireless 145

Malwarebytes

MAY 27, 2025

Given the volume of credentials found, its reasonable to assume that millions of individuals had their data included in the exposed database. Here are some practical steps to protect yourself: Change your passwords regularly, and dont reuse them across multiple accounts. This makes it harder for criminals to take over your account.

Identity Theft 145

Identity Theft Passwords Accountability Phishing 145

Security Affairs

DECEMBER 7, 2024

The 8Base ransomware group attacked Croatia’s Port of Rijeka, stealing sensitive data, including contracts and accounting info. A cyber attack hit the Port of Rijeka in Croatia, the 8Base ransomware group claimed responsibility for the security breach. The Port of Rijeka (Luka Rijeka d.d.),

Ransomware 126

Ransomware Hacking Accountability Cyber Attacks 126

Krebs on Security

NOVEMBER 14, 2024

A week after breaking the story about the 2013 data breach at Target, KrebsOnSecurity published Who’s Selling Cards from Target? . “I’m also godfather of his second son.” ” Dmitri Golubov, circa 2005. Image: U.S. Postal Investigative Service. “Hi, how are you?” ” he inquired.

Advertising 275

Advertising Retail Cryptocurrency Cybercrime 275

Security Affairs

JULY 2, 2024

Fintech firms Wise and Affirm confirmed they were both impacted by the recent data breach suffered by Evolve Bank. Fintech companies Wise and Affirm have confirmed that they were both affected by the recent data breach at Evolve Bank. Evolve has not yet reveal which Wise data has been compromised by the security incident.

Data breaches 132

Data breaches Banking Retail Accountability 132

Security Affairs

DECEMBER 11, 2023

Toyota Financial Services (TFS) disclosed a data breach, threat actors had access to sensitive personal and financial data. Toyota Financial Services (TFS) is warning customers it has suffered a data breach that exposed sensitive personal and financial data.

Financial Services 140

Financial Services Data breaches Identity Theft Banking 140

Security Affairs

OCTOBER 8, 2024

MoneyGram disclosed a data breach following a cyberattack in September, during which threat actors stole customer data. ” reads the notice of data breach published by MoneyGram. ” reads the notice of data breach published by MoneyGram.

Data breaches 127

Data breaches Government Banking Hacking 127

Malwarebytes

OCTOBER 8, 2024

Money transfer company MoneyGram has notified its customers of a data breach in which it says certain customers had their personal information taken between September 20 and 22, 2024. driver’s licenses) Other identification documents (e.g. driver’s licenses) Other identification documents (e.g. Check the vendor’s advice.

Data breaches 130

Data breaches Identity Theft Passwords Phishing 130

Krebs on Security

JUNE 17, 2020

Central Intelligence Agency produced in the wake of a mammoth data breach in 2016 that led to Wikileaks publishing thousands of classified documents stolen from the agency’s offensive cyber operations division. A redacted portion of the CIA’s report on the Wikileaks breach. DIVIDED WE STAND, UNITED WE FALL.

Data breaches 353

Data breaches Security Awareness Surveillance Media 353

Security Affairs

SEPTEMBER 16, 2022

Uber on Thursday disclosed a security breach, threat actors gained access to its network, and stole internal documents. Uber on Thursday suffered a cyberattack, the attackers were able to penetrate its internal network and access internal documents, including vulnerability reports. states the message. Pierluigi Paganini.

Hacking 144

Hacking Data breaches Information Security Engineering 144

SecureWorld News

MARCH 24, 2022

Now, headlines about ransomware, cyberattacks, and data breaches pour into social media feeds as steady as a river flows. SecureWorld News takes a look at some of the largest data breaches to ever occur. Top 10 most significant data breaches. Yahoo data breach (2013). Who attacked: no attacker.

Data breaches 130

Data breaches Passwords Accountability Government 130

Hot for Security

APRIL 30, 2021

(A few years ago, the company was claiming to have one million users – which would put the number of exposed accounts at north of 10,000.). It’s not the first time that DigitalOcean has suffered a data breach that exposed customer information. ”

Data breaches 145

Data breaches Banking Accountability 145

Webroot

MARCH 3, 2025

The growing risks to your data During the third quarter of 2024, data breaches exposed more than 422 million records worldwide. As of 2024, the average cost of a data breach in the United States amounted to $9.36 In comparison, the global average cost per data breach was $4.88

Consumer Protection 99

Consumer Protection Identity Theft Scams Social Engineering 99

Security Affairs

FEBRUARY 23, 2024

Australian telecommunications provider Tangerine disclosed a data breach that impacted roughly 230,000 individuals. Tangerine suffered a data breach that exposed the personal information of roughly 230,000 individuals. ” reads the statement published by the company. ”continues the statement.

Data breaches 133

Data breaches Telecommunications Banking Mobile 133

Security Affairs

APRIL 7, 2025

Cybercriminals exploit compromised accounts for EDR-as-a-Service (Emergency Data Requests – EDR), targeting major platforms According to a detailed analysis conducted by Meridian Group, an increasingly complex and structured phenomenon, commonly referred to as EDR-as-a-Service, is taking hold in the cybersecurity landscape.

Cybercrime 140

Cybercrime Accountability Social Engineering Government 140

Krebs on Security

MARCH 23, 2021

A notice of breach posted by the California State Controller’s Office. In a “ Notice of Data Breach ” message posted on Saturday, Mar. In a “ Notice of Data Breach ” message posted on Saturday, Mar. ” The SCO has not responded to requests for comment first sent Monday.

Phishing 350

Phishing Data breaches Accountability Technology 350

Security Affairs

OCTOBER 14, 2024

Nintendo Everything also reported the leak of Pokémon game source code, unseen Pokémon art, design documents, and other development materials surfacing online. In 2020, Nintendo, another co-owner of Pokémon, suffered a data breach , with attackers leaking source code, internal documents, and development tools.

Data breaches 123

Data breaches Hacking Cyber Attacks Media 123

Security Affairs

NOVEMBER 20, 2023

The Canadian government discloses a data breach after threat actors hacked two of its contractors. “On October 19 th , 2023, Brookfield Global Relocation Services (BGRS) informed the Government of Canada of a breach involving Government of Canada information held by BGRS and SIRVA Canada systems.”

Data breaches 139

Data breaches Government Hacking Backups 139

Security Affairs

SEPTEMBER 30, 2024

Community Clinic of Maui experienced a data breach impacting over 120,000 people following a LockBit ransomware attack. LockBit breached the Community Healthcare Clinic of Maui as they are still rebuilding from the devastating fire last year. .’ ” reads the notice of breach published by Malama.

Data breaches 136

Data breaches Ransomware Healthcare Cyber Attacks 136

Security Affairs

AUGUST 20, 2024

Toyota has confirmed a data breach after a threat actor leaked 240GB of data stolen from its infrastructure on a cybercrime forum. Toyota disclosed a data breach after a threat actor leaked an archive of 240GB of data stolen from its systems on a cybercrime forum, BleepingComputer reported.

Data breaches 120

Data breaches Cybercrime Financial Services Hacking 120

Krebs on Security

JULY 15, 2024

Squarespace bought all assets of Google Domains a year ago, but many customers still haven’t set up their new accounts. Experts say malicious hackers learned they could commandeer any migrated Squarespace accounts that hadn’t yet been registered, merely by supplying an email address tied to an existing domain.

Accountability 339

Accountability Cryptocurrency Passwords DNS 339

Security Affairs

MAY 22, 2024

The digital imaging products manufacturer OmniVision disclosed a data breach after the 2023 ransomware attack. ” reads the data Breach Notification. As proof of the data breach, the extortion group published data samples, including passport images, NDAs, contracts, and other documents.

Data breaches 135

Data breaches Ransomware Manufacturing Encryption 135

Krebs on Security

JANUARY 7, 2021

The ongoing breach affecting thousands of organizations that relied on backdoored products by network software firm SolarWinds may have jeopardized the privacy of countless sealed court documents on file with the U.S. federal court system, according to a memo released Wednesday by the Administrative Office (AO) of the U.S.

Computers and Electronics 363

Computers and Electronics Software Engineering Accountability 363

Troy Hunt

JULY 31, 2024

The email went on: The impact of this vulnerability is severe, potentially resulting in: Mass account takeovers by malicious actors. Exposure of sensitive user data including names, emails, addresses, and documents. Unauthorized transactions or malicious activities using compromised accounts. Of the total count, 89.7%

Scams 362

Scams Passwords Accountability Malware 362

Malwarebytes

JANUARY 6, 2022

million customers have had their user accounts compromised in credential stuffing attacks. Credential stuffing is the automated injection of stolen username and password pairs in to website login forms, in order to fraudulently gain access to user accounts. Using a forum or social media account to send phishing messages or spam.

Passwords 145

Passwords Accountability Identity Theft Password Management 145

Krebs on Security

AUGUST 12, 2020

Several stories here have highlighted the importance of creating accounts online tied to your various identity, financial and communications services before identity thieves do it for you. ” In short, although you may not be required to create online accounts to manage your affairs at your ISP, the U.S. .”

Accountability 357

Accountability Mobile Banking Passwords 357

Krebs on Security

MAY 24, 2019

NYSE:FAF ] leaked hundreds of millions of documents related to mortgage deals going back to 2003, until notified this week by KrebsOnSecurity. He said anyone who knew the URL for a valid document at the Web site could view other documents just by modifying a single digit in the link.

Insurance 279

Insurance Banking Identity Theft Scams 279

Malwarebytes

JULY 12, 2024

In a new episode of Spy vs Spy , the mobile monitoring app mSpy has suffered a data breach that exposed information about millions of its customers. This is the third known mSpy data breach since the company began in around 2010. Such programs are easy to buy and install.

Data breaches 132

Data breaches Mobile Surveillance Advertising 132

Krebs on Security

JUNE 21, 2020

In a post on Twitter , DDoSecrets said the BlueLeaks archive indexes “ten years of data from over 200 police departments, fusion centers and other law enforcement training and support resources,” and that “among the hundreds of thousands of documents are police and FBI reports, bulletins, guides and more.”

Government 363

Government Accountability Cyber threats Cyber Attacks 363

Krebs on Security

APRIL 6, 2021

To my mind, this just reinforces the need to remove mobile phone numbers from all of your online accounts wherever feasible. Meanwhile, if you’re a Facebook product user and want to learn if your data was leaked, there are easy ways to find out. The phone number associated with my late Facebook account (which I deleted in Jan.

Mobile 358

Mobile Accountability Passwords Authentication 358

Krebs on Security

AUGUST 18, 2021

T-Mobile is warning that a data breach has exposed the names, date of birth, Social Security number and driver’s license/ID information of more than 40 million current, former or prospective customers who applied for credit with the company. It is not clear how many people total may be impacted by this breach.

Mobile 263

Mobile Identity Theft Accountability Cybercrime 263