Security Affairs

JANUARY 30, 2023

Sports fashion retail JD Sports discloses a data breach that explosed data of about 10M customers who placed orders between 2018 and 2020. UK sports fashion chain JD Sports disclosed a data breach that exposed customer data from orders placed between November 2018 and October 2020.

Data breaches 95

Data breaches Retail Passwords Scams 95

Security Affairs

AUGUST 8, 2022

Communications company Twilio discloses a data breach after threat actors have stolen employee credentials in an SMS phishing attack. Communications company Twilio discloses a data breach, threat actors had access to the data of some of its customers. SecurityAffairs – hacking, data breach).

Data breaches 94

Data breaches Social Engineering Phishing Accountability 94

Security Affairs

JUNE 2, 2021

What Data Was Leaked? Feedback message data contained Account id, feedback rating given, and users’ email addresses. Transaction data encompassed price, item purchased, time of purchase, payment provider, and in some cases IP address of the buyer. The more information they possess, the more believable these emails look.

Data breaches 109

Data breaches Accountability Mobile Phishing 109

Security Affairs

APRIL 4, 2022

Threat actors gained access to internal tools of the email marketing giant MailChimp to conduct phishing attacks against crypto customers. During the weekend, multiple owners of Trezor hardware cryptocurrency wallets reported having received fake data breach notifications from Trezor, BleepingComputer first reported.

Phishing 121

Phishing Data breaches Cryptocurrency Social Engineering 121

Security Affairs

DECEMBER 1, 2022

Data breaches can be devastating for organizations, these are 3 of the worst incidents that could have been prevented. Data breaches can be devastating for organizations and even entire countries. Eliminating the risk of a data breach is nearly impossible, but some things can be done to reduce it significantly.

Data breaches 99

Data breaches Passwords Social Engineering Encryption 99

Security Affairs

AUGUST 22, 2021

T-Mobile data breach could be worse than initially thought, an update to the investigation reveals that over 54 million individuals were impacted. T-Mobile data breach could be worse than initially thought, according to an update to the investigation over 54 million customers had their data compromised.

Data breaches 114

Data breaches Mobile Accountability Phishing 114

CyberSecurity Insiders

MARCH 7, 2021

The increasing number of third-party data breaches and the sensitive information they expose have negatively impacted consumer trust. Third-party breaches occur when sensitive data is stolen from a third-party vendor or when their systems are used to access and steal sensitive information stored on your systems. .

Data breaches 112

Data breaches Penetration Testing Risk Cyber Risk 112

Security Affairs

AUGUST 21, 2021

The US Cybersecurity and Infrastructure Security Agency (CISA) released guidance on how to prevent data breaches resulting from ransomware attacks. The post US CISA releases guidance on how to prevent ransomware data breaches appeared first on Security Affairs. ” reads CISA’s guideline.

Data breaches 113

Data breaches Ransomware Backups Technology 113

Security Affairs

NOVEMBER 5, 2021

US defense contractor Electronic Warfare Associates (EWA) was hit by a cyber attack, threat actors stole personal information from its email system. US defense contractor Electronic Warfare Associates (EWA) has disclosed a data breach after threat actors hacked their email system. ” concludes the notice.

Data breaches 97

Data breaches Identity Theft Cyber Attacks Hacking 97

Daniel Miessler

MAY 19, 2020

TOPIC: In this episode, Daniel takes a look at the 2020 Verizon Data Breach Investigations Report. Verizon’s Breach Report is one of the best infosec reports out there, and I’m always excited when I hear it’s been released. Errors were causal events in 22% of breaches. 58% had personal data compromised.

Data breaches 130

Data breaches Phishing Malware Hacking 130

Security Affairs

NOVEMBER 22, 2019

Bad news for T-Mobile prepaid customer, the US-based telecom giant T-Mobile today disclosed a new data breach incident. The US branch of the telecommunications giant T -Mobile disclosed a security breach that according to the company impacted a small number of customers of its prepaid service. Pierluigi Paganini.

Wireless 101

Wireless Data breaches Mobile Telecommunications 101

Security Affairs

AUGUST 29, 2022

Threat actors behind the Twilio hack also gained access to the accounts of 93 individual users of its Authy two-factor authentication (2FA) service. Early August, the communications company Twilio discloses a data breach , threat actors had access to the data of some of its customers.

Accountability 96

Accountability Authentication Phishing Data breaches 96

Security Affairs

NOVEMBER 23, 2019

Chinese smartphone vendor OnePlus has suffered a new data breach, according to a company’s notice hackers accessed customers’ order information. OnePlus disclosed a data breach, an “unauthorized party” accessed some customers’ order information, including names, contact numbers, emails, and shipping addresses.

Data breaches 103

Data breaches Passwords Advertising Accountability 103

Security Affairs

APRIL 12, 2021

LinkedIn has formally denied that the recently disclosed data leak was caused by a security breach, data were obtained via web scraping. LinkedIn has issued a formal statement to deny that the recent leak that exposed the account details of more than 500 million of its registered users was caused by a security breach.

Data breaches 96

Data breaches Phishing Accountability Cryptocurrency 96

Security Affairs

MAY 3, 2023

Google announced the introduction of the passwordless secure sign-in with Passkeys for Google Accounts on all platforms. Google is rolling out the passwordless secure sign-in with Passkeys for Google Accounts on all platforms. ” reads the announcement published by the company. face recognition, fingerprints).

Accountability 96

Accountability Passwords Password Management Phishing 96

Security Affairs

JANUARY 6, 2022

million of their customers have had their user accounts compromised in credential stuffing attacks. million accounts of their customers were compromised in credential stuffing attacks. Credential stuffing attacks involve botnets trying stolen login credentials usually obtained through phishing attacks and data breaches.

Accountability 131

Accountability Retail Passwords Data breaches 131

Security Affairs

DECEMBER 13, 2020

Subway UK confirmed the hack of a marketing system that was used to send out phishing messages to deliver malware to the customers. Hackers have compromised a marketing system in Subway UK and used it to send out phishing messages to deliver malware to the customers. The system does not hold any bank or credit card details.”

Marketing 137

Marketing Phishing Hacking Data breaches 137

Security Affairs

AUGUST 30, 2019

Foxit Software, the company behind the Foxit PDF reader app, disclosed a data breach that exposed customers’ information, including passwords. Foxit Software, the PDF software provider behind the Foxit PDF reader app disclosed a security breach that took place recently exposing customers’ information.

Data breaches 82

Data breaches Passwords Software Identity Theft 82

Security Affairs

SEPTEMBER 5, 2022

Cybersecurity firm Armorblox discovered a new phishing campaign aimed at American Express customers. Armorblox researchers uncovered a new phishing campaign that is targeting American Express customers. The subject of the emails reads “Important Notification About Your Account” in an attempt to urge recipients to open it.

Phishing 99

Phishing Scams Social Engineering Password Management 99

Security Affairs

APRIL 7, 2024

More than 16,000 Ivanti VPN gateways still vulnerable to RCE CVE-2024-21894 Cisco warns of XSS flaw in end-of-life small business routers Magento flaw exploited to deploy persistent backdoor hidden in XML Cyberattack disrupted services at Omni Hotels & Resorts HTTP/2 CONTINUATION Flood technique can be exploited in DoS attacks US cancer center (..)

Data breaches 107

Data breaches Small Business Hacking Malware 107

The Last Watchdog

OCTOBER 24, 2022

Employee security awareness is the most important defense against data breaches. Related: Leveraging security standards to protect your company. It involves regularly changing passwords and inventorying sensitive data. As such, you should limit the amount of information that employees have access to.

Passwords 214

Passwords Security Awareness Data breaches Cybersecurity 214

Security Affairs

JANUARY 19, 2022

A vulnerability in the implementation of multi-factor authentication (MFA) for Box allowed threat actors to take over accounts. A vulnerability in the implementation of multi-factor authentication (MFA) for Box allowed attackers to take over accounts without having access to the victim’s phone, Varonis researchers reported.

Accountability 117

Accountability Authentication Passwords Data breaches 117

Security Affairs

APRIL 6, 2022

Ukraine’s technical security and intelligence service warns of threat actors targeting aimed at gaining access to users’ Telegram accounts. State Service of Special Communication and Information Protection (SSSCIP) of Ukraine spotted a new wave of cyber attacks aimed at gaining access to users’ Telegram accounts.

Accountability 108

Accountability Phishing Passwords Hacking 108

Security Affairs

JUNE 20, 2019

Oregon Department of Human Services announced it was a victim of a data breach in January, roughly 645,000 potentially impacted. Oregon Department of Human Services officials confirmed that the organization has suffered a data breach that has exposed personal details and health information of 645,000 clients.

Data breaches 74

Data breaches Identity Theft Advertising Insurance 74

Security Affairs

DECEMBER 17, 2023

MongoDB on Saturday announced it is investigating a cyberattack that exposed customer account metadata and contact information. The cyber attack was discovered on December 13, 2023, and led to the exposure of customer account metadata and contact information. We detected suspicious activity on Wednesday (Dec.

Social Engineering 123

Social Engineering Data breaches Cyber Attacks Accountability 123

Security Affairs

FEBRUARY 26, 2021

Data Breach: WizCase team uncovered a massive data leak containing private information about Turkish Citizens through a misconfigured Amazon S3 bucket. Police report containing accident details, as well as involved parties phone numbers, driver’s license information, name-surname, and national identifier.

Data breaches 102

Data breaches Insurance Identity Theft Education 102

Malwarebytes

FEBRUARY 27, 2024

The German Federal Office for Information Security (BSI) has published a report on The State of IT Security in Germany in 2023 , and the number one threat for consumers is… identity theft. What to do in the event of a data breach Check the vendor’s advice. 2FA that relies on a FIDO2 device can’t be phished.

Identity Theft 100

Identity Theft Data breaches Artificial Intelligence Passwords 100

Security Affairs

MAY 10, 2022

“Frappo” acts as a Phishing-as-a-Service and enables cybercriminals the ability to host and generate high-quality phishing pages which impersonate major online banking, e-commerce, popular retailers, and online-services to steal customer data. Detailed analysis of the Phishing-As-A-Service Frappo is available here: [link].

Phishing 78

Phishing Banking Retail Financial Services 78

Security Affairs

JANUARY 22, 2024

You can check if your data was exposed in historic data breaches using the Cybernews data leak checker. Our team is working hard to update the tool and provide you with means to check if your data was exposed in the MOAB.

Identity Theft 131

Identity Theft Data breaches Accountability Phishing 131

Security Affairs

AUGUST 26, 2023

Security consulting giant Kroll disclosed a data breach resulting from a SIM-swapping attack against one of its employees. Security consulting firm Kroll revealed that a SIM-swapping attack against one of its employees caused the theft of user information for multiple cryptocurrency platforms.

Data breaches 94

Data breaches Mobile Accountability Phishing 94

Security Affairs

JULY 22, 2019

Last week, hackers published a list of Discord credentials (email addresses/passwords) that were allegedly phished from the users of the gaming chat platform. Last week, a group of hackers published a list of Discord login credentials (email addresses and passwords) that were allegedly phished from the users of the gaming chat platform.

Phishing 81

Phishing Data breaches Passwords Advertising 81

Security Affairs

FEBRUARY 13, 2021

Google revealed that Gmail users from the United States are the most targeted by email-based phishing and malware. billion email-based phishing and malware attacks against Gmail users to determine what are factors influence the risk of attack. If you want to receive the weekly Security Affairs Newsletter for free subscribe here.

Phishing 85

Phishing Malware Accountability Risk 85

Security Affairs

APRIL 28, 2024

A credential stuffing attack is a type of cyber attack where hackers use large sets of username and password combinations, typically obtained from previous data breaches, phishing campaigns, or info-stealer infections, to gain unauthorized access to user accounts on various online services. ” continues the advisory.

VPN 115

VPN Accountability Firewall Data breaches 115

Security Affairs

FEBRUARY 24, 2020

Slickwraps has disclosed a data breach that impacted over 850,000 user accounts, data were accidentally exposed due to security vulnerabilities. The data leak was disclosed last week, on February 21 the company that customer records were accidentally exposed online via an exploit. . Pierluigi Paganini.

Accountability 96

Accountability Data breaches Passwords Advertising 96

Security Affairs

JANUARY 18, 2021

The OpenWRT forum, the community behind the open-source project for embedded operating systems based on Linux, disclosed a data breach. The administrators of the forum disclosed the data breach with an announcement published on the forum. OpenWRT administrators warn of phishing attempts against forum users.

Hacking 130

Hacking Data breaches Passwords Accountability 130

Security Boulevard

APRIL 7, 2024

Episode 324 features discussions on a significant AT&T data breach affecting 73 million customers and a sophisticated thread jacking attack targeting a journalist.

Data breaches 69

Data breaches Accountability Social Engineering Data privacy 69

Security Affairs

MAY 2, 2024

Investigations revealed that a threat actor gained access to data, including customer information like emails, usernames, phone numbers, and hashed passwords. Additionally, certain account settings and authentication information such as API keys, OAuth tokens, and multi-factor authentication details were compromised.

Hacking 104

Hacking Authentication Passwords Accountability 104