Security Affairs

APRIL 20, 2023

ICICI Bank leaked millions of records with sensitive data, including financial information and personal documents of the bank’s clients. In 2022, the ICICI Bank’s resources were named a “critical information infrastructure” by the Indian government – any harm to it can impact national security.

Banking 97

Banking Identity Theft Accountability Phishing 97

Security Affairs

JANUARY 18, 2023

Researchers warn that such data leaks are hazardous as they might help threat actors craft targeted phishing campaigns, assist in forgery and identity theft, and trick companies into making payments. The security loophole resulted in millions of private documents being revealed to the public.

Identity Theft 86

Identity Theft Insurance Penetration Testing Banking 86

Security Affairs

FEBRUARY 26, 2021

Data leak discovered: 30.09.2020 Inova contacted: 01.10.2020 Amazon contacted: 06.10.2020 Turkish CERT contacted: 05.10.2020 Response received: – Server secured: 12.10.2020. After further investigation, we have concluded that these documents belonged to people injured or deceased in traffic accidents. How Did the Data Breach Happen?

Data breaches 97

Data breaches Insurance Identity Theft Education 97

Security Affairs

JULY 15, 2020

CyberNews received information from reader Jake Dixon, a security researcher with Vadix Solutions , who discovered an unsecured Amazon Simple Storage Solution (S3) database containing more than 31,000 images of users’ passports, driver’s licenses, evidence of age documents, and more. What’s the impact?

Identity Theft 96

Identity Theft Advertising Phishing Risk 96

Security Affairs

JANUARY 3, 2024

This involves specifying the credentials, as well as the IBAN and BIC codes that will be used for the ‘swapping’ or spoofing process in the documents. The necessary login credentials for online banking systems are previously harvested through a phishing kit. Decision-making and automation of cybercriminal operations.

Artificial Intelligence 119

Artificial Intelligence Banking Scams Cybercrime 119

SecureList

MARCH 29, 2021

” , we mentioned that a cybercriminal could attack their victim by using targeted phishing e-mails to obtain access to the victim’s data. In addition, cybercriminals may not limit themselves to just one attack, but could use any acquired information to pursue a larger goal. Example phishing e-mail. Leaked data.

Identity Theft 92

Identity Theft Phishing Accountability Banking 92

Security Affairs

APRIL 8, 2021

The data from the leaked files can be used by threat actors against LinkedIn users in multiple ways by: Carrying out targeted phishing attacks. The leaked files appear to only contain LinkedIn profile information – we did not find any deeply sensitive data like credit card details or legal documents in the sample posted by the threat actor.

Identity Theft 113

Identity Theft Passwords Social Engineering Phishing 113

Security Affairs

JANUARY 27, 2022

Millions of customers of large businesses have been left vulnerable to identity theft, thanks to a security flaw that exposes their personal data to illicit download. First, the verification process requires customers to take a photo of their ID document. ” -an advisory by Onfido. Looming dangers. Next steps.

Identity Theft 87

Identity Theft Accountability Data breaches Social Engineering 87

Security Affairs

SEPTEMBER 3, 2020

To see if your email address has been exposed in this or other security breaches, use our personal data leak checker. Aside from the statement of work documents and user records, the bucket contained thousands of files for various marketing materials, such as banner advertisements, newsletters, and promotional flyers. Who had access?

Marketing 99

Marketing Media Advertising Identity Theft 99

Security Affairs

AUGUST 19, 2019

The researchers analyzed PDF documents and email files (. The public availability of such kind of information could expose the owners to identity theft and other scams. The files also included medical and legal documents. “The volume of sensitive documents collected in only three days was staggering.

Malware 80

Malware Identity Theft Advertising Insurance 80

Security Affairs

JULY 21, 2021

Examples of leaked data included in the samples: (Medicare Advantage Plan listings). Drug prescription listings). In addition, the database appears to contain API calls to various functions, all of which include private API keys that could be used by threat actors to access other online services used by Humana and/or its partners.

Insurance 114

Insurance Identity Theft Passwords Phishing 114

Security Affairs

OCTOBER 5, 2020

Fortunately, the files stored in the exposed Snewpit bucket don’t contain any deeply sensitive information like personal document scans, passwords, or social security numbers. We discovered the Snewpit bucket on September 24 and immediately reached out to the company in order to help secure the bucket.

Identity Theft 115

Identity Theft Passwords Advertising Password Management 115

Security Affairs

MAY 7, 2021

Most organizations use databases to store sensitive information. This includes passwords, usernames, document scans, health records, bank account and credit card details, as well as other essential data, all easily searchable and conveniently stored in one place.

Passwords 130

Passwords Authentication Identity Theft Engineering 130

SiteLock

AUGUST 27, 2021

Most simply don’t have the resources to employ a dedicated cybersecurity team or invest in comprehensive security awareness training, leaving employees more vulnerable to phishing attacks and other scams. Phishing: Phishing attacks aren’t new, but they’ve become even easier for cybercriminals to execute.

Cybersecurity 98

Cybersecurity Small Business Backups Phishing 98

Security Affairs

MAY 27, 2020

Example of leaked user records: The private messages in the chat logs and tenant lead files contain not only the texts of the conversations themselves, but also deeply sensitive content attached therein, including: Full names of the parties involved in the conversation Rent amounts and dates when they are due Tenants’ rented home addresses Case charges (..)

Identity Theft 70

Identity Theft Advertising Accountability Passwords 70

Security Affairs

SEPTEMBER 15, 2023

Leading Android health apps expose users to avoidable threats like surveillance and identity theft, due to their risky permissions. SMS and Call Log Access: Apps requesting access to read your SMS messages and call logs can potentially extract sensitive information, such as authentication codes and contact details.

Accountability 107

Accountability Mobile Surveillance Information Security 107

Security Affairs

OCTOBER 5, 2023

The documents appeared to be associated with internal invoices, communications, and customer’s stored CRM files. Cloud-based customer relationship management systems allow a business or another organization to manage interactions with customers, store documents or other important business data and allow them to access it from anywhere.

Data breaches 109

Data breaches B2B Education Identity Theft 109

Security Affairs

AUGUST 19, 2019

Phishing is one of the oldest methods of cyberattacks. People fell prey for these manipulative emails and provide confidential details like passwords and bank information in their negligence. This information is then used for unauthorized and illegal activities, which could have a devastating impact on individuals and organizations.

Phishing 89

Phishing Accountability Authentication Passwords 89

Security Affairs

NOVEMBER 18, 2023

An Israeli hacker has been sentenced to 80 months in prison in the US for his role in a massive spear-phishing campaign. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, spear-phishing ) million that he made through the scheme.

Identity Theft 118

Identity Theft Phishing Hacking Accountability 118

Security Affairs

JULY 31, 2020

Example of motion picture acquisition agreement: Example of tax ID request: Example of filmmaker contact records: During our correspondence with IndieFlix, CEO Scilla Andreen indicated that the confidential documents stored in the bucket were uploaded to the server by mistake. “We Disclosure.

Identity Theft 56

Identity Theft Accountability Advertising Marketing 56