September 13, 2024 at 05:14PM Transport for London (TfL) requires all 30,000 staff to attend in-person appointments for password resets and identity verification following a recent cybersecurity incident. While assuring that customer data remains safe, the agency faces disruptions in internal systems and services. A suspect connected to the attack has been arrested by the … Read more
September 13, 2024 at 03:56PM Fortinet confirms data compromise by hacker “Fortibitch” leaking 440GB of data via BreachForums. The breach impacted less than 0.3% of its customers worldwide. CloudSEK observed leaked customer, financial, and HR data. Incident highlights cloud data exposure risks. Experts suggest rethinking cloud security with multifactor authentication, monitoring, and encryption. The incident … Read more
September 12, 2024 at 11:20AM Transport for London (TfL) has reported a cyberattack on September 1 which compromised customer data such as names, contact details, email addresses, and home addresses. It appears that Transport for London (TfL) has concluded that the cyberattack on September 1 has affected customer data, specifically impacting names, contact details, email … Read more
September 3, 2024 at 05:49AM Transport for London (TfL) is addressing an ongoing cyber security incident, confirming measures to prevent further access to systems and protect customer data. The organization is collaborating with government agencies, and so far, there is no evidence of compromised customer data or impact to services. The incident has affected backroom … Read more
August 20, 2024 at 05:22PM Toyota confirmed a third-party data breach exposing customer data. While initially saying their systems were not breached, a spokesperson later clarified that the data came from a misrepresented third-party entity. The leaked data includes customer and employee details, contracts, and financial information. This follows previous incidents of data breaches at … Read more
August 20, 2024 at 01:33AM Cybersecurity researchers warn of vulnerabilities in thousands of Oracle NetSuite e-commerce sites, exposing customer data. A misconfiguration in NetSuite’s SuiteCommerce platform allows attackers to access sensitive information, requiring site administrators to tighten access controls and temporarily take impacted sites offline. Another disclosure details a way to manipulate credential validation in … Read more
August 16, 2024 at 12:41PM Widespread misconfiguration in Oracle NetSuite’s SuiteCommerce ERP platform has exposed customer data on thousands of websites. The issue, uncovered by AppOmni, allows unauthorized access to sensitive data due to misconfigured access controls on custom record types. NetSuite urged customers to review their security settings, as SaaS security programs need more … Read more
August 8, 2024 at 09:43AM ADT Inc. revealed via a Form 8-K filing with the SEC that hackers have breached its systems, containing customer order information. Based on the meeting notes, it appears that ADT Inc. has disclosed through an 8-K filing with the SEC that hackers have accessed its systems containing customer order details. … Read more
July 17, 2024 at 12:34PM A threat actor leaked personal data of over 440,000 Life360 customers by exploiting a flaw in the login API. The breach also impacted Trello accounts, and Life360 disclosed an extortion attempt linked to a separate Tile customer support platform breach. The exposed information includes names, addresses, email addresses, and phone … Read more
July 16, 2024 at 10:58AM Rite Aid, the third-largest US drugstore chain, suffered a data breach affecting 2.2 million customers’ personal information. The breach, detected on June 6, involved purchase-related data such as names, addresses, and driver’s license numbers, but not Social Security, financial, or health information. The ransomware gang RansomHub claimed responsibility and threatened … Read more