Tag: data-breach
-
Australian Regulator Alleges Financial Firm Exposed Clients to Unacceptable Cyber Risks
ASIC said the financial services firm’s failings led to a data breach impacting nearly 10,000 clients First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/australian-alleges-financial-cyber/
-
What the law says about your next data breach
In this Help Net Security video, Chad Humphries, Solution Consultant, Networks Cyber Security at Rockwell Automation, explores how cyber risk quantification is becoming … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/07/22/data-breach-cyber-risk-quantification-video/
-
Dell Data Breach World Leaks Group Hacks Test Lab Platform
Dell Technologies has acknowledged a significant security incident involving its Customer Solution Centers platform, with the World Leaks extortion group successfully infiltrating the isolated demonstration environment used for showcasing products to commercial clients. The breach, which occurred earlier this month, represents another high-profile attack by the newly rebranded threat actor formerly known as Hunters International.…
-
UK blames Russia’s infamous ‘Fancy Bear’ group for Microsoft cloud hacks
Authentic Antics malware tool to target Microsoft cloud accounts were the handiwork of the notorious Russian Fancy Bear hacking group, the UK’s National Cyber Security Centre (NCSC) has said.Authentic Antics was discovered after a cyberattack in 2023 which prompted an NCSC technical teardown of the malware that it published in May this year. The agency…
-
World Leaks Claims Dell Data Breach, Leaks 1.3 TB of Files
Former Hunters International ransomware gang, now World Leaks, claims 1.3 TB Dell data breach, leaking over 400K files with internal tools and user data. First seen on hackread.com Jump to article: hackread.com/world-leaks-dell-data-breach-leaks-1-3-tb-of-files/
-
ExpressVPN bug leaked user IPs in Remote Desktop sessions
ExpressVPN has fixed a flaw in its Windows client that caused Remote Desktop Protocol (RDP) traffic to bypass the virtual private network (VPN) tunnel, exposing the users’ real IP addresses. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/expressvpn-bug-leaked-user-ips-in-remote-desktop-sessions/
-
Dior begins sending data breach notifications to U.S. customers
The House of Dior (Dior) is sending data breach notifications to U.S. customers informing them that a May cybersecurity incident compromised their personal information. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/dior-begins-sending-data-breach-notifications-to-us-customers/
-
5,2 Millionen deutsche Konten im Jahr 2025 bisher geleakt
Obwohl die Anzahl der Datenlecks im 2. Quartal 2025 im Vergleich zum 1. Quartal um 67 % zurückging (1,3 Millionen vs. 3,9 Millionen), wurden in Deutschland im ersten Halbjahr dennoch über 5,2 Millionen Nutzerkonten kompromittiert. Weltweit zeigen die neuesten Daten einen Anstieg um 34 % von 70 Millionen auf 94 Millionen geleakte Konten. Am […]…
-
Over 1,000 CrushFTP servers exposed to ongoing hijack attacks
Over 1,000 CrushFTP instances currently exposed online are vulnerable to hijack attacks that exploit a critical security bug, providing admin access to the web interface. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/over-1-000-crushftp-servers-exposed-to-ongoing-hijack-attacks/
-
Radiology Associates of Richmond data breach impacts 1.4 million people
A data breach at Radiology Associates of Richmond has exposed the personal and health information of over 1.4 million individuals. Radiology Associates of Richmond has disclosed a data breach that impacted personal and health information of over 1.4 million individuals. Radiology Associates of Richmond (RAR) is a private radiology practice founded in 1905 and based…
-
Threat actors scanning for apps incorporating vulnerable Spring Boot tool
Tags: access, attack, authentication, ciso, compliance, country, credentials, cybersecurity, data, data-breach, email, encryption, endpoint, exploit, finance, flaw, governance, group, hacker, incident response, infrastructure, Internet, kev, nist, organized, password, risk, technology, threat, tool, vulnerability, zero-day/health endpoints, commonly used to detect internet-exposed Spring Boot deployments. If vulnerable implementations of apps, including TeleMessage SGNL, are found, they could be exploited to steal sensitive data in heap memory, including plaintext usernames and passwords. The hole is serious enough that it was added this week to the US Cybersecurity and Infrastructure Security Agency’s Known Exploited…
-
Anne Arundel Dermatology data breach impacts 1.9 million people
Hackers breached Anne Arundel Dermatology systems for three months, potentially exposing personal and health data of 1.9 million people. Anne Arundel Dermatology is a physician-owned and managed dermatology group headquartered in Maryland, founded over 50 years ago. It’s one of the largest dermatology providers in the Mid”‘Atlantic and Southeastern United States, operating more than 100…
-
Scanception Exposed: New QR Code Attack Campaign Exploits Unmonitored Mobile Access
Tags: access, attack, control, credentials, data-breach, detection, exploit, intelligence, malicious, mobile, qrCyble’s Research and Intelligence Lab (CRIL) has analyzed a new quishing campaign that leverages QR codes embedded in PDF files to deliver malicious payloads. The campaign, dubbed Scanception, bypasses security controls, harvests user credentials, and evades detection by traditional systems. First seen on thecyberexpress.com Jump to article: thecyberexpress.com/scanception-qr-code-quishing-campaign/
-
Unbefugter Zugriff bei einer politischen Partei in Australien
Important Notice – Data Breach Notification First seen on unitedaustraliaparty.org.au Jump to article: www.unitedaustraliaparty.org.au/important-notice-data-breach-notification/
-
Topsy-Turvy Data Breach Reality: Incidents Up, Victims Down
Most Compromises Trace to Financial Services, Healthcare, Professional Services. Data breaches rage on. In the first half of this year, the Identity Theft Resource Center counted 1,732 total data breaches affecting 166 million people, marking a rise in data breaches but a decline in victims, likely due to a drop in mega-breaches. First seen on…
-
Over 4 Million Exposed Devices Used in Two New DoS Attack Campaigns
Security researchers have discovered over 4 million vulnerable Internet hosts that can be weaponized for devastating new denial-of-service attacks, marking one of the largest infrastructure vulnerabilities uncovered in recent years. The groundbreaking research, conducted by Angelos Beitis and Mathy Vanhoef from DistriNet at KU Leuven, reveals that millions of devices worldwide accept unauthenticated tunneling traffic…
-
UK’s Co-op Retailer Hit by Cyberattack, 6.5 Million Members’ Data Exposed
The UK’s Co-op retailer has disclosed that all 6.5 million of its members had their personal data stolen during a devastating cyberattack in April 2024. Chief Executive Shirine Khoury-Haq confirmed the full extent of the breach in her first public interview since the incident, expressing her devastation over the attack’s impact on both members and…
-
Datenleck bei Louis Vuitton Malletier (2. Juli 2025)
Louis Vuitton Malletier informiert derzeit seine Kunden über einen Datenschutzvorfall, bei dem persönliche Daten abgezogen wurden, die nun im Darknet auftauchen. Ein Leser informierte mich, dass dies nun das dritte Mal in drei Monaten sei, dass es einen Datenschutzvorfall gegeben … First seen on borncity.com Jump to article: www.borncity.com/blog/2025/07/17/datenleck-bei-louis-vuitton-malletier/
-
United Australia Party Confirms Major Ransomware Attack and Data Breach
The United Australia Party (UAP), led by mining magnate Clive Palmer, has confirmed that it fell victim to a cyberattack late last month, resulting in a serious UAP data breach that may have exposed personal and sensitive information belonging to members, supporters, and others associated with the party. First seen on thecyberexpress.com Jump to article:…
-
Clive Palmer’s Trumpet of Patriots and United Australia parties hit with data breach
Data potentially compromised by the June ransomware attack includes banking records, contact details and employment historyThe political parties run by Australian mining magnate Clive Palmer have been hit with a ransomware attack, with banking records, employment history and other personal information potentially compromised.The Trumpet of Patriots, which ran <a href=”https://www.theguardian.com/australia-news/2025/may/04/clive-palmers-trumpet-of-patriots-fails-to-pick-up-single-lower-house-seat-despite-text-spam-and-ad-blitz”>but did not secure any seats…
-
Unbefugter Zugriff bei einem Schulbezirk in Michigan, USA
Data Breach Notification First seen on maine.gov Jump to article: www.maine.gov/agviewer/content/ag/985235c7-cb95-4be2-8792-a1252b4f8318/a227ebae-c41d-4b42-9b3d-742c45724a25.html
-
Cyber-Zwischenfall bei einer US-Wirtschaftsförderungsgesellschaft
Data Breach Notification First seen on maine.gov Jump to article: www.maine.gov/agviewer/content/ag/985235c7-cb95-4be2-8792-a1252b4f8318/92432803-595d-4344-adcb-727e9eff6573.html
-
Red Teaming AI Systems: Why Traditional Security Testing Falls Short
What if your AI-powered application leaked sensitive data, generated harmful content, or revealed internal instructions and none of your security tools caught it? This isn’t hypothetical. It’s happening now and exposing critical gaps in how we secure modern AI systems. When AI systems like LLMs, agents, or AI-driven applications reach production, many security teams.. First…
-
Over 5.4 Million Affected in Healthcare Data Breach at Episource
A data breach at Episource has exposed the personal information of 5.4 million individuals after attackers accessed systems for 10 days First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/54-million-affected-episource/
-
UnitedHealth-Linked Health Tech Firm Episource Breach Hits 5.4M Patients
Episource breach exposed data of 5.4M patients across the US. Linked to UnitedHealth’s Optum, the health tech firm was hit by a ransomware attack in early 2025. First seen on hackread.com Jump to article: hackread.com/unitedhealth-health-tech-firm-episource-breach/
-
One click to compromise: Oracle Cloud Code Editor flaw exposed users to RCE
Attacks could have a wider blast radius: Because Code Editor operates on the same underlying file system as the Cloud Shell, essentially a Linux home directory in the cloud, attackers could tamper with files used by other integrated services. This turns the flaw in the seemingly contained developer tool into an exposure for lateral movement…
-
Education Sector is Most Exposed to Remote Attacks
CyCognito research finds that a third of education sector APIs, web apps and cloud assets are exposed to attack First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/education-sector-most-exposed-to/
-
Authorities Take Down ‘Diskstation’ Ransomware Gang Targeting Synology NAS Globally
Italian State Police, working alongside French and Romanian authorities, have successfully dismantled a sophisticated ransomware operation known as >>Diskstation
-
Unbefugter Zugriff bei einer Bank auf den Seychellen
Seychelles Commercial Bank Confirms Customer Data Breach First seen on bankinfosecurity.com Jump to article: www.bankinfosecurity.com/seychelles-commercial-bank-confirms-customer-data-breach-a-28972