Tag: data-breach
-
US Hackers Reportedly Caused a Blackout in Venezuela
Plus: AI reportedly caused ICE to send agents into the field without training, Palantir’s app for targeting immigrants gets exposed, and more. First seen on wired.com Jump to article: www.wired.com/story/security-news-this-week-us-hackers-reportedly-caused-a-blackout-in-venezuela/
-
Insider risk in an age of workforce volatility
Tags: access, ai, api, authentication, automation, backdoor, backup, china, ciso, control, credentials, cyber, cybersecurity, data, data-breach, exploit, framework, governance, government, identity, jobs, least-privilege, malicious, mitigation, monitoring, network, risk, strategy, supply-chain, threat, zero-trustEarly warnings: The machine as insider risk/threat: These dynamics are not emerging in a vacuum. They represent the culmination of warnings that have been building for years.As early as 2021, in my CSO opinion piece “Device identity: The overlooked insider threat,” Rajan Koo (then chief customer officer at DTEX Systems, now CTO) observed: “There needs…
-
A ransomware attack disrupted operations at South Korean conglomerate Kyowon
South Korean conglomerate Kyowon confirmed a ransomware attack that disrupted operations and may have exposed customer data. Kyowon Group is a major South Korean conglomerate with diverse business interests spanning education, publishing, media, and technology. It operates nationwide, serving millions of customers through its various subsidiaries and brands. The company is a significant player in…
-
Grubhub confirms hackers stole data in recent security breach
Food delivery platform Grubhub has confirmed a recent data breach after hackers accessed its systems, with sources telling BleepingComputer the company is now facing extortion demands. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/grubhub-confirms-hackers-stole-data-in-recent-security-breach/
-
AWS CodeBuild Misconfiguration Exposed GitHub Repos to Potential Supply Chain Attacks
A critical misconfiguration in Amazon Web Services (AWS) CodeBuild could have allowed complete takeover of the cloud service provider’s own GitHub repositories, including its AWS JavaScript SDK, putting every AWS environment at risk.The vulnerability has been codenamed CodeBreach by cloud security company Wiz. The issue was fixed by AWS in September 2025 following responsible disclosure…
-
2025 Threat Landscape in Review: Lessons for Businesses Moving Into 2026
Tags: access, ai, application-security, attack, authentication, awareness, backdoor, breach, business, captcha, cloud, compliance, container, control, credentials, credit-card, cybersecurity, data, data-breach, ddos, defense, encryption, exploit, finance, firewall, flaw, google, identity, infrastructure, intelligence, leak, malicious, mitigation, monitoring, network, pypi, risk, service, software, strategy, supply-chain, threat, tool, vulnerability, windows2025 Threat Landscape in Review: Lessons for Businesses Moving Into 2026 andrew.gertz@t“¦ Thu, 01/15/2026 – 16:48 Nadav Avital – Senior Director of Threat Research at Thales More About This Author > 2025 was a year that tested how businesses think about security. Some attacks happened in new, unexpected ways, while others employed old tricks, taken…
-
ICE Agent Doxxing Site DDoS-ed Via Russian Servers
DDoS-ers are striking a website linked to a data breach at the Department of Homeland Security First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/ice-agent-doxxing-site-ddosed/
-
Ransomware gangs extort victims by citing compliance violations
Tags: ai, attack, breach, compliance, data, data-breach, extortion, group, ransomware, regulation, threat, toolAI amplifies attacks: Hild points to another problem: “AI-powered tools dramatically accelerate these attacks. Criminals can now screen stolen documents for ‘material’ compliance violations within hours of a data breach, faster and more accurately than many companies can audit their own systems.”The SailPoint specialist explains: “They create detailed, legally sound complaints for authorities and set…
-
Datenleck bei Instagram? Mysteriöse Passwort-Mails verunsichern Nutzer
First seen on t3n.de Jump to article: t3n.de/news/danteleck-instagram-passwort-reset-mails-1724913/
-
South Korean giant Kyowon confirms data theft in ransomware attack
The Kyowon Group (Kyowon), a South Korean conglomerate, disclosed that a cyberattack has disrupted its operations and customer information may have been exposed in the incident. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/south-korean-giant-kyowon-confirms-data-theft-in-ransomware-attack/
-
France fines Free Mobile Euro42 million over 2024 data breach incident
The French data protection authority (CNIL) has imposed cumulative fines of Euro42 million on Free Mobile and its parent company, Free, for inadequate protection of customer data against cyber threats. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/france-fines-free-mobile-42-million-over-2024-data-breach-incident/
-
SpyCloud Launches Supply Chain Solution to Combat Rising Third-Party Identity Threats
Tags: access, ai, authentication, breach, business, communications, compliance, credentials, cybercrime, cybersecurity, dark-web, data, data-breach, defense, government, grc, group, identity, incident response, infosec, infrastructure, malware, monitoring, phishing, ransomware, risk, risk-management, service, supply-chain, technology, theft, threat, toolFor government agencies and critical infrastructure operators, supply chain threats present national security risks that demand heightened vigilance. Public sector organizations managing sensitive data and critical services increasingly rely on contractors and technology vendors whose compromised credentials could provide adversaries with pathways into classified systems or essential infrastructure. Last year alone, the top 98 Defense…
-
French data regulator fines telco subsidiaries $48 million over data breach
France’s data protection regulator fined the subsidiaries of a telecom giant $42 million for cybersecurity vulnerabilities that contributed to a massive data breach. First seen on therecord.media Jump to article: therecord.media/france-data-regulator-fine
-
US cargo tech company publicly exposed its shipping systems and customer data to the web
Shipping tech company Bluspark left internal plaintext passwords, including those of executives, exposed to the internet, at a time when hacks in the shipping industry are on the rise. First seen on techcrunch.com Jump to article: techcrunch.com/2026/01/14/us-cargo-tech-company-publicly-exposed-its-shipping-systems-and-customer-data-to-the-web/
-
Eurail passengers taken for a ride as data breach spills passports, bank details
Travel biz tells customers to change passwords beyond its own services First seen on theregister.com Jump to article: www.theregister.com/2026/01/14/eurail_breach/
-
Leaked Data Exposes Thousands of Border Patrol, ICE Agents After Renee Good Shooting
A reported DHS leak exposed personal details of about 4,500 ICE and Border Patrol agents after a Minneapolis shooting, raising safety and ethics concerns. The post Leaked Data Exposes Thousands of Border Patrol, ICE Agents After Renee Good Shooting appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-leaked-data-exposes-thousands-border-patrol-ice-agents/
-
Monroe University says 2024 data breach affects 320,000 people
Monroe University revealed that threat actors stole the personal, financial, and health information of over 320,000 people after breaching its systems in a December 2024 cyberattack. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/monroe-university-says-2024-data-breach-affects-320-000-people/
-
Interrail warnt vor Datenleck: Ausweisdaten zahlreicher Bahnreisender abgeflossen
Persönliche Daten von Eurail- und Interrail-Kunden sind in die Hände von Angreifern gelangt. Es drohen Phishing-Versuche. First seen on golem.de Jump to article: www.golem.de/news/interrail-warnt-vor-datenleck-ausweisdaten-zahlreicher-bahnreisender-abgeflossen-2601-204175.html
-
Threat actor claims the theft of full customer data from Spanish energy firm Endesa
Endesa disclosed a data breach exposing full customer data, including contact details, national ID numbers, and payment information. Spanish energy firm Endesa disclosed a data breach, threat actors stole full customer data, including contact details, national ID numbers, and payment information. >>In this regard, we regret to inform you that Endesa EnergÃa has detected a…
-
Central Maine Healthcare breach exposed data of over 145,000 people
A data breach last year at Central Maine Healthcare (CMH) exposed sensitive information of more than 145,000 individuals. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/central-maine-healthcare-breach-exposed-data-of-over-145-000-people/
-
Target employees confirm leaked source code is authentic
Multiple current and former Target employees confirmed that leaked source code samples posted by a threat actor match real internal systems. The company also rolled out an “accelerated” lockdown of its Git server, requiring VPN access, a day after being contacted by BleepingComputer. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/target-employees-confirm-leaked-source-code-is-authentic/
-
Betterment confirms data breach after wave of crypto scam emails
U.S. digital investment advisor Betterment confirmed that hackers breached its systems and sent fake crypto-related messages to some customers. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/betterment-confirms-data-breach-after-wave-of-crypto-scam-emails/
-
Betterment confirms data breach after wave of crypto scam emails
U.S. digital investment advisor Betterment confirmed that hackers breached its systems and sent fake crypto-related messages to some customers. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/betterment-confirms-data-breach-after-wave-of-crypto-scam-emails/
-
BreachForums Data Leak Raises Fresh Questions Over Credibility
BreachForums, one of the most well-known English-language cybercrime forums, has reportedly suffered a data breach, exposing user information after the site was taken offline once again. As reported by The Register, a database linked to the forum was leaked online, potentially revealing account details, private messages and metadata on close to 325,000 accounts. However, security…
-
Widespread Magecart Campaign Targets Users of All Major Credit Cards
Researchers at Silent Push have exposed a global Magecart campaign stealing credit card data since 2022. Learn how this invisible web-skimming attack targets major networks like Mastercard and Amex, and how to stay safe. First seen on hackread.com Jump to article: hackread.com/magecart-targets-all-credit-cards-users/
-
Target employees confirm leaked code after ‘accelerated’ Git lockdown
Multiple current and former Target employees confirmed that leaked source code samples posted by a threat actor match real internal systems. The company also rolled out an “accelerated” lockdown of its Git server, requiring VPN access, a day after being contacted by BleepingComputer. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/target-employees-confirm-leaked-code-after-accelerated-git-lockdown/
-
Hackers get hacked, as BreachForums database is leaked
Have you ever stolen data, traded a hacking tool, or just lurked on a dark web forum believing that you are anonymous? First seen on bitdefender.com Jump to article: www.bitdefender.com/en-us/blog/hotforsecurity/hackers-get-hacked-as-breachforums-database-is-leaked
-
Betterment Customer Data Exposed in Crypto Scam Hack
The breach occurred through a compromised third-party marketing platform, allowing attackers to impersonate the trusted financial service. The post Betterment Customer Data Exposed in Crypto Scam Hack appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-betterment-crypto-scam-hack/
-
Notorious BreachForums hacking site hit by ‘doomsday’ leak of 324,000 criminal users
Tags: access, breach, crime, cyber, cybercrime, dark-web, data, data-breach, email, extortion, group, hacking, intelligence, law, leak, password, penetration-testing, ransomware, risk, service, threatHave I Been Pwned, the data breach happened last August, two months before the police takedown of the BreachForums data extortion site after threats by Scattered Lapsus$ Hunters to use it to release one billion records stolen from Salesforce customers.This tallies with the August 11 date on the database leaked last week; that was the…