Tag: data-breach
-
Qantas data breach impacted 5.7 million individuals
Australia’s largest airline Qantas has confirmed that the recent data breach impacted 5.7 million individuals. Early this month, Australian airline Qantas disclosed a cyberattack after hackers accessed a third-party platform used by a call centre, stealing significant customer data. The breach, linked to ongoing Scattered Spider activity, was detected and contained on Monday. Qantas confirmed that while…
-
Qantas Confirms 5.7 Million Customers Hit by Data Breach
Qantas says nearly six million passengers were impacted by a recent data breach First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/qantas-57m-data-breach/
-
Unbefugter Zugriff bei einem Glücksspielunternehmen in Irland
Up to 800,000 Betfair and Paddy Power customers hit by data breach First seen on irishtimes.com Jump to article: www.irishtimes.com/business/2025/07/09/up-to-800000-betfair-and-paddy-power-customers-hit-by-data-breach/
-
McDonald’s AI Hiring Bot Exposed with ‘123456’ Password, Millions of Job”‘Seekers’ Data at Risk
A shocking security vulnerability in McDonald’s AI-powered hiring system has exposed the personal information of millions of job applicants, after security researchers discovered they could access the entire database using the laughably weak password >>123456.
-
Exploit details released for Citrix Bleed 2 flaw affecting NetScaler
Tags: access, advisory, authentication, backdoor, backup, citrix, credentials, cve, data-breach, endpoint, exploit, flaw, leak, mitigation, password, theft, tool, vulnerability, zero-daySimilarities to the original Citrix Bleed: CVE-2025-5777 has been dubbed Citrix Bleed 2 due to its similarities to a zero-day information disclosure vulnerability fixed in October 2023 (CVE-2023-4966) that received the Citrix Bleed moniker because it enabled attackers to leak session tokens from memory, allowing for session takeover with multifactor authentication bypass.Similarly, CVE-2025-5777 can lead…
-
McDonald’s AI Hiring Bot Exposed Millions of Applicants’ Data to Hackers Using the Password ‘123456’
Basic security flaws left the personal info of tens of millions of McDonald’s job-seekers vulnerable on the “McHire” site built by AI software firm Paradox.ai. First seen on wired.com Jump to article: www.wired.com/story/mcdonalds-ai-hiring-chat-bot-paradoxai/
-
McDonald’s AI Hiring Bot Exposed Millions of Applicants’ Data to Hackers Using the Password ‘123456’
Basic security flaws left the personal info of tens of millions of McDonald’s job-seekers vulnerable on the “McHire” site built by AI software firm Paradox.ai. First seen on wired.com Jump to article: www.wired.com/story/mcdonalds-ai-hiring-chat-bot-paradoxai/
-
Qantas confirms data breach impacts 5.7 million customers
Australian airline Qantas has confirmed that 5.7 million people have been impacted by a recent data breach, in which threat actors stole customers’ data. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/qantas-confirms-data-breach-impacts-57-million-customers/
-
Driver’s license numbers, addresses leaked in 2024 bitcoin ATM company breach
Bitcoin Depot, which operates cryptocurrency ATMs across North America, says information belonging to more than 26,000 people was breached in an incident last year. First seen on therecord.media Jump to article: therecord.media/bitcoin-depot-cryptocurrency-atm-company-data-breach
-
Nippon Steel Solutions suffered a data breach following a zero-day attack
Tags: attack, breach, cloud, cybersecurity, data, data-breach, exploit, hacker, network, vulnerability, zero-dayNippon Steel Solutions reported a data breach caused by hackers exploiting a zero-day vulnerability in their network equipment. Nippon Steel Solutions, a subsidiary of Japan’s Nippon Steel, disclosed a data breach, attackers exploited a zero-day vulnerability. The company provides cloud and cybersecurity services. On March 7, 2025, Nippon Steel Solutions detected suspicious server activity and…
-
Bitcoin Depot breach exposes data of nearly 27,000 crypto users
Bitcoin Depot, an operator of Bitcoin ATMs, is notifying customers of a data breach incident that has exposed their sensitive information. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/bitcoin-depot-breach-exposes-data-of-nearly-27-000-crypto-users/
-
The 2025 Verizon Data Breach Report: A Wake-Up Call for MSPs
The data paints a clear picture:”¯A full 20%”¯of breaches this year stemmed from exploitation of known vulnerabilities, a”¯34%”¯increase from last year. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/07/the-2025-verizon-data-breach-report-a-wake-up-call-for-msps/
-
Qantas begins telling some customers that mystery attackers have their home address
Plus: Confirms less serious data points like meal preferences also leaked First seen on theregister.com Jump to article: www.theregister.com/2025/07/09/qantas_begins_telling_customers_data/
-
Server with Rockerbox Tax Firm Data Exposed 286GB of Records
Cybersecurity researcher Jeremiah Fowler uncovered a massive 286GB data exposure at Texas-based Rockerbox, a tax credit consultancy. Exposed data includes SSNs, DD214s, and financial details, raising serious identity theft and fraud concerns. First seen on hackread.com Jump to article: hackread.com/rockerbox-server-tax-firm-exposed-sensitive-records/
-
Qantas details impact of data breach on 5.7 million customers
Australian flag carrier begins notifying millions of individuals after a cyber attack on a call centre, confirming that while financial and passport details are safe, a significant volume of other personal information was compromised First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366627295/Qantas-details-impact-of-data-breach-on-57-million-customers
-
Qantas details impact of data breach on 5.7 million customers
Australian flag carrier begins notifying millions of individuals after a cyber attack on a call centre, confirming that while financial and passport details are safe, a significant volume of other personal information was compromised First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366627295/Qantas-details-impact-of-data-breach-on-57-million-customers
-
Chinese Data Leak Reveals Salt Typhoon Contractors
China’s Hack-For-Hire Scene Disgorges Another Leak. The Chinese nation-state threat actor tracked as Salt Typhoon is operated by a clutch of private firms whose clients include multiple Chinese government agencies, finds analysis of leaked data by Spy Cloud. Researchers found a spreadsheet listing buyers, sellers and financial transaction details. First seen on govinfosecurity.com Jump to…
-
Chinese Data Leak Reveals Salt Typhoon Contractors
China’s Hack-For-Hire Scene Disgorges Another Leak. The Chinese nation-state threat actor tracked as Salt Typhoon is operated by a clutch of private firms whose clients include multiple Chinese government agencies, finds analysis of leaked data by Spy Cloud. Researchers found a spreadsheet listing buyers, sellers and financial transaction details. First seen on govinfosecurity.com Jump to…
-
Microsoft 365 PDF Export Feature Vulnerable to LFI Sensitive Data at Risk
A critical security vulnerability in Microsoft 365’s PDF export functionality has been discovered and subsequently patched, highlighting significant risks to sensitive enterprise data. The vulnerability, which earned its discoverer a $3,000 bounty from Microsoft’s Security Response Center (MSRC), exposed a Local File Inclusion (LFI) attack vector that could potentially compromise confidential system information across multi-tenant…
-
South Korean Government Imposes Penalties on SK Telecom for Breach
Following a breach at the country’s top mobile provider that exposed 27 million records, the South Korean government imposed a small monetary penalty but stiff regulatory requirements. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/south-korea-imposes-penalties-sk-telecom-breach
-
Hackers Use Leaked Shellter Tool License to Spread Lumma Stealer and SectopRAT Malware
In yet another instance of threat actors repurposing legitimate tools for malicious purposes, it has been discovered that hackers are exploiting a popular red teaming tool called Shellter to distribute stealer malware.The company behind the software said a company that had recently purchased Shellter Elite licenses leaked their copy, prompting malicious actors to weaponize the…
-
Overcoming Technical Barriers in Desktop and Application Virtualization
Exposed RDP ports are an open door for attackers. TruGrid SecureRDP enforces Zero Trust and MFA, blocks lateral movement, and secures remote access”, no open firewall ports required. Learn more and get a free trial. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/overcoming-technical-barriers-in-desktop-and-application-virtualization/
-
Hunderte Restaurants betroffen – Datenleck bei Gastro-Software-Anbieter Karvi
First seen on security-insider.de Jump to article: www.security-insider.de/datenleck-karvi-solutions-restaurants-betroffen-a-def108da50cb4845be4918933a3f9e67/
-
The trust crisis in the cloud”¦and why blockchain deserves a seat at the table
Tags: access, blockchain, breach, cloud, compliance, control, credentials, crypto, data, data-breach, framework, gartner, iam, identity, infrastructure, jobs, risk, threat, tool, zero-trustLimited visibility and tamperable logs. Cloud providers manage logs and telemetry internally. As tenants, we often depend on them to provide logs after an incident without a guarantee of tamper-proof integrity. This lack of transparency hampers forensic investigations and incident response.Privilege concentration and insider risk. CSP administrators often hold elevated access privileges, making them single…
-
The trust crisis in the cloud”¦and why blockchain deserves a seat at the table
Tags: access, blockchain, breach, cloud, compliance, control, credentials, crypto, data, data-breach, framework, gartner, iam, identity, infrastructure, jobs, risk, threat, tool, zero-trustLimited visibility and tamperable logs. Cloud providers manage logs and telemetry internally. As tenants, we often depend on them to provide logs after an incident without a guarantee of tamper-proof integrity. This lack of transparency hampers forensic investigations and incident response.Privilege concentration and insider risk. CSP administrators often hold elevated access privileges, making them single…
-
Hacks Lead Health Data Breach Trends So Far in 2025
345 Major HIPAA Breaches Reported to Feds So Far This Year, Affecting 29.9 Million. Midway through 2025, the federal website listing major health data breaches in the U.S. shows a familiar scene: Many hacking incidents including ransomware, dozens of third-party vendor incidents, and millions of individuals affected by compromised personal data. First seen on govinfosecurity.com…
-
ATT Reaches $177M Deal Over 2019 and 2024 Data Breaches
ATT’s $177M data breach settlement. Check eligibility for payouts from 2019 and 2024 incidents. Get claim details here. First seen on hackread.com Jump to article: hackread.com/att-reaches-deal-over-2019-2024-data-breaches/
-
Qantas is being extorted in recent data-theft cyberattack
Qantas has confirmed that it is now being extorted by threat actors following a cyberattack that potentially exposed the data for 6 million customers. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/qantas-is-being-extorted-in-recent-data-theft-cyberattack/