Tag: data-breach
-
SitusAMC Breach Exposes Data From 100+ Financial Institutions
A breach at SitusAMC exposed data from over 100 financial institutions, heightening concerns about third-party risk in banking. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/situsamc-breach-exposes-data-from-100-financial-institutions/
-
Hack of SitusAMC Puts Data of Financial Services Firms at Risk
SitusAMC, a services provider with clients like JP MorganChase and Citi, said its systems were hacked and the data of clients and their customers possibly compromised, sending banks and other firms scrambling. The data breach illustrates the growth in the number of such attacks on third-party providers in the financial services sector. First seen on…
-
Hack of SitusAMC Puts Data of Financial Services Firms at Risk
SitusAMC, a services provider with clients like JP MorganChase and Citi, said its systems were hacked and the data of clients and their customers possibly compromised, sending banks and other firms scrambling. The data breach illustrates the growth in the number of such attacks on third-party providers in the financial services sector. First seen on…
-
Shai-Hulud 2.0: over 14,000 secrets exposed
On November 24, a new wave of the Shai-Hulud supply chain attack emerged. The threat actors exfiltrate stolen credentials directly to GitHub repositories created with compromised tokens. GitGuardian identified 14,206 secrets across 487 organizations, with 2,485 still valid. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/11/shai-hulud-2-0-over-14000-secrets-exposed/
-
Shai-Hulud 2.0: over 14,000 secrets exposed
On November 24, a new wave of the Shai-Hulud supply chain attack emerged. The threat actors exfiltrate stolen credentials directly to GitHub repositories created with compromised tokens. GitGuardian identified 14,206 secrets across 487 organizations, with 2,485 still valid. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/11/shai-hulud-2-0-over-14000-secrets-exposed/
-
Critical Firefox Bug Leaves 180M Users Exposed
A hidden WebAssembly bug in Firefox exposed 180 million users to potential code execution. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/critical-firefox-bug-leaves-180m-users-exposed/
-
Real-estate finance services giant SitusAMC breach exposes client data
SitusAMC, a company that provides back-end services for top banks and lenders, disclosed on Saturday a data breach it had discovered earlier this month that impacted customer data. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/real-estate-finance-services-giant-situsamc-breach-exposes-client-data/
-
Delta Dental of Virginia data breach impacts 145,918 customers
Delta Dental of Virginia suffered a data breach that exposed personal and health data of about 146,000 customers after the hack of an email account. A security breach at the dental care provider Delta Dental of Virginia (DDVA) exposed data of about 146,000 people, including names, Social Security numbers, ID numbers, and health information, after…
-
JPMorgan, Citi, Morgan Stanley assess fallout from SitusAMC data breach
Tags: advisory, breach, cyberattack, cybersecurity, data, data-breach, email, finance, incident response, microsoft, regulation, risk, risk-management, service, technology, threat, tool, update, vulnerabilityThird-party breaches accelerating: The SitusAMC incident is part of a broader trend of increasing cyberattacks targeting third-party vendors in the financial services sector. Third parties accounted for 30% of data breaches in 2024, a 15% increase from 2023, according to Venminder’s State of Third-Party Risk Management 2025 survey. The survey found 49% of organizations experienced…
-
Harvard University discloses data breach affecting alumni, donors
Harvard University disclosed over the weekend that its Alumni Affairs and Development systems were compromised in a voice phishing attack, exposing the personal information of students, alumni, donors, staff, and faculty members. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/harvard-university-discloses-data-breach-affecting-alumni-donors/
-
Harvard University discloses data breach affecting alumni, donors
Harvard University disclosed over the weekend that its Alumni Affairs and Development systems were compromised in a voice phishing attack, exposing the personal information of students, alumni, donors, staff, and faculty members. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/harvard-university-discloses-data-breach-affecting-alumni-donors/
-
JPMorgan, Citi, Morgan Stanley assess fallout from SitusAMC data breach
Tags: advisory, breach, cyberattack, cybersecurity, data, data-breach, email, finance, incident response, microsoft, regulation, risk, risk-management, service, technology, threat, tool, update, vulnerabilityThird-party breaches accelerating: The SitusAMC incident is part of a broader trend of increasing cyberattacks targeting third-party vendors in the financial services sector. Third parties accounted for 30% of data breaches in 2024, a 15% increase from 2023, according to Venminder’s State of Third-Party Risk Management 2025 survey. The survey found 49% of organizations experienced…
-
Iberia Airlines Notifies Customers of Supply Chain Data Breach
Spanish airline Iberia has begun emailing its customers about a supplier data breach First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/iberia-airlines-supply-chain-data/
-
CrowdStrike Terminates ‘Suspicious Insider’ Linked to Scattered Lapsus$ Hunters
Cybersecurity firm CrowdStrike confirmed the termination of a “suspicious insider” who allegedly shared internal information with hackers. The move came after an internal investigation revealed that the individual had leaked images of his computer screen externally, potentially exposing sensitive company dashboards. First seen on thecyberexpress.com Jump to article: thecyberexpress.com/crowdstrike-suspicious-insider-incident/
-
Iberia discloses security incident tied to supplier breach
Iberia warns customers of a supplier-related data breach as a threat actor claims to hold 77GB of stolen airline data. Iberia is warning customers about a data breach after a third-party supplier was hacked by a threat actor who claims to have stolen 77 GB of airline data. Iberia is the flag carrier airline of…
-
Week in review: Stealth-patched FortiWeb vulnerability under active exploitation, Logitech data breach
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: The tech that turns supply chains from brittle to unbreakable In this Help … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/11/23/week-in-review-stealth-patched-fortiweb-vulnerability-under-active-exploitation-logitech-data-breach/
-
Saturday Security: Zero-Day Logitech Breach Exposes 1.8TB of Data
Logitech, a prominent PC accessories brand, has recently confirmed a major data breach after cybercriminals exploited a zero-day vulnerability in a third-party platform. While Logitech assures that exposed data was limited and credit card numbers, as well as national IDs, were not stored on the impacted systems, the situation remains concerning. The notorious Clop ransomware……
-
Saturday Security: Zero-Day Logitech Breach Exposes 1.8TB of Data
Logitech, a prominent PC accessories brand, has recently confirmed a major data breach after cybercriminals exploited a zero-day vulnerability in a third-party platform. While Logitech assures that exposed data was limited and credit card numbers, as well as national IDs, were not stored on the impacted systems, the situation remains concerning. The notorious Clop ransomware……
-
Cox Enterprises discloses Oracle E-Business Suite data breach
Cox Enterprises is notifying impacted individuals of a data breach that exposed their personal data to hackers who breached the company network after exploiting a zero-day flaw in Oracle E-Business Suite. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/cox-enterprises-discloses-oracle-e-business-suite-data-breach/
-
Cox Enterprises discloses Oracle E-Business Suite data breach
Cox Enterprises is notifying impacted individuals of a data breach that exposed their personal data to hackers who breached the company network after exploiting a zero-day flaw in Oracle E-Business Suite. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/cox-enterprises-discloses-oracle-e-business-suite-data-breach/
-
Salesforce: Some Customer Data Accessed via Gainsight Breach
An attack on the app of CRM platform-provider Gainsight led to the data of hundreds of Salesforce customers being compromised, highlighting the ongoing threats posed by third-party software in SaaS environments and illustrating how one data breach can lead to others, cybersecurity pros say. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/11/salesforce-some-customer-data-accessed-via-gainsight-breach/
-
Salesforce: Some Customer Data Accessed via Gainsight Breach
An attack on the app of CRM platform-provider Gainsight led to the data of hundreds of Salesforce customers being compromised, highlighting the ongoing threats posed by third-party software in SaaS environments and illustrating how one data breach can lead to others, cybersecurity pros say. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/11/salesforce-some-customer-data-accessed-via-gainsight-breach/
-
CrowdStrike Fires Employee for Leaking Internal System Info to Hackers
Cybersecurity giant CrowdStrike has terminated an employee who allegedly shared sensitive internal system information with a notorious hacking collective. The incident involved the leak of internal screenshots posted on a public Telegram channel operated by the threat group known as >>Scattered Lapsus$ Hunters>>. Insider Threat Detected Through Screen Sharing The leaked images displayed internal dashboards,…
-
CrowdStrike denies breach after insider sent internal screenshots to hackers
CrowdStrike says an insider shared internal screenshots with hackers but confirms no system breach and no customer data exposure. BleepingComputer first reported that CrowdStrike said an insider shared internal system screenshots with hackers, after Scattered Lapsus$ Hunters leaked them on Telegram. The company stresses that no systems were breached and no customer data was exposed.…
-
WhatsApp API Could Bulk Leak User Telephone Numbers
Researchers Were Able to Query 3.5 Billion Accounts. Security researchers were able to scoop up the telephone numbers of billions of WhatsApp users through an enumeration tool provided by app owner Meta. The sheer quantity of leaked numbers – 3.5 billion in total – would amount to the largest data leak in history. First seen…
-
FCC Drops Telecom Cyber Rules Despite China Espionage Warnings
Experts say the FCC’s rollback of cyber rules leaves U.S. telecom networks exposed to escalating China-linked espionage threats. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/fcc-drops-telecom-cyber-rules-despite-china-espionage-warnings/