Troy Hunt

JUNE 30, 2024

Last week, I wrote about The State of Data Breaches and got loads of feedback. Let me explain: Hackers This is where most data breaches begin, with someone illegally accessing a protected system and snagging the data. It's awkward, talking to the first party responsible for the breach.

Data breaches 300

Data breaches Government InfoSec Passwords 300

Security Affairs

OCTOBER 28, 2024

Free disclosed a cyber attack over the weekend after a threat actor attempted to sell the stolen data on a popular cybercrime forum. The threat actors had access to the internal management tool and gained access to some subscribers’ personal data. The seller also published a sample of the stolen data and some screenshots.

Cyber Attacks 136

Cyber Attacks Telecommunications Data breaches Banking 136

Security Affairs

OCTOBER 21, 2024

Poor cyber hygiene increases the risk of further data breaches and could undermine user trust. The breach may have exposed personal identification documents uploaded by users for Wayback Machine page removal requests, depending on the attacker’s Zendesk API access.

Internet 137

Internet Internet Data breaches Authentication 137

Troy Hunt

FEBRUARY 25, 2025

We've also added 244M passwords we've never seen before to Pwned Passwords and updated the counts against another 199M that were already in there. Telegram makes it super easy to publish large volumes of data (such as we're talking about here) under the veil of anonymity and distribute it en mass.

Passwords 360

Passwords Accountability VPN Malware 360

Webroot

APRIL 22, 2025

If a company you do business with becomes part of a data breach, cybercriminals may have full access to your confidential information. Unfortunately, data breaches are on the rise and affecting more companies and consumers than ever. billion people received notices that their information was exposed in a data breach.

Data breaches 72

Data breaches Identity Theft Passwords eCommerce 72

The Last Watchdog

NOVEMBER 22, 2021

More Americans than ever are working remotely and seeking out entertainment online, and this increase of internet activity has fueled a dramatic spike in cybercrime. With so much critical data now stored in the cloud, how can people protect their accounts? Proper password hygiene doesn’t require a degree in rocket science.

Passwords 244

Passwords Password Management Accountability Data breaches 244

Security Affairs

AUGUST 24, 2022

The streaming media platform Plex is urging its users to reset passwords after threat actors gained access to its database. The company disclosed a data breach after threat actors have access to a limited subset of data stored in a compromised database. Exposed data includes emails, usernames, and encrypted passwords.

Data breaches 141

Data breaches Passwords Media Accountability 141

Security Affairs

MARCH 20, 2025

A data breach at the Pennsylvania State Education Association exposed the personal information of over 500,000 individuals. The Pennsylvania State Education Association (PSEA) suffered a data breach that impacted 517,487 individuals. ” reads the data breach notification.

Education 77

Education Data breaches Identity Theft Insurance 77

Krebs on Security

NOVEMBER 14, 2024

Shefel claims the true mastermind behind the Target and other retail breaches was Dmitri Golubov , an infamous Ukrainian hacker known as the co-founder of Carderplanet, among the earliest Russian-language cybercrime forums focused on payment card fraud. “I’m also godfather of his second son.” Image: U.S.

Retail 277

Retail Advertising Cryptocurrency Cybercrime 277

Security Affairs

OCTOBER 31, 2024

Peruvian Interbank confirmed a data breach after threat actors accessed its systems and leaked stolen information online. Interbank disclosed a data breach after a threat actor claimed the hack of the organization and leaked stolen data online. TB of company data related to 3 million customers.

Data breaches 137

Data breaches Financial Services Hacking Mobile 137

Security Affairs

AUGUST 20, 2024

Toyota has confirmed a data breach after a threat actor leaked 240GB of data stolen from its infrastructure on a cybercrime forum. Toyota disclosed a data breach after a threat actor leaked an archive of 240GB of data stolen from its systems on a cybercrime forum, BleepingComputer reported.

Data breaches 131

Data breaches Cybercrime Financial Services Hacking 131

Security Affairs

MAY 13, 2025

This week, a cyber update published by the company on its website confirmed the data breach: “To proactively manage the incident, we immediately took steps to protect our systems and engaged leading cyber security experts. The personal data could include contact details, date of birth and online order history.

Data breaches 72

Data breaches Cyber Attacks Passwords Social Engineering 72

Krebs on Security

SEPTEMBER 13, 2023

The FBI responded by reverifying InfraGard members and by seizing the cybercrime forum where the data was being sold. 11, 2023, USDoD resurfaced after a lengthy absence to leak sensitive employee data stolen from the aerospace giant Airbus , while promising to visit the same treatment on top U.S. But on Sept.

Cybercrime 345

Cybercrime Passwords Authentication Malware 345

Krebs on Security

JUNE 15, 2024

A 22-year-old man from the United Kingdom arrested this week in Spain is allegedly the ringleader of Scattered Spider , a cybercrime group suspected of hacking into Twilio , LastPass , DoorDash , Mailchimp , and nearly 130 other organizations over the past two years. man arrested was a SIM-swapper who went by the alias “ Tyler.”

Hacking 345

Hacking Cybercrime Phishing Passwords 345

SecureWorld News

MARCH 27, 2025

In today's digital world, cybercrime is a threat to our private data and security. If they are not disposed of properly, they can leak toxic chemicals and sensitive data. What is cybercrime? Cybercrime is an online criminal activity that targets computer networks and devices.

Cybercrime 73

Cybercrime Computers and Electronics Passwords Hacking 73

Krebs on Security

OCTOBER 18, 2024

USDoD was known to use the hacker handles “ Equation Corp ” and “ NetSec ,” and according to the cyber intelligence platform Intel 471 NetSec posted a thread on the now-defunct cybercrime community RaidForums on Feb. The company is now the target of multiple class-action lawsuits, and recently declared bankruptcy.

Social Engineering 281

Social Engineering Passwords Cybercrime Mobile 281

Malwarebytes

OCTOBER 14, 2024

Last week on ThreatDown: Hands-on-keyboard (HOK) attacks: How ransomware gangs attack in real-time Ransomware insurance is funding cybercrime, says White House official 5 tools IT admins should block right now Stay safe! Update now! Our business solutions remove all remnants of ransomware and prevent you from getting reinfected.

Data breaches 126

Data breaches Surveillance Insurance DDOS 126

Security Affairs

JANUARY 7, 2022

The appointment scheduling service FlexBooker discloses a data breach that impacted over 3.7 Stolen data are now available for sale on multiple cybercrime forums. The threat actors claim the stolen database contains customer information, including names, emails, phone numbers, hashed passwords, and password salt.

Data breaches 145

Data breaches Accountability Passwords Cybercrime 145

Security Affairs

FEBRUARY 7, 2021

The website, and publisher of books, courses and articles for web developers, SitePoint discloses a data breach that impacted 1M users. The company has disclosed a data breach and notified its users via email. ” reads the data breach notification share by El Reg. Pierluigi Paganini.

Data breaches 139

Data breaches Passwords Cybercrime Accountability 139

Krebs on Security

JULY 29, 2021

Every time there is another data breach, we are asked to change our password at the breached entity. Here’s a closer look at what typically transpires in the weeks or months before an organization notifies its users about a breached database.

Passwords 363

Passwords Password Management Phishing Scams 363

Security Affairs

NOVEMBER 22, 2021

GoDaddy suffered a data breach that impacted up to 1.2 GoDaddy discloses a data breach that impacted up to 1.2 million of its customers, threat actors breached the company’s Managed WordPress hosting environment. The original WordPress Admin password that was set at the time of provisioning was exposed.

Data breaches 144

Data breaches Passwords Accountability Information Security 144

Malwarebytes

MAY 10, 2024

Dell is warning its customers about a data breach after a cybercriminal offered a 49 million-record database of information about Dell customers on a cybercrime forum. So, this is another big data breach that leaves us with more questions than answers. Change your password. Check the vendor’s advice.

Data breaches 143

Data breaches Passwords Phishing Big data 143

Security Affairs

JANUARY 3, 2021

Data from major cyber security firms revealed that tens of billion records have been exposed in data breaches exposed in 2020. Below the list of top data breaches that took place in the last 12 months: May 2020 – CAM4 adult cam site leaked 11B database records including emails, private chats.

Data breaches 145

Data breaches Cybercrime Hacking Passwords 145

Security Affairs

AUGUST 25, 2022

Password management software firm LastPass has suffered a data breach, threat actors have stole source code and other data. The company engaged a leading cybersecurity and forensics firm to investigate the incident, it confirmed that the data breach did not compromise users’ Master Passwords.

Data breaches 145

Data breaches Password Management Passwords Architecture 145

Security Affairs

MARCH 16, 2024

Unemployment agency France Travail (Pôle Emploi) recently suffered a data breach that could impact 43 million people. On August 2023, the French government employment agency Pôle emploi suffered a data breach and notified 10 million individuals impacted by the security breach.

Data breaches 143

Data breaches Cybercrime Government Ransomware 143

Troy Hunt

MAY 29, 2024

unique passwords provided by law enforcement agencies into Have I Been Pwned (HIBP) following botnet takedowns in a campaign they've coined Operation Endgame. That link provides an excellent over so start there then come back to this blog post which adds some insight into the data and explains how HIBP fits into the picture.

Passwords 360

Passwords Password Management Data breaches Cybercrime 360

Security Affairs

JULY 8, 2024

Threat actors leaked the largest password compilation ever, known as RockYou2024, on a popular hacking forum. The Cybernews researchers reported that threat actors leaked the largest password compilation ever, known as RockYou2024, on a popular hacking forum. billion passwords from various internet data leaks.

Passwords 139

Passwords Data breaches Hacking Accountability 139

Security Affairs

OCTOBER 17, 2022

Australian retail giant Woolworths disclosed a data breach that impacted approximately 2.2 Bad news for the customers of the MyDeal online marketplace, the Australian retail giant Woolworths disclosed a data breach that impacted approximately 2.2 Also, no customer account passwords were accessed. million of them.

Data breaches 142

Data breaches Retail Passwords Accountability 142

Security Affairs

MARCH 6, 2021

A suspicious wave of attacks resulted in the hack of four cybercrime forums Verified, Crdclub, Exploit, and Maza since January. Since January, a series of mysterious cyberattacks that resulted in the hack of popular Russian-language cybercrime forums. The notice also included a PDF file allegedly containing data of forum users (i.e.

Cybercrime 145

Cybercrime Hacking DDOS Passwords 145

Security Affairs

OCTOBER 1, 2021

Luxury retail company Neiman Marcus Group has announced this week that it has suffered a data breach that impacted customer information. The attack against Neiman Marcus Group took place in May 2020, as a result of the attack, threat actors had access to customers’ information, including payment card data. Approximately 4.6

Data breaches 136

Data breaches Retail Passwords Accountability 136

Security Affairs

MARCH 10, 2025

This aligns with prior findings that cybercriminals cracked master passwords from LastPass to carry out major heists. DoJ, threat actors may have used private keys extracted by cracking the victim’s password vault stolen from the 2022 security breach suffered by an online password manager.

Password Management 100

Password Management Cryptocurrency Passwords Data breaches 100

Security Affairs

NOVEMBER 16, 2023

Samsung Electronics disclosed a data breach that exposed customer personal information to an unauthorized individual. Samsung Electronics suffered a data breach that exposed the personal information of some of its customers to an unauthorized individual. ” reads the data breach notification sent to the customers.

Data breaches 143

Data breaches eCommerce Hacking Passwords 143

Security Affairs

APRIL 26, 2024

Media reported [ 1 , 2 ] that the company is notifying millions of current and former members of a data breach. Exposed data does not include usernames, passwords, Social Security Numbers (SSNs), and financial data. The exposed data included names, medical records, dates of service, and lab test results.

Data breaches 143

Data breaches Healthcare Advertising Mobile 143

Thales Cloud Protection & Licensing

OCTOBER 11, 2024

divya Fri, 10/11/2024 - 08:54 As user expectations for secure and seamless access continue to grow, the 2024 Thales Consumer Digital Trust Index (DTI) research revealed that 65% of users feel frustrated with frequent password resets. The industry has key gaps and areas for improvement. Improving Shared Device Management with Badge Inc.’s

Authentication 132

Authentication Retail Healthcare Manufacturing 132

The Last Watchdog

MARCH 19, 2025

Attackers now have access to extensive identity data from multiple sourcesincluding data breaches, infostealer malware infections, phishing campaigns, and combolistsposing a challenge for organizations whose security measures have not yet adapted to address the full scope of interconnected identity exposures holistically.

Cyber Risk 113

Cyber Risk Risk Phishing Cybercrime 113

Security Affairs

DECEMBER 11, 2023

Toyota Financial Services (TFS) disclosed a data breach, threat actors had access to sensitive personal and financial data. Toyota Financial Services (TFS) is warning customers it has suffered a data breach that exposed sensitive personal and financial data.

Financial Services 143

Financial Services Data breaches Identity Theft Banking 143

Security Boulevard

MARCH 17, 2021

With cybercrime rising by 600% during the pandemic, businesses are more vulnerable than ever to the financial and reputational repercussions of cyberattacks. Costs of Cybercrime Global cybercrime costs are on the rise, increasing 15 per cent year over year, according to a 2021 cyberwarfare report by CyberSecurity Ventures.

Cybercrime 138

Cybercrime Cyber Attacks Ransomware Healthcare 138