April 29, 2024 at 03:41PM The FCC has fined major U.S. wireless carriers around $200 million for sharing customers’ real-time location data without consent. AT&T, Sprint, T-Mobile, and Verizon faced fines for unauthorized disclosure of location information. Carriers sold data to third parties without obtaining valid customer consent, failing to safeguard it as required by … Read more
April 15, 2024 at 04:19PM Roku is enforcing mandatory two-factor authentication for all users following two incidents where customer accounts were compromised. Approximately 591,000 customers were affected, with 400 having their accounts used for unauthorized purchases. The breach did not expose sensitive financial or personal information, and Roku has reset passwords for the affected accounts. … Read more
April 12, 2024 at 11:06AM Roku disclosed two separate incidents of account breaches in March, with approximately 576,000 accounts compromised in the latest attack. Threat actors utilized stolen login information from other platforms to execute credential stuffing attacks. While some accounts were used for unauthorized purchases, Roku confirmed no sensitive information was accessed. Additionally, the … Read more
April 10, 2024 at 10:44AM AT&T notifies 51 million current and former customers of a data breach, exposing personal information in a hacking forum. Despite delay, AT&T confirmed the data’s origin and issued identity theft protection. Customers urged to monitor accounts. AT&T faces lawsuits for delay and risks of cyber attacks. The breach raises concerns … Read more
April 4, 2024 at 10:30AM Omni Hotels & Resorts announced a cyberattack prompted system shutdowns on March 29. With operations in 50 upscale North American hotels and around 14,000 employees, the chain has restored most systems and is investigating the event’s scope with external specialists. Though suspected as ransomware, no group has claimed responsibility. Customers … Read more
April 1, 2024 at 04:09PM AT&T denies unauthorized access but admits data set on Dark Web including sensitive customer information is genuine. Based on the meeting notes, the key takeaway is that AT&T denies unauthorized access but acknowledges that a data set containing sensitive customer information has been released on the Dark Web, affirming its … Read more
March 14, 2024 at 09:08AM Nissan Oceania has disclosed a cyberattack in December 2023, attributed to the Akira ransomware operation, affecting 100,000 people. Stolen data includes personal employee information, government IDs, and other personal details. Nissan plans to notify impacted individuals, offering support services and urging vigilance against potential fraudulent activities. From the meeting notes, … Read more
March 4, 2024 at 12:41PM American Express warns of third-party data breach leading to potential exposure of credit card details. A merchant processor was hacked, impacting American Express Card member data. The company states their systems were not compromised and is notifying affected customers. They advise monitoring account statements and enabling fraud alerts, as well … Read more
January 23, 2024 at 11:50AM Jason’s Deli warns of a data breach affecting customers’ personal data in a credential stuffing attack. Hackers obtained member account credentials from other sources and used them to target the restaurant’s website. The breach exposes various customer information. The company cannot specify the number of affected accounts but is notifying … Read more
December 20, 2023 at 07:51AM Comcast’s Xfinity recently disclosed a data breach affecting approximately 36 million individuals to US authorities. Hackers accessed customer data, including personal details and hashed passwords. The breach possibly impacts all Xfinity customers and employees. The attack exploited a Citrix Netscaler ADC and Gateway vulnerability named CitrixBleed, despite Xfinity’s prompt patch … Read more