Tag: data-breach
-
Estonia issues arrest warrant for Moroccan wanted for major pharmacy data breach
Estonia said a man is suspected of unlawfully accessing a customer card database managed by Allium UPI, the parent company of the Apotheka pharmacy chain, in February 2024. First seen on therecord.media Jump to article: therecord.media/estonia-arrest-warrant-pharmacy-data-breach
-
Hacker stehlen Coca-Cola-Daten
Der Coca-Cola-Abfüller Coca-Cola Europacific Partners ist von einem Datenleck betroffen.Cyberkriminelle behaupten in einem Darknet-Post, mehr als 64 Gigabyte Daten mit 23 Millionen Einträgen von Coca-Cola Europacific Partners gestohlen zu haben. Darunter befinden sich demnach Kundendaten und Kontaktinformationen, Verkaufsfälle und Produktdaten, Lieferadressen und Telefonnummern sowie Bestellnummern und Zusammenfassungen.Der Coca-Cola-Produzent hat sich bisher noch nicht offiziell zu…
-
Microsoft OneDrive Flaw Exposes Users to Data Overreach Risks
A flaw in OneDrive File Picker has exposed millions to data overreach through excessive OAuth permissions First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/microsoft-onedrive-flaw-exposes/
-
Salt Typhoon Believed to Be Behind Commvault Data Breach
Tags: advisory, backup, breach, china, cisa, cloud, credentials, data, data-breach, group, hacking, infrastructure, microsoft, threat, vulnerabilityCISA Advisory Says Threat Actors Stole App Secrets in Azure-Hosted Backup Platform. A suspected Chinese state hacking group linked to last year’s telecom intrusions breached Commvault’s Microsoft Azure environment, exposing sensitive Microsoft 365 credentials and reigniting fears over U.S. cloud infrastructure vulnerabilities and default security settings. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/salt-typhoon-believed-to-be-behind-commvault-data-breach-a-28496
-
Adidas Falls Victim to Third-Party Data Breach
Though Adidas said that no payment or financial information was affected in the breach, individuals who contacted the compamy’s customer service help desk were impacted. First seen on darkreading.com Jump to article: www.darkreading.com/vulnerabilities-threats/adidas-victim-third-party-data-breach
-
eSkimming Security Driving Bottom Line Results through Fraud Reduction and Revenue Maximization
by Source Defense Even with the PCI DSS 4.0 deadline now behind us, many organizations are still exposed to costly eSkimming threats and compliance gaps. Source Defense recently hosted a webinar to explore how compliance actually drives better business outcomes as seen through the lens of the positive bottom line impacts of implementing PCI First…
-
Adidas customers’ personal information at risk after data breach
Lovers of Adidas clothes would be wise to be on their guard against phishing attacks, after the German sportswear giant revealed that a cyber attack had exposed the personal information of customers. First seen on bitdefender.com Jump to article: www.bitdefender.com/en-us/blog/hotforsecurity/adidas-customers-personal-information-at-risk-after-data-breach
-
New Self-Spreading Malware Infects Docker Containers to Mine Dero Cryptocurrency
Misconfigured Docker API instances have become the target of a new malware campaign that transforms them into a cryptocurrency mining botnet.The attacks, designed to mine for Dero currency, is notable for its worm-like capabilities to propagate the malware to other exposed Docker instances and rope them into an ever-growing horde of mining bots.Kaspersky said it…
-
Datenleck und jetzt? So erfährst du, ob du betroffen bist
Tags: data-breachFirst seen on t3n.de Jump to article: t3n.de/news/datenleck-account-gehackt-wie-ueberpruefen-1689607/
-
Coinbase Hit with Lawsuit Over $400M Data Breach and Stock Loss
Coinbase faces a class action lawsuit over a data breach. Learn about the implications for investors and the importance of secure authentication. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/05/coinbase-hit-with-lawsuit-over-400m-data-breach-and-stock-loss/
-
Massive Data Breach Exposes 184 Million Login Credentials
A major data breach exposed 184 million login credentials. Discover the risks and learn how to protect yourself from cyber threats. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/05/massive-data-breach-exposes-184-million-login-credentials/
-
Adidas Customer Information Compromised Through Third-Party Vendor
German sportswear giant Adidas has confirmed a data breach after cybercriminals accessed customer data through a third-party customer service provider. The breach, disclosed on May 23, 2025, did not involve sensitive information such as passwords or payment details but did expose the contact information of customers who had previously interacted with Adidas’ help desk. This…
-
Employees Searching Payroll Portals on Google Tricked Into Sending Paychecks to Hackers
Threat hunters have exposed a novel campaign that makes use of search engine optimization (SEO) poisoning techniques to target employee mobile devices and facilitate payroll fraud.The activity, first detected by ReliaQuest in May 2025 targeting an unnamed customer in the manufacturing sector, is characterized by the use of fake login pages to access the employee…
-
Everest Ransomware Leaks Coca-Cola Employee Data Online
Everest ransomware leaks Coca-Cola employee data: 1,104 files exposed, including HR, admin roles, IDs, personal details, and internal records. First seen on hackread.com Jump to article: hackread.com/everest-ransomware-leaks-coca-cola-employee-data/
-
Adidas warns of data breach after customer service provider hack
German sportswear giant Adidas disclosed a data breach after attackers hacked a customer service provider and stole some customers’ data. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/adidas-warns-of-data-breach-after-customer-service-provider-hack/
-
Unbefugter Zugriff bei einem Sportartikelhersteller aus Deutschland
Adidas warns of consumer data breach First seen on reuters.com Jump to article: www.reuters.com/business/retail-consumer/adidas-warns-consumer-data-breach-2025-05-23/
-
1,2 Milliaden Datensätze im Darknet – Milliarden-großes Datenleck bei Facebook
First seen on security-insider.de Jump to article: www.security-insider.de/cyberkriminalitaet-facebook-nutzerdaten-darknet-a-3151a10b6b43b5317ec168a643a85ec1/
-
SilverRAT Source Code Leaked Online: Here’s What You Need to Know
SilverRAT Source Code leaked on GitHub, exposing powerful malware tools for remote access, password theft, and crypto attacks before removal. First seen on hackread.com Jump to article: hackread.com/silverrat-source-code-leaked-online-you-need-to-know/
-
Marlboro-Chesterfield Pathology data breach impacted 235,911 individuals
SafePay ransomware hit Marlboro-Chesterfield Pathology, stealing personal data of 235,000 people in a major breach. SafePay ransomware hit Marlboro-Chesterfield Pathology, stealing personal data of 235,000 people in a major breach at the North Carolina-based lab. Marlboro-Chesterfield Pathology (MCP), founded in 1990 in Pinehurst, NC, is a full-service lab offering molecular, cytology, and pathology testing. Known…
-
No Power Outage, Just a Data One: Nova Scotia Hit by Ransomware Surge
Nova Scotia Power has confirmed it was the victim of a ransomware attack, weeks after initially alerting customers to a cybersecurity breach. The utility, owned by Emera Inc., revealed that the attack resulted in a data breach impacting approximately 280,000 customers”, but emphasized it has not paid the ransom demanded by the attackers. First seen…
-
Datenleck: Adidas bestätigt Abfluss von Kundendaten durch Cyberangriff
Daten einer noch unbekannten Anzahl von Adidas-Kunden sind wohl in die Hände eines Angreifers gelangt. Betroffene werden informiert. First seen on golem.de Jump to article: www.golem.de/news/datenleck-adidas-bestaetigt-abfluss-von-kundendaten-durch-cyberangriff-2505-196573.html
-
Kundendaten von Adidas gestohlen
Bei einem Cyberangriff auf einen Dienstleister sind Kundendaten von Adidas abgeflossen.Medienberichten zufolge sind Kundendaten von Adidas in die Hände eines Hackers gelangt. Demnach erfolgte der Zugriff über einen Dienstleister für den Kundenservice. “Wir haben umgehend alle erforderlichen Maßnahmen eingeleitet, um den Vorfall einzudämmen”, versicherte der Sportartikelhersteller am vergangenen Freitag (23. Mai 2025).Nach Angaben von Adidas…
-
D-Link Routers Exposed by Hard-Coded Telnet Credential
A recently disclosed vulnerability (CVE-2025-46176) exposes critical security flaws in D-Link’s DIR-605L and DIR-816L routers, revealing hardcoded Telnet credentials that enable remote command execution. The vulnerability affects firmware versions 2.13B01 (DIR-605L) and 2.06B01 (DIR-816L), scoring 6.5 on the CVSS v3.1 scale with medium severity. Security researchers identified improper command neutralization (CWE-77) as the root cause,…
-
TA-ShadowCricket: Sophisticated Hacker Group Targeting Government and Enterprise Networks
A decade-long cyber espionage campaign orchestrated by the advanced persistent threat (APT) group TA-ShadowCricket has been exposed through a joint investigation by South Korea’s AhnLab and the National Cyber Security Center (NCSC). The group, previously identified as Shadow Force, has systematically compromised over 2,000 systems across 72 countries since 2012, with primary targets in government…
-
Apache Tomcat RCE Vulnerability Exposed with PoC Released
Tags: apache, container, control, cve, cyber, data-breach, flaw, malicious, open-source, rce, remote-code-execution, vulnerabilityA critical security vulnerability, tracked as CVE-2025-24813, has been discovered in Apache Tomcat, a widely used open-source Java servlet container and web server. This flaw, stemming from improper handling of file paths, particularly those containing internal dots (e.g., file.Name)”, can allow attackers to bypass security controls, leading to remote code execution (RCE), information disclosure, and…
-
Coinbase-Datenleck: Was Betroffene jetzt tun können
Ein aufsehenerregender Hackerangriff erschüttert die Kryptobörse Coinbase: Kriminelle gelangten durch Bestechung an sensible Kundendaten und fordern nun ein Millionen-Lösegeld. Die Betroffenen können auf Entschädigung hoffen auch ohne nachgewiesenen Missbrauch. First seen on it-daily.net Jump to article: www.it-daily.net/it-sicherheit/cybercrime/coinbase-datenleck-betroffene
-
The US Is Building a One-Stop Shop for Buying Your Data
Plus: A mysterious hacking group’s secret client is exposed, Signal takes a swipe at Microsoft Recall, Russian hackers target security cameras to spy on aid to Ukraine, and more. First seen on wired.com Jump to article: www.wired.com/story/us-spies-one-stop-shop-private-data/
-
Unbefugter Zugriff bei einer Internet-Apotheke aus Tschechien
Große Versandapotheke informiert Kunden über Datenleck First seen on golem.de Jump to article: www.golem.de/news/volksversand-grosse-versandapotheke-informiert-kunden-ueber-datenleck-2505-196520.html
-
Emulating the Blazing DragonForce Ransomware
AttackIQ has released two new attack graphs that emulate the behaviors exhibited by DragonForce ransomware since its emergence in August 2023. Initially based entirely on the leaked LockBit 3.0 (Black) builder, it evolved with the introduction of a customized variant derived from the Conti V3 codebase. DragonForce operators may potentially be behind the recent cyber…
-
Naukri exposed recruiter email addresses, researcher says
The recruiter website fixed the email address exposure earlier this week. First seen on techcrunch.com Jump to article: techcrunch.com/2025/05/23/naukri-exposed-recruiter-email-addresses-researcher-says/