June 5, 2024 at 05:57PM Threat actors are claiming to sell 3TB of data stolen from Advance Auto Parts. The stolen data includes 380 million customer profiles, 140 million customer orders, and other sensitive information. The breach is linked to compromised Snowflake accounts, affecting multiple customers. However, Snowflake claims it was not due to any … Read more
June 5, 2024 at 04:44PM Ariane Systems’ self check-in systems at hotels globally are vulnerable to a kiosk mode bypass flaw, potentially allowing unauthorized access to guests’ personal information and room keys. Despite the researcher’s attempts to alert the vendor, a proper response is pending. Hotel operators are advised to isolate the vulnerable terminals and … Read more
May 22, 2024 at 01:07PM LastPass will begin encrypting URLs in user vaults to boost privacy and protect against breaches. This enhances the zero-knowledge architecture, securing private data. Hardware advancements allow seamless encryption/decryption without browser performance hiccups. The initiative follows past breaches and aims to safeguard user data and comply with zero-knowledge principles. Encryption roll-out … Read more
May 17, 2024 at 02:16PM The SEC will implement new data-breach reporting regulations for financial firms, aiming to modernize consumer data protection rules. The amendments require institutions to address technology risks, develop incident response programs, and notify affected individuals of any breaches. SEC Chair Gary Gensler notes the significant changes in data breaches over the … Read more
May 15, 2024 at 09:00AM Santander bank in Spain disclosed a data breach affecting some customers and employees due to unauthorized access to a third-party database. Santander clarified that the breach only impacted customers in Spain, Chile, and Uruguay, and some former employees. The bank assured customers that their operations and systems are unaffected, and … Read more
May 9, 2024 at 11:30AM Dell recently cautioned about a data breach where a threat actor claimed to have acquired information for about 49 million customers via a breached Dell portal. The stolen data includes names, physical addresses, Dell hardware and order details. Though Dell reassures minimal risk as no financial data was accessed, customers … Read more
April 30, 2024 at 12:56PM The FCC fined top US wireless carriers a total of $200 million for sharing customers’ location information without consent. The investigation, initiated after a sheriff used a location-finding service to access customer data, revealed that the carriers had sold data to two firms. The carriers argue the fines are based … Read more
April 30, 2024 at 11:22AM The Federal Communications Commission fined AT&T, Sprint, T-Mobile, and Verizon a total of nearly $200 million for illegally sharing customers’ location data without consent, following an investigation that began in 2019. The carriers face penalties for failing to protect sensitive real-time location information and violating federal laws. Carriers have the … Read more
April 29, 2024 at 07:26PM The FCC fined AT&T, Verizon, Sprint, and T-Mobile US almost $200 million for selling subscribers’ location data to data brokers. The telcos were ordered to pay between $12 million and $80 million. FCC boss Jessica Rosenworcel emphasized the sensitivity of the data being sold and the carriers’ failure to protect … Read more
April 25, 2024 at 05:13PM The FTC announced $5.6 million in refunds for Ring customers, paid by the Amazon subsidiary. This follows allegations of privacy breaches allowing cybercriminals and employees to spy on customers through Ring security cameras. The FTC accused Ring of inadequate privacy protections, leading to hackers accessing accounts and harassing users. The … Read more