Tag: data-breach

Texas Tech University Data Breach Impacts 1.4 Million

Dec 17, 2024 6:42 PM

Tags: breach, data, data-breach

The breach has affected 650,000 individuals at TTUHSC’s Lubbock campus and 815,000 at its El Paso branch First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/texas-tech-university-breach/
Meta fined $263 million for alleged GDPR violations that led to data breach

Dec 17, 2024 5:42 PM

Tags: breach, data, data-breach, GDPR, privacy

Ireland’s data privacy regulator said it was levvying the fine for data security failures that led to information on about 29 million Facebook users being exposed.]]> First seen on therecord.media Jump to article: therecord.media/meta-fined-263-million-gdpr-violations-data-breach
Hackers Demand Ransom in Rhode Island Health System Data Breach

Dec 17, 2024 5:42 PM

Tags: breach, cyberattack, data, data-breach, hacker, ransom

In a major cyberattack, the state of Rhode Island has fallen victim to a security breach potentially exposing the personal information of thousands of residents. First seen on hackread.com Jump to article: hackread.com/hackers-ransom-rhode-island-health-system-data-breach/
Ireland fines Meta $264 million over 2018 Facebook data breach

Dec 17, 2024 5:42 PM

Tags: breach, data, data-breach, regulation

The Irish Data Protection Commission (DPC) fined Meta Euro251 million ($263.6M) over General Data Protection Regulation (GDPR) violations arising from a 2018 personal data breach impacting 29 million Facebook accounts. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/ireland-fines-meta-264-million-over-2018-facebook-data-breach/
Ireland fines Meta for 2018 ‘View As’ breach that exposed 30M accounts

Dec 17, 2024 4:42 PM

Tags: breach, data-breach

Euro251 million? Zuck can find that in his couch cushions, but Meta still vows to appeal First seen on theregister.com Jump to article: www.theregister.com/2024/12/17/ireland_fines_meta_for_2018/
Over 25,000 SonicWall VPN Firewalls exposed to critical flaws

Dec 17, 2024 4:42 PM

Tags: data-breach, firewall, firmware, flaw, vpn, vulnerability

Over 25,000 publicly accessible SonicWall SSLVPN devices are vulnerable to critical severity flaws, with 20,000 using a SonicOS/OSX firmware version that the vendor no longer supports. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/over-25-000-sonicwall-vpn-firewalls-exposed-to-critical-flaws/
Nächste Strafe für Meta: 251 Millionen Euro wegen Sicherheitslücke

Dec 17, 2024 3:44 PM

Tags: bug, data-breach

Facebook-Datenleck: Die irische Datenschutzbehörde verhängt eine 251 Millionen Euro Strafe gegen Meta wegen massiver Sicherheitsverstöße. First seen on tarnkappe.info Jump to article: tarnkappe.info/artikel/rechtssachen/naechste-strafe-fuer-meta-251-millionen-euro-wegen-sicherheitsluecke-306394.html
US Water Facilities Urged to Secure Access to Internet-Exposed HMIs

Dec 17, 2024 2:42 PM

Tags: access, cisa, data-breach, Internet

EPA and CISA urge organizations in the water and wastewater systems sector to harden remote access to internet-exposed human-machine interfaces (HMIs). The post US Water Facilities Urged to Secure Access to Internet-Exposed HMIs appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/us-water-facilities-urged-to-secure-access-to-internet-exposed-hmis/
Texas Tech University Data Breach Impacts 1.4 Million People

Dec 17, 2024 12:42 PM

Tags: breach, data, data-breach, finance

Texas Tech University says the personal, health, and financial information of 1.4 million was stolen from its health sciences centers. The post Texas Tech University Data Breach Impacts 1.4 Million People appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/texas-tech-university-data-breach-impacts-1-4-million-people/
New APIs Discovered by Attackers in Just 29 Seconds

Dec 17, 2024 12:42 PM

Tags: api, data-breach

Wallarm honeypot research finds potentially exposed APIs are being discovered within half a minute First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/new-apis-discovered-attackers-29/
ConnectOnCall Data Breach, 900,000 Customers Data Exposed

Dec 17, 2024 8:42 AM

Tags: breach, communications, cyber, data, data-breach, healthcare

The healthcare communication platform ConnectOnCall, operated by ConnectOnCall.com, LLC, has confirmed a significant data breach that compromised the personal information of 900,000 patients and healthcare providers. The platform, designed to streamline after-hours communications between patients and healthcare providers, discovered the breach in May of this year. The breach was identified onMay 12, 2024, prompting an…
Top 10 cybersecurity misconfigurations: Nail the setup to avoid attacks

Dec 17, 2024 7:44 AM

Tags: access, attack, authentication, awareness, blueteam, breach, cisa, cloud, computing, control, credentials, cyber, cybersecurity, data, data-breach, endpoint, exploit, extortion, firmware, incident response, infrastructure, intelligence, kev, malicious, malware, mfa, microsoft, monitoring, network, office, open-source, password, phishing, RedTeam, risk, service, software, supply-chain, threat, unauthorized, update, vulnerability, zero-day, zero-trust

While cybersecurity headlines are often dominated by the latest zero-day or notable vulnerability in a vendor’s software/product or open-source software library, the reality is that many significant data breaches have been and will continue to be due to misconfigurations.To underscore the serious of this issue, the US National Security Agency (NSA) and the Cybersecurity and…
ConnectOnCall data breach impacted over 900,000 individuals

Dec 17, 2024 12:42 AM

Tags: breach, data, data-breach, healthcare, HIPAA, service

ConnectOnCall disclosed a data breach impacting over 900,000 individuals, exposing their personal information. ConnectOnCall is a telehealth platform and after-hours on-call answering service designed to enhance communication between healthcare providers and patients. It offers automated patient call tracking, HIPAA-compliant chat, and integrates with electronic health record (EHR) systems to streamline after-hours calls and care coordination.…
Cicada3301 Ransomware Claims Attack on French Peugeot Dealership

Dec 16, 2024 11:42 PM

Tags: attack, breach, data, data-breach, group, ransomware

SUMMARY Cicada3301, a ransomware group, has claimed responsibility for a data breach targeting Concession Peugeot (concessions.peugeot.fr), a prominent… First seen on hackread.com Jump to article: hackread.com/cicada3301-ransomware-french-peugeot-dealership/
FBI spots HiatusRAT malware attacks targeting web cameras, DVRs

Dec 16, 2024 11:42 PM

Tags: attack, cctv, data-breach, malware, vulnerability

The FBI warned today that new HiatusRAT malware attacks are now scanning for and infecting vulnerable web cameras and DVRs that are exposed online. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/fbi-spots-hiatusrat-malware-attacks-targeting-web-cameras-dvrs/
Texas Tech University System data breach impacts 1.4 million patients

Dec 16, 2024 11:42 PM

Tags: breach, computer, cyberattack, data, data-breach

The Texas Tech University Health Sciences Center and its El Paso counterpart suffered a cyberattack that disrupted computer systems and applications, potentially exposing the data of 1.4 million patients. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/texas-tech-university-system-data-breach-impacts-14-million-patients/
Namibia’s state telecom provider says hackers leaked data after it refused to pay ransom

Dec 16, 2024 9:42 PM

Tags: breach, cybercrime, data, data-breach, finance, government, hacker, ransom

The company didn’t specify what kind of data was stolen by the cybercriminals, but according to local media reports, the hackers accessed over 400,000 files, including personal and financial data belonging to some high-ranking government officials and Telecom Namibia’s clients.]]> First seen on therecord.media Jump to article: therecord.media/namibia-state-telecom-provider-data-leaked-after-ransom-refusal
Rhode Island subjected to potentially widespread data breach

Dec 16, 2024 9:42 PM

Tags: breach, data, data-breach

First seen on scworld.com Jump to article: www.scworld.com/brief/rhode-island-subjected-to-potentially-widespread-data-breach
ConnectOnCall breach exposes health data of over 910,000 patients

Dec 16, 2024 6:42 PM

Tags: breach, data, data-breach, healthcare, service, software

Healthcare software as a service (SaaS) company Phreesia is notifying over 910,000 people that their personal and health data was exposed in a May breach of its subsidiary ConnectOnCall. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/connectoncall-breach-exposes-health-data-of-over-910-000-patients/
Rhode Island confirms data breach after Brain Cipher ransomware attack

Dec 16, 2024 6:42 PM

Tags: attack, breach, data, data-breach, ransomware

Rhode Island is warning that its RIBridges system, managed by Deloitte, suffered a data breach exposing residents’ personal information after the Brain Cipher ransomware gang hacked its systems. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/rhode-island-confirms-data-breach-after-brain-cipher-ransomware-attack/
Deloitte Alerts Rhode Island to Significant Data Breach in RIBridges System

Dec 16, 2024 5:44 PM

Tags: breach, data, data-breach, malicious, software

Rhode Island’s RIBridges system has suffered a major data breach, potentially exposing personal information, with Deloitte confirming the presence of malicious software First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/deloitte-rhode-island-data-breach/
Catching the ghost in the machine: Adapting threat detection to cloud speed

Dec 16, 2024 3:42 PM

Tags: access, ai, api, attack, automation, breach, cloud, credentials, data, data-breach, defense, detection, endpoint, exploit, fortinet, group, identity, monitoring, network, phishing, risk, saas, service, strategy, technology, threat, tool, training, update

The rapid adoption of cloud technology has transformed how businesses operate, offering scalability, agility, and opportunities for innovation. However, this transformation has also introduced a profound challenge: the “ghost in the machine””, elusive and dynamic threats that exploit the complexity and scale of cloud environments to remain hidden, evading traditional detection methods and posing significant…
900,000 People Impacted by ConnectOnCall Data Breach

Dec 16, 2024 2:42 PM

Tags: breach, data, data-breach

ConnectOnCall has disclosed a data breach impacting the personal information of more than 900,000 individuals. The post 900,000 People Impacted by ConnectOnCall Data Breach appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/900000-people-impacted-by-connectoncall-data-breach/
Rhode Island suffers major cyberattack, exposing personal data of thousands

Dec 16, 2024 2:42 PM

Tags: attack, breach, conference, cyber, cyberattack, cybercrime, cybersecurity, data, data-breach, finance, fraud, government, hacker, identity, infrastructure, insurance, international, law, leak, malicious, malware, mfa, organized, password, ransom, service, theft, threat, unauthorized, update, vulnerability

Rhode Island has suffered a severe cyberattack that has potentially exposed the personal data of hundreds of thousands of residents enrolled in state-run social services programs since 2016.Officials confirmed that RIBridges, the government system for programs like Medicaid and SNAP, was infiltrated by an international cybercriminal group. Governor Dan McKee confirmed that sensitive information, including…
Telecom Namibia Hit by Massive Cyberattack: Over 400,000 Files Leaked

Dec 16, 2024 11:44 AM

Tags: breach, cyberattack, cybersecurity, data-breach, international, leak

Telecom Namibia has fallen victim to a cyberattack, resulting in the leak of over 400,000 customer files. The Telecom Namibia cyberattack occurred on December 11, 2024, and the company is working closely with both local and international cybersecurity experts to determine the scope of the breach and to mitigate its impact. First seen on thecyberexpress.com…
Future of proposed US cybersecurity healthcare bills in doubt

Dec 16, 2024 10:42 AM

Tags: access, attack, authentication, breach, business, ceo, cio, ciso, citrix, compliance, credentials, cybersecurity, data, data-breach, email, finance, government, group, healthcare, infrastructure, jobs, law, mfa, penetration-testing, ransomware, regulation, risk, risk-analysis, risk-management, service, technology, theft, training, unauthorized, vulnerability

Six months after Congressional hearings that promised action on the massive Change Healthcare ransomware attack and data theft, three pieces of proposed legislation to tighten cybersecurity requirements on healthcare providers are waiting to be dealt with.But Senators have left the proposals too late in the legislative calendar: Experts say the issue will likely only be…
CISA and EPA Warn: Internet-Exposed HMIs Pose Serious Cybersecurity Risks to Water Systems

Dec 16, 2024 8:42 AM

Tags: cisa, cyber, cybersecurity, data-breach, infrastructure, Internet, malicious, risk

The Cybersecurity and Infrastructure Security Agency (CISA) and the Environmental Protection Agency (EPA) have jointly released a crucial fact sheet highlighting the cybersecurity risks posed by Internet-exposed Human Machine Interfaces (HMIs) in the Water and Wastewater Systems (WWS) sector. The fact sheet, titled Internet-Exposed HMIs Pose Cybersecurity Risks to Water and Wastewater Systems, offers practical…
Ukrainian Minors Recruited for Cyber Ops and Reconnaissance in Russian Airstrikes

Dec 16, 2024 8:42 AM

Tags: cyber, data-breach, espionage, group, russia, service, ukraine

The Security Service of Ukraine (SBU or SSU) has exposed a novel espionage campaign suspected to be orchestrated by Russia’s Federal Security Service (FSB) that involves recruiting Ukrainian minors for criminal activities under the guise of “quest games.”Law enforcement officials said that it detained two FSB agent groups following a special operation in Kharkiv. These…
The Zero-Detection PHP Backdoor Glutton Exposed

Dec 16, 2024 5:42 AM

Tags: backdoor, cybercrime, data-breach, detection

A discovery by XLab has detailed Glutton, a stealthy PHP backdoor targeting both traditional organizations and the cybercrime ecosystem itself. According to XLab’s analysis, Glutton represents a new generation of... First seen on securityonline.info Jump to article: securityonline.info/the-zero-detection-php-backdoor-glutton-exposed/
Over 300,000 Prometheus Servers Vulnerable to DoS Attacks Due to RepoJacking Exploit

Dec 14, 2024 3:05 PM

Tags: attack, breach, cyber, data, data-breach, dos, endpoint, exploit, Internet, malicious, risk, threat, unauthorized, vulnerability

The research identified vulnerabilities in Prometheus, including information disclosure from exposed servers, DoS risks from pprof endpoints, and potential code execution threats, which could lead to data breaches, system outages, and unauthorized access. Vulnerable Prometheus servers are exposed to internet risk exploitation by attackers, which includes a critical >>RepoJacking