Tag: data-breach
-
Was bei der Cloud-Konfiguration schiefläuft und wie es besser geht
Tags: access, ai, authentication, breach, cloud, cyberattack, cybersecurity, cyersecurity, data-breach, infrastructure, Internet, least-privilege, mfa, monitoring, risk, saas, service, tool, usa, zero-trustFehlerhaft konfigurierte Cloud-Dienste sorgen regelmäßig für Datenlecks und schlimmeres.Konfigurationsfehler in der Cloud, die Unternehmensdaten gefährden, sind nicht unbedingt etwas Neues eher im Gegenteil. Umso schlimmer, dass Unternehmen ihre Cloud-Ressourcen immer noch nicht durchgängig absichern. Zumindest legt das ein aktueller Report nahe. Dafür hat der Cloud-Sicherheitsanbieter Qualys 101 Cybersecurity- und IT-Profis befragt, zu deren Aufgaben es…
-
Cybersecurity Snapshot: Predictions for 2026: AI Attack Acceleration, Automated Remediation, Custom-Made AI Security Tools, Machine Identity Threats, and More
Tags: access, ai, attack, automation, breach, ciso, cloud, computer, conference, control, cyber, cybersecurity, data, data-breach, defense, detection, exploit, governance, group, identity, intelligence, mitigation, risk, service, threat, tool, zero-dayIn this special edition, Tenable leaders forecast key 2026 trends, including: AI will make attacks more plentiful and less costly; machine identities will become the top cloud risk; preemptive cloud and exposure management will dethrone runtime detection; and automated remediation gets the go-ahead. Key takeaways AI will supercharge the speed and volume of traditional cyber…
-
Aflac Notifies 22.6 Million People of June Data Theft Attack
Insurer’s Hack Could Rank as Largest US Health Data Breach Reported in 2025. Supplemental health insurer Aflac is notifying 22.65 million people whose sensitive health and personal information, including Social Security numbers, was potentially compromised in a June data theft incident. The incident will likely rank as the biggest U.S. health data breach reported in…
-
Nearly 480,000 impacted by Covenant Health data breach
A cyberattack last year against the Catholic healthcare organization Covenant Health exposed the sensitive information of more than 478,000 people. First seen on therecord.media Jump to article: therecord.media/covenant-health-breach-qilin
-
Covenant Health says May data breach impacted nearly 478,000 patients
The Covenant Health organization has revised to nearly 500,000 the number of individuals affected by a data breach discovered last May. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/covenant-health-says-may-data-breach-impacted-nearly-478-000-patients/
-
Tokyo FM Data Breach: Hacker Claims Over 3 Million Records Stolen
Tokyo FM is investigating claims of a massive data breach involving 3 million records. Learn what information was allegedly taken and how you can stay safe. First seen on hackread.com Jump to article: hackread.com/tokyo-fm-data-breach-hacker-3-million-records-stolen/
-
Covenant Health data breach after ransomware attack impacted over 478,000 people
Covenant Health suffered a ransomware attack by the Qilin group in May 2025, compromising data of over 478,000 individuals. Covenant Health, Inc., based in Andover, Massachusetts, is a healthcare organization that provides medical services and patient care. Covenant Health operates hospitals, clinics, or related healthcare facilities in multiple states, including Massachusetts, Maine, New Hampshire, Pennsylvania,…
-
Over 10K Fortinet firewalls exposed to actively exploited 2FA bypass
Tags: 2fa, attack, authentication, data-breach, exploit, firewall, fortinet, Internet, mfa, vulnerabilityOver 10,000 Internet-exposed Fortinet firewalls are still vulnerable to attacks exploiting a five-year-old two-factor authentication (2FA) bypass vulnerability. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/over-10-000-fortinet-firewalls-exposed-to-ongoing-2fa-bypass-attacks/
-
TriZetto Data Breach Triggers Class-Action Lawsuits Against Cognizant
Cognizant faces lawsuits after a prolonged TriZetto data breach exposed sensitive healthcare data. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/trizetto-data-breach-triggers-class-action-lawsuits-against-cognizant/
-
Hacker Group Claims Responsibility for Alleged Tokyo FM Broadcasting Breach
A threat actor operating under the alias >>victim
-
Cognizant Faces Multiple US Class-Action Lawsuits After TriZetto Data Breach
Cognizant Technology Solutions is facing a wave of legal challenges in the United States following a significant data breach at its subsidiary, TriZetto Provider Solutions (TPS). The IT services giant has been hit with at least three class-action lawsuits alleging that it failed to protect sensitive healthcare data and delayed notifying victims for nearly a…
-
RondoDoX Botnet Abuses React2Shell Vulnerability for Malware Deployment
Tags: attack, botnet, control, cyber, data-breach, exploit, infrastructure, iot, malware, threat, vulnerabilityCloudSEK has uncovered a sustained nine-month campaign by the RondoDoX botnet operation, revealing rapid exploitation of emerging vulnerabilities including the critical React2Shell vulnerability. Analysis of exposed command-and-control logs spanning March through December 2025 demonstrates how threat actors swiftly adapted attack infrastructure following public disclosure, pivoting from traditional IoT targets to weaponizing Next.js applications within days…
-
Flock Exposes Its AI-Enabled Surveillance Cameras
404 Media has the story: Unlike many of Flock’s cameras, which are designed to capture license plates as people drive by, Flock’s Condor cameras are pan-tilt-zoom (PTZ) cameras designed to record and track people, not vehicles. Condor cameras can be set to automatically zoom in on people’s faces as they walk through a parking lot,…
-
Breach Roundup: Clop Tied to Korean Air Vendor Breach
Also: China-Linked APT Hijack Updates, Condé Nast Data Leaked, La Poste Hit. This week, a Clop-linked vendor breach hit Korean Air, a China-linked APT hijacked software updates, a critical zero-day flaw remained unpatched, Condé Nast faced a data leak, La Poste was disrupted and Korean police extradited a malware operation suspect. First seen on govinfosecurity.com…
-
Cryptohack Roundup: $7M Trust Wallet Hack
Indian Police Arrests Ex-Coinbase Staffer Over Data Breach Charges. This week, a $7 million Trust Wallet extension hack, arrest of an ex-Coinbase support agent, the U.S. sued alleged perpetrators of a $14M scam, Polymarket hack update, early release scheduled for former Alameda CEO, backlash on Flow’s post-exploit rollback plan and Grubhub-linked holiday Bitcoin scam. First…
-
Knownsec Data Breach: A Trove of Espionage Tradecraft with an Insider Narrative
First seen on resecurity.com Jump to article: www.resecurity.com/blog/article/knownsec-data-breach-a-trove-of-espionage-tradecraft-with-an-insider-narrative
-
Hacker Claims European Space Agency Breach, Selling 200GB of Data
A hacker using the alias 888 is claiming responsibility for a major data breach affecting the European Space… First seen on hackread.com Jump to article: hackread.com/hacker-european-space-agency-data-breach/
-
ESA disclosed a data breach, hackers breached external servers
ESA confirmed a data breach after a hacker offered to sell stolen data, confirming that external science servers were compromised. The European Space Agency (ESA) disclosed a data breach after a threat actor offered to sell data allegedly stolen from the organization. A hacker who goes online with the moniker “888” announced on BreachForums the…
-
Trust Wallet Chrome Extension Hack Drains $8.5M via Shai-Hulud Supply Chain Attack
Trust Wallet on Tuesday revealed that the second iteration of the Shai-Hulud (aka Sha1-Hulud) supply chain outbreak in November 2025 was likely responsible for the hack of its Google Chrome extension, ultimately resulting in the theft of approximately $8.5 million in assets.”Our Developer GitHub secrets were exposed in the attack, which gave the attacker access…
-
DarkSpectre Browser Extension Campaigns Exposed After Impacting 8.8 Million Users Worldwide
The threat actor behind two malicious browser extension campaigns, ShadyPanda and GhostPoster, has been attributed to a third attack campaign codenamed DarkSpectre that has impacted 2.2 million users of Google Chrome, Microsoft Edge, and Mozilla Firefox.The activity is assessed to be the work of a Chinese threat actor that Koi Security is tracking under the…
-
Coupang announces $1.17B compensation plan for 33.7M data breach victims
Coupang will spend about $1.17B to compensate 33.7 million users affected by a data breach, providing purchase vouchers to those impacted. Coupang announced it will spend about $1.17 billion to compensate 33.7 million people affected by a recent data breach, providing purchase vouchers to impacted users. >>Coupang plans to provide customers with purchase vouchers worth…
-
75,000 MongoDBs Exposed as Attackers Exploit ‘MongoBleed’
Tags: data, data-breach, exploit, flaw, group, Internet, mitigation, ransomware, risk, software, vulnerabilityPatches Issued for MongoBleed as Ransomware Groups Target Flaw to Steal Data. Tens of thousands of internet-exposed MongoDB databases are at risk as attackers actively target a critical vulnerability in the software to steal sensitive data, with ransomware groups having joined the fray, researchers warn. MongoDB has issued patches and mitigation advice. First seen on…
-
Coupang recovers smashed laptop that alleged data leaker threw into river
South Korean online retailer Coupang is defending its response to a major data breach by an insider, releasing more details of the investigation, including a MacBook recovered from a river bottom. First seen on therecord.media Jump to article: therecord.media/coupang-recovers-smashed-laptop-data-breach
-
Korean Air data breach exposes data of thousands of employees
Korean Air experienced a data breach affecting thousands of employees after Korean Air Catering & Duty-Free (KC&D), its in-flight catering supplier and former subsidiary, was recently hacked. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/korean-air-data-breach-exposes-data-of-thousands-of-employees/
-
React2Shell: Anatomy of a max-severity flaw that sent shockwaves through the web
What the research quickly agreed on: Across early reports from Wiz, Palo Alto Networks’ Unit 42, Google AWS, and others, there was a strong alignment on the core mechanics of React2Shell. Researchers independently confirmed that the flaw lives inside React’s server-side rendering pipeline and stems from unsafe deserialization in the protocol used to transmit component…
-
Wired-Abonnentendatenbank geleakt
Ein Datenleck erschüttert das Magazin Wired. Hacker haben persönliche Informationen von 2,3 Millionen Abonnenten erbeutet und verkaufen diese nun. First seen on golem.de Jump to article: www.golem.de/news/hacker-wired-abonnentendatenbank-geleakt-2512-203646.html
-
Wired-Abonnentendatenbank geleakt
Ein Datenleck erschüttert das Magazin Wired. Hacker haben persönliche Informationen von 2,3 Millionen Abonnenten erbeutet und verkaufen diese nun. First seen on golem.de Jump to article: www.golem.de/news/hacker-wired-abonnentendatenbank-geleakt-2512-203646.html