Tag: data-breach
-
Largest US addiction treatment provider notifies patients of data breach
BayMark Health Services, North America’s largest provider of substance use disorder (SUD) treatment and recovery services, is notifying an undisclosed number of patients that attackers stole their personal and health information in a September 2024 breach. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/largest-us-addiction-treatment-provider-notifies-patients-of-data-breach/
-
Breach Roundup: Finland Detains Tanker Tied to Cable Sabotage
Also, Alleged Gravy Analytics Breach Exposes Location Data. This week, a Russian tanker linked to cable sabotage detained in Finland, a claimed Gravy Analytics breach exposed location data, a Mirai-based botnet exploited zero-day flaws, Dell updated framework flaws and a court sentenced a Florida woman for laundering millions in romance scams. First seen on govinfosecurity.com…
-
PowerSchool says hackers stole students’ sensitive data, including Social Security numbers, in data breach
In an FAQ obtained by TechCrunch, PowerSchool confirms it negotiated with the threat actors responsible for the breach. First seen on techcrunch.com Jump to article: techcrunch.com/2025/01/09/powerschool-says-hackers-stole-students-sensitive-data-including-social-security-numbers-in-data-breach/
-
Angeblich Datenleck bei Datensammler Gravy Analytics
Im Darknet behaupten Kriminelle, Daten vom Positionsdatensammler Gravy Analytics erbeutet zu haben. Sorge um die Privatsphäre macht sich breit. First seen on heise.de Jump to article: www.heise.de/news/Offenbar-Datenleck-bei-Positionsdatensammler-Gravy-Analytics-10233802.html
-
Medical Billing Firm Medusind Says Data Breach Impacts 360,000 People
Medical billing solutions provider Medusind has revealed that a data breach discovered in December 2023 impacts over 360,000 individuals. The post Medical Billing Firm Medusind Says Data Breach Impacts 360,000 People appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/medical-billing-firm-medusind-says-data-breach-impacts-360000-people/
-
Offenbar Datenleck bei Positionsdatensammler Gravy Analytics
Im Darknet behaupten Kriminelle, Daten vom Positionsdatensammler Gravy Analytics erbeutet zu haben. Sorge um die Privatsphäre macht sich breit. First seen on heise.de Jump to article: www.heise.de/news/Offenbar-Datenleck-bei-Positionsdatensammler-Gravy-Analytics-10233802.html
-
Excelsior Orthopaedics Data Breach Impacts 357,000 People
Excelsior Orthopaedics says the information of roughly 357,000 patients and employees was stolen in a June 2024 data breach. The post Excelsior Orthopaedics Data Breach Impacts 357,000 People appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/excelsior-orthopaedics-data-breach-impacts-357000-people/
-
Green Bay Packers Pro Shop Data Breach Compromises Customers
The Green Bay Packers disclosed on Monday that their official online store was breached and customer information stolen First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/green-bay-packers-shop-data-breach/
-
Ivanti warns critical RCE flaw in Connect Secure exploited as zero-day
Tags: advisory, apt, attack, authentication, cve, cvss, cybersecurity, data-breach, exploit, flaw, google, government, group, intelligence, Internet, ivanti, law, mandiant, microsoft, network, rce, remote-code-execution, risk, software, threat, tool, vpn, vulnerability, zero-dayIT software provider Ivanti released patches Wednesday for its Connect Secure SSL VPN appliances to address two memory corruption vulnerabilities, one of which has already been exploited in the wild as a zero-day to compromise devices.The exploited vulnerability, tracked as CVE-2025-0282, is a stack-based buffer overflow rated as critical with a CVSS score of 9.0.…
-
UN agency’s job application database breached, 42,000 records stolen
Tags: access, attack, breach, communications, cybersecurity, data, data-breach, email, finance, international, jobs, password, sans, security-incident, tactics, threatThe International Civil Aviation Organization (ICAO) on Tuesday said that it is “actively investigating reports of a potential information security incident allegedly linked to a threat actor known for targeting international organizations,” and has initially concluded that “approximately 42,000 recruitment application data records from April 2016 to July 2024” were stolen.In its initial statement, the…
-
Data Breach Hits Green Bay Packers Online Store
First seen on scworld.com Jump to article: www.scworld.com/brief/data-breach-hits-green-bay-packers-online-store
-
Data breach hits Green Bay Packers’ online store
First seen on scworld.com Jump to article: www.scworld.com/brief/data-breach-hits-green-bay-packers-online-store
-
Washington State Sues T-Mobile For Negligence Over Massive 2021 Data Breach
First seen on scworld.com Jump to article: www.scworld.com/brief/washington-state-sues-t-mobile-for-negligence-over-massive-2021-data-breach
-
Green Bay Packers Retail Site Hacked, Data of 8,500 Customers Exposed
The data of more than 8,500 customers were exposed during an attack on the Green Bay Packers online retail website in which the hackers were able to bypass security measure and install malicious code, steal customers’ names, addresses, and credit card information. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/01/green-bay-packers-retail-site-hacked-data-of-8500-customers-exposed/
-
Data of more than 8,500 customers breached on Green Bay Packers shopping website
The Green Bay Packers Pro Shop website was exposed to malicious code that stole data about more than 8,500 shoppers, the NFL team says. First seen on therecord.media Jump to article: therecord.media/green-bay-packers-online-store-data-breach
-
Medical billing firm Medusind discloses breach affecting 360,000 people
Medusind, a leading billing provider for healthcare organizations, is notifying hundreds of thousands of individuals of a data breach that exposed their personal and health information more than a year ago, in December 2023. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/medical-billing-firm-medusind-discloses-breach-affecting-360-000-people/
-
Thousands Impacted by Casio Data Breach
Casio has completed its investigation into the data breach caused by a recent ransomware attack and found that thousands of individuals are impacted. The post Thousands Impacted by Casio Data Breach appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/thousands-impacted-by-casio-data-breach/
-
UN aviation agency ICAO confirms its recruitment database was hacked
ICAO said that a previously reported data breach involved “approximately 42,000 recruitment application data records from April 2016 to July 2024.” ]]> First seen on therecord.media Jump to article: therecord.media/icao-un-confirms-recruitment-systems-data-breach
-
Casio Admits Security Failings as Attackers Leak Employee and Customer Data
Electronics firm Casio revealed that ransomware attackers have leaked the personal data of employees, customers and business partners First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/casio-failings-attackers-leak-data/
-
Millions of Email Servers Exposed Due to Missing TLS Encryption
Millions of email servers worldwide remain alarmingly vulnerable to cyberattacks due to a critical security oversight: the absence of Transport Layer Security (TLS) encryption. First seen on hackread.com Jump to article: hackread.com/millions-email-servers-exposed-missing-tls-encryption/
-
Washington State Filed Lawsuit Against T-Mobile Massive Data Breach
Washington State Attorney General Bob Ferguson filed a consumer protection lawsuit against T-Mobile for its alleged failure to secure sensitive personal information of over 2 million residents. This lawsuit comes in the wake of a massive data breach that exposed the personal details of Washingtonians, putting them at heightened risk of fraud and identity theft.…
-
The biggest data breach fines, penalties, and settlements so far
Tags: access, apache, attack, breach, business, china, ciso, communications, compliance, control, credentials, credit-card, cyberattack, cybercrime, cybersecurity, data, data-breach, email, finance, flaw, framework, GDPR, google, hacker, Hardware, identity, Internet, law, leak, linkedin, microsoft, mobile, monitoring, network, office, phone, privacy, regulation, risk, service, software, technology, tool, training, update, vulnerabilitySizable fines assessed for data breaches in recent years suggest that regulators are getting more serious about cracking down on organizations that don’t properly protect consumer data.Hit with a $ 1.3 billion fine for unlawfully transferring personal data from the European Union to the US, Meta tops the list of recent big-ticket sanctions, with one…
-
Casio says data of 8,500 people exposed in October ransomware attack
Japanese electronics manufacturer Casio says that the October 2024 ransomware incident exposed the personal data of approximately 8,500 people. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/casio-says-data-of-8-500-people-exposed-in-october-ransomware-attack/
-
Third-Party Data Breach Limited to Treasury Dept.
The breach was carried out by exploiting CVE-2024-12356 in BeyondTrust cybersecurity company, just last week. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/cisa-third-party-data-breach-limited-treasury-dept
-
The secret to your Artifactory: A Deep Dive into Critical Exposures
While Artifactory tokens aren’t the most common leaked secrets, GitGuardian’s research reveals their critical nature in corporate environments. Recent investigations across major industries show how these tokens frequently expose sensitive resources through build configurations and DevOps code. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/01/the-secret-to-your-artifactory-a-deep-dive-into-critical-exposures/
-
Washington state sues T-Mobile over 2021 data breach security failures
Washington state has sued T-Mobile over failing to secure the sensitive personal information of over 2 million Washington residents in a 2021 data breach. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/legal/washington-state-sues-t-mobile-over-2021-data-breach-security-failures/
-
Turbulence at UN aviation agency as probe into potential data theft begins
Crime forum-dweller claims to have leaked 42,000 documents packed with personal info First seen on theregister.com Jump to article: www.theregister.com/2025/01/07/icao_data_theft_investigation/
-
T-Mobile Sued by Washington State Over 2021 Data Breach
Attorney General Accuses Telecom of Failing to Correctly Notify Millions of Victims. Washington state’s attorney general filed a consumer protection lawsuit against T-Mobile over a massive 2021 data breach that exposed personally identifiable information for more than 79 million consumers, alleging in part the telecom failed to correctly notify victims. First seen on govinfosecurity.com Jump…
-
ADFS”Š”, “ŠLiving in the Legacy of DRS
ADFS”Š”, “ŠLiving in the Legacy of DRS It’s no secret that Microsoft have been trying to move customers away from ADFS for a while. Short of slapping a “deprecated” label on it, every bit of documentation I come across eventually explains why Entra ID should now be used in place of ADFS. And yet”¦ we still encounter…