July 1, 2024 at 12:24PM HubSpot is actively investigating and blocking attempts to hack into customer accounts. They have reported at least 50 targets have been breached, with unauthorized access to less than 50 accounts. The company has taken necessary steps to revoke the attacker’s access and believes the impact will be isolated to a … Read more
June 28, 2024 at 02:27AM TeamViewer detected an “irregularity” in its internal IT environment on June 26, 2024. The company immediately activated a response team and began investigations with cyber security experts. It stated that no customer data was impacted and an investigation is ongoing. The U.S. Health-ISAC issued a bulletin about threat actors’ exploitation … Read more
June 21, 2024 at 01:18AM The U.S. Department of Commerce’s Bureau of Industry and Security imposed a ban on Kaspersky Lab’s U.S. subsidiary and affiliates from offering security software due to national security risks posed by its ties to the Russian government. Kaspersky will be barred from selling to U.S. consumers and businesses starting July … Read more
June 6, 2024 at 11:18AM Pandabuy, a Chinese shopping platform, revealed to BleepingComputer that it paid a ransom to prevent stolen data from being leaked. The threat actor, known as ‘Sanggiero’, attempted to extort the company again, claiming to have 17 million rows of data. Pandabuy confirmed fixing previous vulnerabilities and ceased cooperation with the … Read more
May 29, 2024 at 11:48AM Okta warns of ongoing credential stuffing attacks targeting Customer Identity Cloud (CIC) cross-origin authentication feature since April. The company has identified affected endpoints and advised customers to review logs for specific events, rotate compromised user credentials, and implement passwordless, phishing-resistant authentication. Okta is offering further support through its Customer Support … Read more
May 1, 2024 at 04:36PM Qantas is investigating a privacy breach allowing customers to view others’ boarding passes and flight details on its app, potentially canceling flights. The airline attributes the issue to a technology problem rather than a cyber security incident. Qantas resolved the problem in roughly three hours and advises affected customers to … Read more
April 10, 2024 at 07:58AM A hacker known as “ShopifyGUY” leaked 2GB of personal info from boAt customers in India. The company controls 26% of the wearables market and 40% of earbud sales. Despite selling for $2, the info appears genuine. Companies are advised to invest in anti-exfiltration tools and encrypt their databases to safeguard … Read more
March 5, 2024 at 08:06AM American Express informs customers of a data breach at a third-party services provider, affecting some card members’ account information. Compromised data includes names, card account numbers, and expiration dates. The company is monitoring for fraud and advises impacted individuals on protecting their information. It is unclear how many people were … Read more
January 25, 2024 at 05:14PM Genetic testing provider 23andMe suffered a major data breach, with hackers stealing health reports and raw genotype data of 6.9 million customers over a 5-month period. The breach went undetected from April to September. The stolen data was posted on hacking forums and included vulnerable information like health reports and … Read more
January 7, 2024 at 03:37PM LoanDepot, a leading nonbank mortgage lender in the USA, has been hit by a cyberattack, causing system outages and impacting customer payments and services. The company is actively addressing the incident and advising customers to use its call center for payment assistance. Concerns about data theft and phishing attacks have … Read more