Data Breaches
- Roll20, an online tabletop role-playing game platform, discloses data breachtechcrunch.com Roll20, an online tabletop role-playing game platform, discloses data breach | TechCrunch
Roll20 says the data breach was due to a “bad actor” who gained access to an account on the company’s administrative website for one hour.
> Roll20 says the data breach was due to a “bad actor” who gained access to an account on the company’s administrative website for one hour.
- Hackers abused API to verify millions of Authy MFA phone numberswww.bleepingcomputer.com Hackers abused API to verify millions of Authy MFA phone numbers
Twilio has confirmed that an unsecured API endpoint allowed threat actors to verify the phone numbers of millions of Authy multi-factor authentication users, potentially making them vulnerable to SMS phishing and SIM swapping attacks.
> Twilio has confirmed that an unsecured API endpoint allowed threat actors to verify the phone numbers of millions of Authy multi-factor authentication users, potentially making them vulnerable to SMS phishing and SIM swapping attacks.
- HealthEquity data breach exposes protected health informationwww.bleepingcomputer.com HealthEquity data breach exposes protected health information
Healthcare fintech firm HealthEquity is warning that it suffered a data breach after a partner's account was compromised and used to access the Company's systems to steal protected health information.
> Healthcare fintech firm HealthEquity is warning that it suffered a data breach after a partner's account was compromised and used to access the Company's systems to steal protected health information.
- Formula 1 governing body discloses data breach after email hackswww.bleepingcomputer.com /news/security/formula-1-governing-body-discloses-data-breach-after-email-hacks/
> FIA (Fédération Internationale de l'Automobile), the auto racing governing body since the 1950s, says attackers gained access to personal data after compromising several FIA email accounts in a phishing attack.
- Affirm says cardholders impacted by Evolve Bank data breachwww.bleepingcomputer.com Affirm says cardholders impacted by Evolve Bank data breach
Buy now, pay later loan company Affirm is warning that holders of its payment cards had their personal information exposed due to a data breach at its third-party issuer, Evolve Bank & Trust (Evolve).
> Buy now, pay later loan company Affirm is warning that holders of its payment cards had their personal information exposed due to a data breach at its third-party issuer, Evolve Bank & Trust (Evolve).
- Patelco shuts down banking systems following ransomware attackwww.bleepingcomputer.com Patelco shuts down banking systems following ransomware attack
Patelco Credit Union has disclosed it experienced a ransomware attack that led to the proactive shutdown of several of its customer-facing banking systems to contain the incident's impact.
> Patelco Credit Union has disclosed it experienced a ransomware attack that led to the proactive shutdown of several of its customer-facing banking systems to contain the incident's impact.
- Human Technology Inc. — Notification of Data Breach
> On or about March 14, 2024, through March 15, 2024, Human Technology Inc., and its affiliates, Greer Orthotics & Prosthetics, Inc., Murphy's Orthopedic & Footcare, Inc., and Hi-Tech Prosthetics & Orthotics, Inc., ("Human Technology and its affiliates") suffered a data security incident. Human Technology and its affiliates became aware of this suspicious activity within its environment on March 15, 2024.
- Fintech company Wise says some customers affected by Evolve Bank data breachtechcrunch.com Fintech company Wise says some customers affected by Evolve Bank data breach | TechCrunch
The news highlights that the fallout from the Evolve data breach on third-party companies — and their customers and users — is still unclear.
> The news highlights that the fallout from the Evolve data breach on third-party companies — and their customers and users — is still unclear.
- Prudential Data Breach Victim Count Soars to 2.5Mwww.darkreading.com Prudential Data Breach Victim Count Soars to 2.5M
The company seemingly underestimated the severity of the breach after originally providing a head count of roughly 36,000 impacted individuals.
> The company seemingly underestimated the severity of the breach after originally providing a head count of roughly 36,000 impacted individuals.
- Former IT employee accessed data of over 1 million US patientswww.bleepingcomputer.com Former IT employee accessed data of over 1 million US patients
Geisinger, a prominent healthcare system in Pennsylvania, has announced a data breach involving a former employee of Nuance, an IT services provider contracted by the organization.
> Geisinger, a prominent healthcare system in Pennsylvania, has announced a data breach involving a former employee of Nuance, an IT services provider contracted by the organization.
- Authenticator for X, TikTok Exposes Personal User Info for 18 Monthswww.darkreading.com Authenticator for X, TikTok Exposes Personal User Info for 18 Months
With many popular apps, users must hand over personal information to prove their identity, and the big downside is they have no control over how that information gets processed and stored.
> With many popular apps, users must hand over personal information to prove their identity, and the big downside is they have no control over how that information gets processed and stored.
- Ticketmaster sends notifications about recent massive data breachwww.bleepingcomputer.com Ticketmaster sends notifications about recent massive data breach
Ticketmaster has started to notify customers who were impacted by a data breach after hackers stole the company's Snowflake database, containing the data of millions of people.
> Ticketmaster has started to notify customers who were impacted by a data breach after hackers stole the company's Snowflake database, containing the data of millions of people.
- HubSpot says it's investigating customer account hackstechcrunch.com Exclusive: HubSpot says it's investigating customer account hacks
The company “identified a security incident that involved bad actors targeting a limited number of HubSpot customers and attempting to gain unauthorized access to their accounts” on June 22.
> The company “identified a security incident that involved bad actors targeting a limited number of HubSpot customers and attempting to gain unauthorized access to their accounts” on June 22.
- BlackSuit ransomware gang claims attack on KADOKAWA corporationwww.bleepingcomputer.com BlackSuit ransomware gang claims attack on KADOKAWA corporation
The BlackSuit ransomware gang claimed a recent cyberattack on KADOKAWA corporation and is now threatening to publish stolen data if a ransom is not paid.
> The BlackSuit ransomware gang claimed a recent cyberattack on KADOKAWA corporation and is now threatening to publish stolen data if a ransom is not paid.
- Dairy giant Agropur says data breach exposed customer infowww.bleepingcomputer.com Dairy giant Agropur says data breach exposed customer info
Agropur, one of the largest dairy cooperatives in North America, is notifying customers of a data breach after some of its shared online directories were exposed.
> Agropur, one of the largest dairy cooperatives in North America, is notifying customers of a data breach after some of its shared online directories were exposed.
- TeamViewer's corporate network was breached in alleged APT hackwww.bleepingcomputer.com TeamViewer's corporate network was breached in alleged APT hack
The remote access software company TeamViewer is warning that its corporate environment was breached in a cyberattack yesterday, with a cybersecurity firm claiming it was by an APT hacking group.
> The remote access software company TeamViewer is warning that its corporate environment was breached in a cyberattack yesterday, with a cybersecurity firm claiming it was by an APT hacking group.
- Infosys McCamish says LockBit stole data of 6 million peoplewww.bleepingcomputer.com Infosys McCamish says LockBit stole data of 6 million people
Infosys McCamish Systems (IMS) disclosed that the LockBit ransomware attack it suffered earlier this year impacted sensitive information of more than six million individuals.
> Infosys McCamish Systems (IMS) disclosed that the LockBit ransomware attack it suffered earlier this year impacted sensitive information of more than six million individuals.
- Hacker claims data breach of India's eMigrate labor portaltechcrunch.com Hacker claims data breach of India's eMigrate labor portal | TechCrunch
A hacker claims to be selling an extensive database associated with an Indian government portal meant for blue-collar workforce emigrating from the country.
> A hacker claims to be selling an extensive database associated with an Indian government portal meant for blue-collar workforce emigrating from the country.
- rabbit data breach: all r1 responses ever given can be downloadedrabbitu.de rabbit data breach: all r1 responses ever given can be downloaded - rabbitude
rabbit inc has known that we have had their elevenlabs (tts) api key for a month, but they have taken no action to rotate the api keys.
> rabbit inc has known that we have had their elevenlabs (tts) api key for a month, but they have taken no action to rotate the api keys.
- LockBit lied: Stolen data is from a bank, not US Federal Reservewww.bleepingcomputer.com LockBit lied: Stolen data is from a bank, not US Federal Reserve
Recently-disrupted LockBit ransomware group, in a desperate attempt to make a comeback, claimed this week that it had hit the Federal Reserve, the central bank of the United States. Except, the rumor has been quashed.
> Recently-disrupted LockBit ransomware group, in a desperate attempt to make a comeback, claimed this week that it had hit the Federal Reserve, the central bank of the United States. Except, the rumor has been quashed.
- Microsoft-owned vendor blamed for massive healthcare breachwww.csoonline.com Microsoft-owned vendor blamed for massive healthcare breach
Geisinger said a former Nuance Communications employee with improper access to official records stole critical patient information.
> Geisinger said a former Nuance Communications employee with improper access to official records stole critical patient information.
- Neiman Marcus confirms data breach after Snowflake account hackwww.bleepingcomputer.com Neiman Marcus confirms data breach after Snowflake account hack
Luxury retailer Neiman Marcus confirmed it suffered a data breach after hackers attempted to sell the company's database stolen in recent Snowflake data theft attacks.
> Luxury retailer Neiman Marcus confirmed it suffered a data breach after hackers attempted to sell the company's database stolen in recent Snowflake data theft attacks.
- Did hackers steal 33TB of data from the Federal Reserve?www.csoonline.com Did hackers steal 33TB of data from the Federal Reserve?
The central banking system is allegedly negotiating with the ransomware gang LockBit to restore 33 terabytes of confidential banking data.
> The central banking system is allegedly negotiating with the ransomware gang LockBit to restore 33 terabytes of confidential banking data.
- Chemical facilities warned of possible data theft in CISA CSAT breachwww.bleepingcomputer.com Chemical facilities warned of possible data theft in CISA CSAT breach
CISA is warning that its Chemical Security Assessment Tool (CSAT) environment was breached in January after hackers deployed a webshell on its Ivanti device, potentially exposing sensitive security assessments and plans.
> CISA is warning that its Chemical Security Assessment Tool (CSAT) environment was breached in January after hackers deployed a webshell on its Ivanti device, potentially exposing sensitive security assessments and plans.
- CoinStats says North Korean hackers breached 1,590 crypto walletswww.bleepingcomputer.com CoinStats says North Korean hackers breached 1,590 crypto wallets
CoinStats suffered a massive security breach that compromised 1,590 cryptocurrency wallets, with the attack suspected to have been carried out by North Korean threat actors.
> CoinStats suffered a massive security breach that compromised 1,590 cryptocurrency wallets, with the attack suspected to have been carried out by North Korean threat actors.
- Indonesia says a cyberattack has compromised its data center but it won't pay the $8 million ransomapnews.com Indonesia says a cyberattack has compromised its data center but it won't pay the $8 million ransom
Authorities say Indonesia’s national data center has been compromised by a hacking group asking for a $8 million ransom that the government won’t pay.
> Authorities say Indonesia’s national data center has been compromised by a hacking group asking for a $8 million ransom that the government won’t pay.
- Change Healthcare lists the medical data stolen in ransomware attackwww.bleepingcomputer.com Change Healthcare lists the medical data stolen in ransomware attack
UnitedHealth has confirmed for the first time what types of medical and patient data were stolen in the massive Change Healthcare ransomware attack, stating that data breach notifications will be mailed in July.
> UnitedHealth has confirmed for the first time what types of medical and patient data were stolen in the massive Change Healthcare ransomware attack, stating that data breach notifications will be mailed in July.
- Los Angeles Unified School District confirms vendor data stolen in Snowflake cyberattackstatescoop.com Los Angeles Unified School District confirms vendor data stolen in Snowflake cyberattack | StateScoop
The Los Angeles Unified School District confirmed that one of its vendors had its data compromised in the recent cyberattack against the cloud storage provider Snowflake.
> The Los Angeles Unified School District confirmed that one of its vendors had its data compromised in the recent cyberattack against the cloud storage provider Snowflake.
- London hospitals hackers publish stolen blood test datawww.bbc.com London hospitals hackers publish stolen blood test data
The gang shared almost 400GB of the private information on their darknet site and Telegram channel.
> The gang shared almost 400GB of the private information on their darknet site and Telegram channel.
- Hacker Leaks Data of 33,000 Accenture Employees in Third-Party Breachhackread.com Hacker Leaks Data of 33,000 Accenture Employees in Third-Party Breach
Follow us on Twitter @Hackread - Facebook @ /Hackread
> A hacker is claiming to have extracted contact details of 33,000 current and former employees of the IT giant Accenture in a breach that involves a third-party firm.
- Association of Texas Professional Educators notifying 414,515 members of data breach
> The Association of Texas Professional Educators (ATPE) is notifying more than 414,000 members of a data breach.
- T-Mobile denies it was hacked, links leaked data to vendor breachwww.bleepingcomputer.com T-Mobile denies it was hacked, links leaked data to vendor breach
T-Mobile has denied it was breached or that source code was stolen after a threat actor claimed to be selling stolen data from the telecommunications company.
> T-Mobile has denied it was breached or that source code was stolen after a threat actor claimed to be selling stolen data from the telecommunications company.
- Crown Equipment confirms a cyberattack disrupted manufacturingwww.bleepingcomputer.com Crown Equipment confirms a cyberattack disrupted manufacturing
Forklift manufacturer Crown Equipment confirmed today that it suffered a cyberattack earlier this month that disrupted manufacturing at its plants.
> Forklift manufacturer Crown Equipment confirmed today that it suffered a cyberattack earlier this month that disrupted manufacturing at its plants.
- Advance Auto Parts confirms data breach exposed employee informationwww.bleepingcomputer.com Advance Auto Parts confirms data breach exposed employee information
Advance Auto Parts has confirmed it suffered a data breach after a threat actor attempted to sell stolen data on a hacking forum earlier this month.
> Advance Auto Parts has confirmed it suffered a data breach after a threat actor attempted to sell stolen data on a hacking forum earlier this month.
- AMD investigates breach after data for sale on hacking forumwww.bleepingcomputer.com AMD investigates breach after data for sale on hacking forum
AMD is investigating whether it suffered a cyberattack after a threat actor put allegedly stolen data up for sale on a hacking forum, claiming it contains AMD employee information, financial documents, and confidential information.
> AMD is investigating whether it suffered a cyberattack after a threat actor put allegedly stolen data up for sale on a hacking forum, claiming it contains AMD employee information, financial documents, and confidential information.
- Maxicare reports data breach to NPC
> Health insurance provider Maxicare has reported a data breach to the National Privacy Commission.
- Star ed-tech company discloses data breach
> Learnosity, an e-learning platform with more than 40 million learners, has disclosed a cybersecurity incident.
- Panera Bread likely paid a ransom in March ransomware attackwww.bleepingcomputer.com Panera Bread likely paid a ransom in March ransomware attack
Panera Bread, an American chain of fast food restaurants, most likely paid a ransom after being hit by a ransomware attack, suggests language used an internal email sent to employees.
> Panera Bread, an American chain of fast food restaurants, most likely paid a ransom after being hit by a ransomware attack, suggests language used an internal email sent to employees.
- Phishing attack hits L.A. County public health agency, jeopardizing 200,000-plus residents' personal infowww.latimes.com Phishing attack hits L.A. County public health agency, jeopardizing 200,000-plus residents' personal info
The personal information of more than 200,000 people in Los Angeles County was potentially exposed after a hacker used a phishing email to steal login credentials.
> The personal information of more than 200,000 people in Los Angeles County was potentially exposed after a hacker used a phishing email to steal login credentials.
- Keytronic confirms data breach after ransomware gang leaks stolen fileswww.bleepingcomputer.com Keytronic confirms data breach after ransomware gang leaks stolen files
PCBA manufacturing giant Keytronic is warning it suffered a data breach after the Black Basta ransomware gang leaked 530GB of the company's stolen data two weeks ago.
> PCBA manufacturing giant Keytronic is warning it suffered a data breach after the Black Basta ransomware gang leaked 530GB of the company's stolen data two weeks ago.