Security Affairs

JANUARY 4, 2022

The Broward Health public health system disclosed a massive data breach that has impacted more than 1.3 The Broward Health public health system has suffered a data breach that impacted 1,357,879 individuals. ” reads the data breach notification letter sent to the impacted individuals.

Data breaches 82

Data breaches Healthcare Identity Theft Insurance 82

Security Affairs

JULY 30, 2019

While Capital One incident is making the headlines, another incident may have severe consequences, the Los Angeles Police Department (LAPD) also suffered a data breach. The officers’ union, the Los Angeles Police Protective League, defined the incident as a serious security issue. SecurityAffairs – LAPD, data breach).

Data breaches 80

Data breaches Identity Theft Advertising Media 80

Security Affairs

JULY 23, 2021

This breach compromised citizens’ physical addresses, phone numbers, IDs, tax documents, and more. Due to the large number and various types of unique documents, it is difficult to estimate the number of people exposed in this breach. Sensitive information redacted. What’s Happening? Original post at [link]. Pierluigi Paganini.

Data breaches 99

Data breaches Identity Theft Government Phishing 99

Security Affairs

AUGUST 23, 2019

Mastercard disclosed a data breach that impacted customer data from the company’s Priceless Specials loyalty program. The American multinational financial services corporation noti f ied the data breach to the German and Belgian Data Protection Authorities. ” states MasterCard.

Data breaches 83

Data breaches Identity Theft Advertising Financial Services 83

Security Affairs

DECEMBER 19, 2023

By neglecting to set a password, a BMW dealer in India has jeopardized the entire network of car dealerships in the country and put its clients at risk. The Cybernews research team has discovered that the Bengaluru branch of BMW Kun Exclusive, a BMW dealership in India, has exposed sensitive data to the public.

Risk 99

Risk Identity Theft Data breaches Accountability 99

Security Affairs

JANUARY 22, 2024

You can check if your data was exposed in historic data breaches using the Cybernews data leak checker. Our team is working hard to update the tool and provide you with means to check if your data was exposed in the MOAB. According to the team, the consumer impact of the supermassive MOAB could be unprecedented.

Identity Theft 126

Identity Theft Data breaches Accountability Phishing 126

Security Affairs

DECEMBER 21, 2023

More than 22,000 users of Blink Mobility should take the necessary steps to protect themselves against the risk of identity theft. The Cybernews research team has discovered that their personal data was exposed in a leak. In the wrong hands, this data can be exploited for financial gain.

Mobile 104

Mobile Identity Theft Passwords Phishing 104

Security Affairs

NOVEMBER 15, 2023

Storing personal information in logs should be avoided, as it elevates their sensitivity level. User security log. Source: Cybernews The information exposed in this data leak could have been exploited for fraud, identity theft, phishing attempts, or as a source of data for meticulously targeted cyberattacks.

Passwords 102

Passwords Identity Theft Social Engineering Spyware 102

Security Affairs

JANUARY 31, 2024

The discovered directory included multiple database backups, each holding a significant amount of sensitive information about the company’s users and partners. The leak poses a variety of risks, expanding from identity theft to takeover and cashing-out accounts of traders. Cybernews contacted the company with our findings.

Technology 116

Technology Identity Theft Backups Passwords 116

Identity IQ

JUNE 6, 2023

You must provide personal information such as your name, Social Security number, and address. Depending on where you live and whether you are a victim of identity theft, you may also need to pay a fee. You’re informed that your personal information has been compromised in a data breach.

Identity Theft 59

Identity Theft Accountability Data breaches Banking 59

Identity IQ

FEBRUARY 21, 2024

IdentityIQ The traditional method of safeguarding our accounts with passwords is facing growing challenges. As technology evolves, so do the methods employed by hackers, making passwords both inconvenient and increasingly susceptible to breaches. Passkey vs. Password – What’s the Difference? What is a Passkey?

Passwords 52

Passwords Authentication Accountability Phishing 52

Security Affairs

JULY 14, 2020

Auctions platform LiveAuctioneers admitted to have suffered a data breach that likely impacted approximately 3.4 Auctions platform LiveAuctioneers disclosed a a data breach that might have impacted approximately 3.4 ” reads the data breach notification published by the company. million users.

Hacking 99

Hacking Data breaches Identity Theft Advertising 99

CyberSecurity Insiders

MARCH 28, 2023

Understanding the FTC Safeguards Rule The FTC Safeguards Rule is a set of regulations that require covered financial institutions to develop, implement, and maintain an information security program designed to protect customer information. A WISP is a comprehensive plan that outlines how you will protect customer data.

Data breaches 125

Data breaches Authentication Risk Phishing 125

Security Affairs

FEBRUARY 27, 2021

The telecommunications giant T-Mobile disclosed a data breach after some of its customers were apparently affected by SIM swap attacks. The telecommunications provider T-Mobile has disclosed a data breach after it became aware that some of its customers were allegedly victims of SIM swap attacks. Pierluigi Paganini.

Mobile 92

Mobile Telecommunications Data breaches Identity Theft 92

Security Affairs

NOVEMBER 24, 2020

.” Credential stuffing attacks involve botnets to try stolen login credentials usually obtained through phishing attacks and data breaches. This kind of attacks is very efficient due to the bad habit of users of reusing the same password over multiple services.

Identity Theft 101

Identity Theft Accountability Passwords Phishing 101

Security Affairs

JUNE 29, 2021

Passwords are not included in the archive. The threat actor that is offering for sale the data shared a sample of 1M records as proof of the authenticity of the archive. According to media that analyzed the data were able to confirm that they are genuine and up-to-date. ” reported RestorePrivacy. Pierluigi Paganini.

Identity Theft 144

Identity Theft Social Engineering Media Hacking 144

Security Affairs

MAY 13, 2023

The Cybernews research team has discovered a data leak on La Malle Postale’s system that exposed the personal data of their clients. The leaked information included names, phone numbers, emails, private communication via SMS messages, passwords, and employees’ credentials. Why is leaking personal data dangerous?

Passwords 88

Passwords Identity Theft Scams Social Engineering 88

Security Affairs

OCTOBER 9, 2021

. “CMG is not aware of any cases of identity theft, fraud, or financial losses to individuals stemming from this incident.” “CMG takes the protection of personal information seriously and is committed to answering any questions that your office may have.” SecurityAffairs – hacking, data breach).

Media 99

Media Ransomware Identity Theft Insurance 99

Security Affairs

JANUARY 4, 2023

rail and locomotive company Wabtec Corporation disclosed a data breach after it was hit with Lockbit ransomware attack. In August, the LockBit ransomware group added Wabtec to the list of victims on its Tor leak site and published samples of stolen data as proof of the hack. ” concludes Wabtec.

Ransomware 87

Ransomware Identity Theft Insurance Data breaches 87

Security Affairs

APRIL 11, 2021

The experts reported their findings to the company, but at the time of this writing, Clubhouse has yet to confirm the authenticity of the exposed data. Leak data could be abused by threat actors to carry out malicious activities, such as phishing/spear-phishing attacks, identity theft, and scams.

Identity Theft 141

Identity Theft Phishing Password Management Media 141

Security Affairs

APRIL 8, 2021

The data from the leaked files can be used by threat actors against LinkedIn users in multiple ways by: Carrying out targeted phishing attacks. Brute-forcing the passwords of LinkedIn profiles and email addresses. Change the password of your LinkedIn and email accounts. Spamming 500 million emails and phone numbers.

Identity Theft 112

Identity Theft Passwords Social Engineering Phishing 112

Malwarebytes

JANUARY 16, 2024

While at CWRU, he was accused of “cracking passwords” on a CWRU network. According to an FBI Flash document released to affected organizations on March 27, 2017, machines were infected with FruitFly via brute force attacks, using weak passwords or passwords from breaches of other systems. This can take years, however.

Malware 90

Malware Passwords Identity Theft Data collection 90

Security Affairs

JANUARY 4, 2023

The Social platform for the cricket community exposed over 100k entries of private customer data and credentials. The database, hosted by Amazon Web Services (AWS) in the US, contained admin credentials and private customer data, including email, phone numbers, names, hashed user passwords, dates of birth, and addresses.

Identity Theft 68

Identity Theft Passwords Risk Hacking 68

Security Affairs

OCTOBER 9, 2022

In total, the database leaked over 152,000 pieces of information pertaining to customers, such as emails, names, links to LinkedIn, Twitter, and Facebook profiles, and hashed passwords. The instance also contained 15 employee emails, names, and passwords protected by a weak SHA1-128bit hash. Dangerous leak.

Ransomware 95

Ransomware Passwords Encryption Identity Theft 95

Security Affairs

MAY 2, 2020

. “The server was live at the time of our investigation, leaking Personally Identifiable Information (PII) data from people accessing private accounts on Le Figaro’s news website, and in some cases, their login credentials.” ” concludes the experts.

Identity Theft 111

Identity Theft Passwords Advertising Accountability 111

Security Affairs

FEBRUARY 1, 2022

” The impacted individuals are exposed to a broad range of malicious activities, including identity theft, phishing attacks, and scams. Impacted users are recommended to change their account passwords and remain vigilant to possible phishing messages. SecurityAffairs – hacking, data leak). Pierluigi Paganini.

Identity Theft 81

Identity Theft Education Phishing Scams 81

Security Affairs

MAY 7, 2021

CyberNews researchers found more than 29,000 unprotected databases worldwide that are still publicly accessible, leaving close to 19,000 terabytes of data exposed to anyone, including threat actors. Most organizations use databases to store sensitive information. Can’t come up with a strong password? What were we looking at?

Passwords 128

Passwords Authentication Identity Theft Engineering 128

Adam Levin

DECEMBER 11, 2019

The publicly available data includes names, mailing addresses, email addresses, phone numbers, family information, and birth dates. . Cybersecurity company Fidus Information Security found the data online with no password protection a situation that was later verified by TechCrunch.

Passwords 198

Passwords Government Information Security Cybersecurity 198

Security Affairs

JULY 21, 2021

The author of the post claims that the data was acquired from US insurance giant Humana and includes detailed medical records of the company’s health plan members dating back to 2019. The leaked information includes patients’ names, IDs, email addresses, password hashes, Medicare Advantage Plan listings, medical treatment data, and more.

Insurance 114

Insurance Identity Theft Passwords Phishing 114

Security Affairs

MARCH 24, 2021

Ata Hakcil led the team of white hat hackers from WizCase in identifying a major data leak on online trading broker FBS’ websites. The data from FBS.com and FBS.eu comprised millions of confidential records including names, passwords, email addresses, passport numbers, national IDs, credit cards, financial transactions and more.

Passwords 124

Passwords Accountability Media Identity Theft 124

Security Affairs

JANUARY 27, 2022

Personal data belonging to millions of customers of large businesses have been exposed due to a flaw in Onfido IDV. Millions of customers of large businesses have been left vulnerable to identity theft, thanks to a security flaw that exposes their personal data to illicit download.

Identity Theft 85

Identity Theft Accountability Data breaches Social Engineering 85

Security Affairs

SEPTEMBER 14, 2020

An attacker could use these URLs to access a user’s profile on the dating site without the knowledge of the password. Leaked data could expose users to several malicious activities, including scams, identity theft, blackmail and extortion, and of course attack takeover.

Marketing 88

Marketing Identity Theft Advertising Authentication 88

Security Affairs

AUGUST 27, 2020

Here are some examples of how potential attackers can use the data found in the unsecured Amazon S3 bucket against the owners of the exposed email addresses: Spamming 350 million email IDs Carrying out phishing attacks Brute-forcing the passwords of the email accounts. Change your passwords approximately every 30 days.

Social Engineering 121

Social Engineering Passwords Marketing Phishing 121

Krebs on Security

NOVEMBER 21, 2018

.” Nicholas Weaver , a researcher at the International Computer Science Institute and lecturer at UC Berkeley , said the API should have validated that the account making the request had permission to read the data requested. “It seems like the only access control they had in place was that you were logged in at all.

Accountability 264

Accountability Authentication Identity Theft Advertising 264

Security Affairs

SEPTEMBER 3, 2020

What happened to the data? Because we were initially unable to identify the owner of the unsecured bucket, we contacted Amazon on July 27 to help them secure the database. If your email happens to be among those leaked, immediately change your email password. Look out for potential phishing emails and spam emails.

Marketing 98

Marketing Media Advertising Identity Theft 98

Security Affairs

JULY 15, 2020

Due to the fact that it is extremely easy to access these types of files, it is possible that bad actors may have accessed the information in this bucket and may potentially use it for malicious purposes. What’s the impact? Having 30,000 passport and driver’s licenses can be a huge find for many bad actors online.

Identity Theft 94

Identity Theft Advertising Phishing Risk 94

Security Affairs

OCTOBER 5, 2020

Since these buckets lack any sort of protection from unauthorized access, there is a possibility that the data may have been accessed by bad actors for malicious purposes during the 5-week period. What happened to the data? The Snewpit team responded within minutes and secured the files containing user records on the same day.

Identity Theft 115

Identity Theft Passwords Advertising Password Management 115