Tag: breach
-
Best of 2025: UNC6395 and the Salesloft Drift Attack: Why Salesforce OAuth Integrations are a Growing Risk
A recent UNC6395 Salesloft Drift breach reveals Salesforce SaaS risks. Learn how to simplify breach detection, prevention, and visibility. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/12/unc6395-and-the-salesloft-drift-attack-why-salesforce-oauth-integrations-are-a-growing-risk-2/
-
LastPass 2022 Breach Led to Years-Long Cryptocurrency Thefts, TRM Labs Finds
Tags: backup, blockchain, breach, crypto, cybercrime, data, data-breach, intelligence, password, russia, theftThe encrypted vault backups stolen from the 2022 LastPass data breach have enabled bad actors to take advantage of weak master passwords to crack them open and drain cryptocurrency assets as recently as late 2025, according to new findings from TRM Labs.The blockchain intelligence firm said evidence points to the involvement of Russian cybercriminal actors…
-
LastPass 2022 Breach Led to Years-Long Cryptocurrency Thefts, TRM Labs Finds
Tags: backup, blockchain, breach, crypto, cybercrime, data, data-breach, intelligence, password, russia, theftThe encrypted vault backups stolen from the 2022 LastPass data breach have enabled bad actors to take advantage of weak master passwords to crack them open and drain cryptocurrency assets as recently as late 2025, according to new findings from TRM Labs.The blockchain intelligence firm said evidence points to the involvement of Russian cybercriminal actors…
-
Breach Roundup: Spotify Metadata Dumped Online
Also: SudamericaData Leak, RaccoonO365 Arrest and Nefilim Conspirator Pleads Guilty. This week: Spotify metadata scraped, Nissan disclosed third-party breach, millions of Argentines exposed to data leak, African police arrested hundreds in a cybercrime sweep, Nigeria nabbed a phishing operator, the U.S. DOJ charged ATM jackpotting ring and Nefilim ransomware affiliate pleaded guilty. First seen on…
-
FBI seized ‘web3adspanels.org’ hosting stolen logins
The U.S. seized the ‘web3adspanels.org’ domain and database used by cybercriminals to store stolen bank login credentials. The FBI seized the domain web3adspanels[.]org and its database after cybercriminals used it to store bank login credentials stolen from U.S. victims. A criminal group ran fake ads on Google and Bing that mimicked real bank advertisements. Victims…
-
FBI seizes domain storing bank credentials stolen from U.S. victims
The U.S. government has seized the ‘web3adspanels.org’ domain and the associated database used by cybercriminals to host bank login credentials stolen in account takeover attacks. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/fbi-seizes-domain-storing-bank-credentials-stolen-from-us-victims/
-
Attacks are Evolving: 3 Ways to Protect Your Business in 2026
Every year, cybercriminals find new ways to steal money and data from businesses. Breaching a business network, extracting sensitive data, and selling it on the dark web has become a reliable payday. But in 2025, the data breaches that affected small and medium-sized businesses (SMBs) challenged our perceived wisdom about exactly which types of businesses…
-
How can proactive AI security prevent data breaches
Can Organizations Trust Proactive AI Security to Prevent Data Breaches? The management of Non-Human Identities (NHIs) is becoming essential for organizations operating across various sectors such as financial services, healthcare, and DevOps. It’s imperative to understand how NHIs, combined with proactive AI security measures, pave the way to a more secure digital environment, limiting the……
-
Red Hat GitLab breach exposes data of 21,000 Nissan customers
Hackers breached Red Hat’s GitLab, stealing data of 21,000 customers; Nissan confirmed exposure via a self-managed GitLab instance. Japanese carmaker Nissan disclosed a data breach tied to a self-managed GitLab instance used by Red Hat Consulting. Threat actors gained access to the GitLab instance, stealing data from 21,000 customers. In October, the Crimson Collective claimed…
-
More than 22 million Aflac customers impacted by June data breach
The company has begun notifying state regulators about the attack and sending breach notification letters to victims. First seen on therecord.media Jump to article: therecord.media/22-million-impacted-aflac-breach
-
How AI Will Reshape Health Data Breach, Attack Trends
Healthcare data breaches are becoming more frequent but smaller in scale, targeting smaller entities and high-value credentials and records – and AI is reshaping both the attack landscape and fraud patterns, said Jim Van Dyke, senior principal of innovation at TransUnion. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/interviews/how-ai-will-reshape-health-data-breach-attack-trends-i-5511
-
University of Phoenix Data Breach: 3.5M Individuals Affected
Full Scope of Clop Ransomware Group’s Oracle E-Business Suite Hits Still Emerging. The University of Phoenix is notifying 3.5 million individuals that their personal information was compromised in a data breach. The theft traces to the Clop ransomware group’s supply-chain campaign against users of Oracle E-Business Suite, in which it wield two zero-day vulnerabilities. First…
-
3.5 Million Impacted in University of Phoenix Data Breach
A University of Phoenix data breach exposed the personal information of more than 3.5 million individuals. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/3-5-million-impacted-in-university-of-phoenix-data-breach/
-
University of Phoenix Data Breach: 3.5M Individuals Affected
Full Scope of Clop Ransomware Group’s Oracle E-Business Suite Hits Still Emerging. The University of Phoenix is notifying 3.5 million individuals that their personal information was compromised in a data breach. The theft traces to the Clop ransomware group’s supply-chain campaign against users of Oracle E-Business Suite, in which it wield two zero-day vulnerabilities. First…
-
University of Phoenix Data Breach: 3.5M Individuals Affected
Full Scope of Clop Ransomware Group’s Oracle E-Business Suite Hits Still Emerging. The University of Phoenix is notifying 3.5 million individuals that their personal information was compromised in a data breach. The theft traces to the Clop ransomware group’s supply-chain campaign against users of Oracle E-Business Suite, in which it wield two zero-day vulnerabilities. First…
-
21K Nissan customers’ data stolen in Red Hat raid
Automaker’s third security snafu in three years First seen on theregister.com Jump to article: www.theregister.com/2025/12/23/21k_nissan_customers_data_stolen/
-
The 3% Rule: How To Silence 97% of Your Cloud Alerts and Be More Secure
Tags: access, ai, attack, breach, business, cloud, cve, cvss, data, data-breach, flaw, iam, identity, infrastructure, least-privilege, malicious, metric, network, ransomware, risk, security-incident, service, software, strategy, threat, tool, update, vulnerability, vulnerability-managementPrioritizing what to fix first and why that really matters Key takeaways The 97% distraction: Discover why the vast majority of your “Critical” alerts are just theoretical noise, and how focusing strictly on the 3% of findings that represent real, exploitable risk can drastically improve your security posture. Identity is the accelerant: Breaches rarely happen…
-
Best of 2025: Blue Shield of California Data Breach Exposes 4.7M Members’ Info
Discover the Blue Shield of California data breach affecting 4.7M members. Learn about the risks and essential security measures to protect your data. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/12/blue-shield-of-california-data-breach-exposes-4-7m-members-info-2/
-
Clop Ransomware Group Linked to 3.5m University of Phoenix Breach
A University of Phoenix data breach affecting nearly 3.5 million individuals has been claimed by the Clop ransomware collective First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/university-phoenix-breach-clop/
-
Why outsourced cyber defenses create systemic risks
Tags: access, ai, attack, backdoor, breach, business, ciso, cloud, compliance, corporate, cyber, cybercrime, cybersecurity, data, defense, detection, dora, exploit, finance, framework, GDPR, governance, government, hacker, healthcare, infrastructure, law, malicious, monitoring, moveIT, msp, nis-2, ransomware, regulation, resilience, risk, software, strategy, supply-chain, threat, tool, vulnerability, zero-trustRisk categories of outsourced IT & cybersecurity: When you outsource, responsibility shifts, but accountability never leaves you. The risks fall into clear categories. Operational risks The most basic risk is fragile continuity. In 2017, British Airways outsourced parts of its IT operations. A system outage grounded flights worldwide. The vendor contract delivered savings, but it…
-
2026: Bringing Cyber Resiliency to Organizations
4 Surprising Truths from Verizon’s 2025 Data Breach Report That Change Everything The annual release of the Verizon Data Breach Investigations Report (DBIR) is a major event in the cybersecurity calendar. For security professionals and business leaders, it’s the definitive source for understanding the threat landscape, packed with data-driven insights compiled from thousands of real-world incidents. Each year, it……
-
Why Third-Party Access Remains the Weak Link in Supply Chain Security
Attackers exploited a supply chain weakness, abusing trusted components to compromise systems and spread malicious activity across connected targets. Your next breach probably won’t start inside your network”, it will start with someone you trust. Every supplier, contractor, and service provider needs access to your systems to keep business running, yet each login is a…
-
Top 10 ANZ stories of 2025
The 2025 tech landscape in Australia and New Zealand was dotted with major data breaches even as organisations continue to press on with their digital transformation efforts in areas such as AI and automation First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366636080/Top-10-ANZ-stories-of-2025
-
Top 10 ANZ stories of 2025
The 2025 tech landscape in Australia and New Zealand was dotted with major data breaches even as organisations continue to press on with their digital transformation efforts in areas such as AI and automation First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366636080/Top-10-ANZ-stories-of-2025
-
Nissan: Thousands Impacted By Red Hat Breach
Nissan has revealed that over 20,000 customers have had personal information compromised in a third-party data breach First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/nissan-thousands-impacted-by-red/
-
Baker University says 2024 data breach impacts 53,000 people
Baker University has disclosed a data breach after attackers gained access to its network one year ago and stole the personal, health, and financial information of over 53,000 individuals. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/baker-university-data-breach-impacts-over-53-000-individuals/