#cybersecurity-incident

[ follow ]
#data-breach #incident-response #phishing-attack #companies-house #data-security-breach #ransomware
Information security
fromSecurityWeek
2 days ago

SailPoint Discloses GitHub Repository Hack

Unauthorized access to a subset of GitHub repositories was detected and contained, with no evidence of customer data access or service interruption.
Information security
fromtheregister
5 days ago

Hackers ate my homework: Educational SaaS Canvas down after cyberattack

ShinyHunters claimed responsibility for a Canvas disruption, alleging lax patching, data theft, and demanding a May 12 settlement.
fromKotaku
1 month ago

Gacha Game Distributes Malware, Apologizes With 10 Free Pulls

Umbral Stealer is an infostealer virus that can record keystrokes and take screenshots. In basic terms, it attempts to harvest sensitive information from the machines it infects, as it's primarily geared towards stealing users' passwords and cryptocurrency. The virus was distributed via a patch to Duet Night Abyss' launcher, which went live on Steam at 7:39 am UTC on March 18.
Information security
#data-breach
Privacy professionals
fromSecurityWeek
1 month ago

Security Firm Aura Discloses Data Breach Impacting 900,000 Records

Aura suffered a data breach affecting 900,000 records after a phishing attack compromised an employee account for approximately one hour, exposing names, email addresses, and contact information of roughly 35,000 customers.
Privacy professionals
fromComputerWeekly.com
1 month ago

Companies House restarts online services following cyber breach | Computer Weekly

Companies House restored its WebFiling service after discovering a security flaw that exposed personal data and allowed unauthorized actions to logged-in users with authorization codes.
Privacy professionals
fromSecurityWeek
2 months ago

Starbucks Data Breach Impacts Employees

Starbucks experienced a data breach affecting approximately 900 employees through phishing attacks that compromised Partner Central accounts, exposing names, social security numbers, dates of birth, and financial information.
more#data-breach
fromSecuritymagazine
1 month ago

Targeted Phishing Attack Breaches Biotech Company Data

This phishing attack enabled the threat actor to access 'certain internal IT business applications.' The malicious actor gained unauthorized entry by compromising an employee's access to the organization's internal network for business administration.
Information security
#data-security-breach
fromwww.bbc.com
1 month ago
Privacy professionals

Firms urged to check if other users edited their data on Companies House

Companies House experienced a security vulnerability in its WebFiling system that allowed logged-in users to view and edit other companies' sensitive data, including directors' home addresses and emails, before being resolved within three days.
fromTheregister
1 month ago
Privacy professionals

UK's corporate registry fixes data exposing technical error

Companies House shut down its WebFiling platform for a weekend to fix a security flaw that exposed directors' personal details and allowed unauthorized modifications to company records for any logged-in user.
Privacy professionals
fromwww.bbc.com
1 month ago

Firms urged to check if other users edited their data on Companies House

Companies House experienced a security vulnerability in its WebFiling system that allowed logged-in users to view and edit other companies' sensitive data, including directors' home addresses and emails, before being resolved within three days.
Privacy professionals
fromTheregister
1 month ago

UK's corporate registry fixes data exposing technical error

Companies House shut down its WebFiling platform for a weekend to fix a security flaw that exposed directors' personal details and allowed unauthorized modifications to company records for any logged-in user.
more#data-security-breach
Information security
fromSecurityWeek
2 months ago

Polyfill Supply Chain Attack Impacting 100k Sites Linked to North Korea

The 2024 Polyfill.io supply chain attack affecting over 100,000 websites involved both Chinese and North Korean threat actors, with Funnull serving as a corporate front for the operation.
Information security
fromSecurityWeek
2 months ago

Michelin Confirms Data Breach Linked to Oracle EBS Attack

Michelin confirmed a data breach from the Cl0p ransomware group's Oracle EBS zero-day exploitation campaign affecting over 100 organizations.
fromComputerworld
2 months ago

FBI wiretap system tapped by hackers

The FBI identified and addressed suspicious activities on FBI networks, and we have leveraged all technical capabilities to respond.
Information security
Cryptocurrency
fromDataBreaches.Net
2 months ago

South Korean Authorities Accidentally Hand Hackers $4.8M in Crypto - DataBreaches.Net

South Korea's National Tax Service exposed a crypto wallet recovery key in a press release photo, enabling hackers to steal $4.8 million from seized assets.
Information security
fromSecurityWeek
2 months ago

Medical Device Maker UFP Technologies Hit by Cyberattack

UFP Technologies detected a cybersecurity intrusion on February 14 involving file theft and IT system disruption, with operations continuing despite impacts to billing and delivery label systems.
fromSecurityWeek
2 months ago

Ad Tech Company Optimizely Targeted in Cyberattack

The threat actor gained access to Optimizely's systems through a sophisticated voice-phishing attack, but was unable to escalate privileges, install software, or create any backdoors in the Optimizely environment. The incident was confined to certain internal business systems including Zendesk, records in our Salesforce CRM, and a limited set of internal documents used for back-office operations.
Information security
Information security
fromTheregister
7 months ago

SonicWall breach hit every cloud backup customer, not 5%

All customers who used SonicWall's MySonicWall cloud backup service had their firewall configuration backup files accessed in a cybersecurity breach.
#healthcare-data-breach
more#healthcare-data-breach
fromDataBreaches.Net
8 months ago

Pharmaceutical Company Inotiv Confirms Ransomware Attack - DataBreaches.Net

"The company's preliminary investigation determined that a threat actor gained unauthorized access to, and encrypted certain of, the company's systems," Inotiv says.
Information security
Information security
fromDatabreaches
1 year ago

OK: Cyberattack shuts down Bartlesville School network, state testing postponed

A network security incident disrupted Bartlesville Public Schools' systems, leading to canceled state testing and an investigation into the breach.
[ Load more ]