Tag: data-breach
-
Millions of US patient data exposed by MongoDB misconfiguration
First seen on scworld.com Jump to article: www.scworld.com/brief/millions-of-us-patient-data-exposed-by-mongodb-misconfiguration
-
Newspaper giant Lee Enterprises says nearly 40,000 Social Security numbers leaked in ransomware attack
Lee Enterprises notified regulators in Maine of the impact on customer data after a ransomware attack in February that caused significant disruptions. First seen on therecord.media Jump to article: therecord.media/newspaper-lee-enterprises-cyberattack-ssn
-
Vast array of solar power equipment left exposed online
The most commonly exposed device has been discontinued and vulnerable for a decade, new research found. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/solar-equipment-exposed-vulnerable-forescout/749806/
-
Data breach at newspaper giant Lee Enterprises affects 40,000 people
The ransomware attack paralyzed newspaper printing and disrupted operations at media outlets across the country for weeks. First seen on techcrunch.com Jump to article: techcrunch.com/2025/06/04/data-breach-at-newspaper-giant-lee-enterprises-affects-40000-people/
-
Media giant Lee Enterprises says data breach affects 39,000 people
Publishing giant Lee Enterprises is notifying over 39,000 people whose personal information was stolen in a February 2025 ransomware attack. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/media-giant-lee-enterprises-says-data-breach-affects-39-000-people/
-
Coinbase Aware of Data Breach Since January, Report Reveals
Major Coinbase breach involving a significant customer data leak. Stay informed and protect your assets. Read more! First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/06/coinbase-aware-of-data-breach-since-january-report-reveals/
-
Nearly 3,000 North Face website customer accounts breached as retail incidents continue
The parent company of apparel brand The North Face sent data breach notification letters to about 3,000 customer accounts, saying attackers used the technique known as credential stuffing. First seen on therecord.media Jump to article: therecord.media/north-face-customer-accounts-data-breach-notification
-
Malicious PyPI, npm, and Ruby Packages Exposed in Ongoing Open-Source Supply Chain Attacks
Several malicious packages have been uncovered across the npm, Python, and Ruby package repositories that drain funds from cryptocurrency wallets, erase entire codebases after installation, and exfiltrate Telegram API tokens, once again demonstrating the variety of supply chain threats lurking in open-source ecosystems.The findings come from multiple reports published by Checkmarx, First seen on thehackernews.com…
-
35,000 Internet-Connected Solar Power Systems Vulnerable to Cyberattacks
Forescout Research Vedere Labs has uncovered that nearly 35,000 solar power devices, including inverters, data loggers, and gateways from 42 vendors, are exposed on the internet with vulnerable management interfaces. Identified using the Shodan search engine, these devices represent a critical cybersecurity risk to global power grids, especially as renewable energy sources like solar power…
-
Threat Actor Bribes Overseas Support Agents to Steal Coinbase Customer Data
On May 15, 2025, Coinbase, the largest U.S. cryptocurrency exchange, publicly disclosed a major security breach that exposed the sensitive personal data of 69,461 users”, less than 1% of its monthly transacting base, but a significant figure given the depth of information compromised. This incident was not a typical crypto hack exploiting blockchain vulnerabilities; instead,…
-
Cartier disclosed a data breach following a cyber attack
Luxury-goods conglomerate Cartier disclosed a data breach that exposed customer information after a cyberattack. Cartier has disclosed a data breach following a cyberattack that compromised its systems, exposing customers’ personal information. The incident comes amid a wave of cyberattacks targeting luxury fashion brands. The luxury firm states that the threat actors gained access to >>limited…
-
Datenleck bei Unterwegs: Großer Outdoor-Shop bestätigt Cyberangriff
Ein Cyberangriff auf den Unterwegs Outdoor Shop betrifft die Daten zahlreicher Kunden. Passwörter für den Onlineshop sind vorsorglich zurückgesetzt worden. First seen on golem.de Jump to article: www.golem.de/news/datenleck-bei-unterwegs-grosser-outdoor-shop-bestaetigt-cyberangriff-2506-196821.html
-
Bevor es ‘knallt”: Wie DataContainment Angriffe stoppt, bevor sie eskalieren
Ransomware-Angriffe verdoppeln sich, Erkennungszeiten bleiben erschreckend lang und trotzdem setzen viele Unternehmen noch immer auf reaktive Sicherheit. Dabei liegt der Schlüssel zur Cyber-Resilienz längst in der proaktiven Eindämmung. Wie Data-Breach-Containment zur tragenden Säule moderner IT-Sicherheitsarchitekturen wird durch Mikrosegmentierung, automatische Isolierung und eine kompromisslose Zero-Trust-Strategie. First seen on itsicherheit-online.com Jump to article: www.itsicherheit-online.com/news/security-management/bevor-es-knallt-wie-data-breach-containment-angriffe-stoppt-bevor-sie-eskalieren/
-
Datenschutzvorfall bei Unterwegs Outdoor Shop GmbH (Mai 2025)
Kurze Information für Blog-Leser, die Kunden der Unterwegs Outdoor Shop GmbH sind. Diese informiert gerade, dass man im Mai 2025 einen Datenabfluss hatte. Bei einem Cyberangriff auf die IT-Systeme des Unternehmens kam es zu einem Datenschutzvorfall nach Art. 34 DSGVO, … First seen on borncity.com Jump to article: www.borncity.com/blog/2025/06/04/datenschutzvorfall-bei-unterwegs-outdoor-shop-gmbh/
-
Code Bug at Compliance Firm Vanta Leaks Customer Data to Other Clients
Compliance automation provider Vanta confirms a software bug exposed private customer data to other users, impacting hundreds of… First seen on hackread.com Jump to article: hackread.com/code-bug-compliance-vanta-data-leak-customer-clients/
-
Coinbase breach tied to bribed TaskUs support agents in India
A recently disclosed data breach at Coinbase has been linked to India-based customer support representatives from outsourcing firm TaskUs, who threat actors bribed to steal data from the crypto exchange. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/coinbase-breach-tied-to-bribed-taskus-support-agents-in-india/
-
What Tackling the SaaS Security Problem Means to Me
By Kevin Hanes, CEO of Reveal Security When I reflect on the years I spent leading one of the world’s largest Security Operations Centers (SOCs) and incident response teams, the lessons learned aren’t just war stories”¦they’re a playbook for how we should rethink our responsibilities in the face of today’s fast-evolving attack surfaces. Back then,…
-
Posture ≠Protection
CSPM, DSPM, ASPM, SSPM, ESPM, the alphabet soup of Security Posture Management (SPM) tools promises visibility into risk. They map misconfigurations, surface exposure paths and highlight policy gaps. That can be useful. But let’s not confuse awareness with action. They don’t block threats.They don’t enforce controls.They don’t prevent breaches. SPMs detect, then delegate. A ticket.…
-
Interlock and the Kettering Ransomware Attack: ClickFix’s Persistence
Tags: access, attack, breach, captcha, ciso, computer, control, credentials, cyberattack, data, data-breach, detection, endpoint, exploit, group, healthcare, HIPAA, incident response, injection, malicious, mobile, network, phishing, powershell, ransom, ransomware, risk, saas, service, technology, threat, tool, vulnerabilityIn healthcare, every minute of downtime isn’t just a technical problem”Š”, “Šit’s a patient safety risk. CNN recently reported that Kettering Health, a major hospital network in Ohio, was hit by a ransomware attack. According to CNN, the Interlock ransomware group claimed responsibility, sending a chilling reminder that healthcare remains a prime target for this particular…
-
Cartier-Datenleck: Was Betroffene jetzt tun können
Ein Hackerangriff hat persönliche Kundendaten der Luxusmarke Cartier offengelegt. Betroffene können unter Umständen Anspruch auf Schadensersatz geltend machen auch ohne konkreten Missbrauch ihrer Daten. First seen on it-daily.net Jump to article: www.it-daily.net/it-sicherheit/cybercrime/cartier-datenleck
-
Hackers Abuse AI Tool Misconfigurations to Execute Malicious AI-Generated Payloads
A malicious threat actor has exploited a misconfigured instance of Open WebUI, a widely-used self-hosted AI interface with over 95,000 stars on GitHub, designed to enhance large language models (LLMs). This incident underscores the growing risks associated with internet-exposed AI tools, as attackers leveraged administrative access on a vulnerable system to inject malicious AI-generated Python…
-
Bevor es ‘knallt”: Wie Data Breach Containment Angriffe stoppt, bevor sie eskalieren
Ransomware-Angriffe verdoppeln sich, Erkennungszeiten bleiben erschreckend lang und trotzdem setzen viele Unternehmen noch immer auf reaktive Sicherheit. Dabei liegt der Schlüssel zur Cyber-Resilienz längst in der proaktiven Eindämmung. Wie Data Breach Containment zur tragenden Säule moderner IT-Sicherheitsarchitekturen wird durch Mikrosegmentierung, automatische Isolierung und eine kompromisslose Zero-Trust-Strategie. First seen on itsicherheit-online.com Jump to article: www.itsicherheit-online.com/news/security-management/bevor-es-knallt-wie-data-breach-containment-angriffe-stoppt-bevor-sie-eskalieren/
-
Cryptojacking campaign relies on DevOps tools
A cryptojacking campaign is targeting exposed DevOps servers like Docker and Gitea to secretly mine cryptocurrency. Wiz researchers uncovered a cryptojacking campaign, tracked as JINX-0132, targeting exposed DevOps applications like Nomad, Consul, Docker, Gitea to secretly mine cryptocurrency. Threat actors behind the campaign are exploiting a wide range of known misconfigurations and vulnerabilities to deliver the miner.…
-
Unbefugter Zugriff bei einer Luxusmodemarke aus Frankreich
Cartier discloses data breach amid fashion brand cyberattacks First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/cartier-discloses-data-breach-amid-fashion-brand-cyberattacks/
-
Cartier discloses data breach amid fashion brand cyberattacks
Luxury fashion brand Cartier is warning customers it suffered a data breach that exposed customers’ personal information after its systems were compromised. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/cartier-discloses-data-breach-amid-fashion-brand-cyberattacks/
-
MainStreet Bank reports vendor cyber incident that leaked customer info
In regulatory filings with the Securities and Exchange Commission, MainStreet Bank’s holding company said a cyber incident connected to a third-party vendor had exposed information. First seen on therecord.media Jump to article: therecord.media/Main-street-cyber-incident-bank