July 4, 2024 at 12:18PM A threat actor compromised Ethereum’s mailing list provider and sent a phishing email to over 35,000 addresses, luring recipients to a malicious site offering investment returns. Ethereum disclosed the incident, stating it had no material impact. The internal security team launched an investigation, blocked the attacker, and warned the community. … Read more
July 4, 2024 at 03:37AM Twilio confirmed a data breach where hackers leaked 33 million phone numbers and account IDs associated with Authy. However, Twilio found no evidence of access to its systems and advised users to update security measures. The breach could lead to phishing and smishing attacks, urging heightened awareness among Authy users. … Read more
July 4, 2024 at 02:01AM Brain Cipher, the group behind the hacking of Indonesia’s Temporary National Data Center, has apologized and released an encryption key to the government. The key was a 54 kb ESXi file, with its effectiveness yet to be confirmed. The group shared its motive, claiming to act as penetration testers and … Read more
July 3, 2024 at 11:51PM Twilio, a cloud communications provider, disclosed a mobile security breach in the Authy 2FA app. Threat actors exploited an unauthenticated endpoint to access user data, prompting the company to secure the endpoint. Although no direct system breach was proven, Twilio urged users to upgrade their apps due to possible phishing … Read more
July 3, 2024 at 03:39PM HealthEquity, a healthcare fintech firm, experienced a data breach when a partner’s account was compromised, resulting in unauthorized access to sensitive health information. The investigation revealed that hackers gained access through the partner’s account and exfiltrated data. HealthEquity is notifying affected individuals and offering credit monitoring and identity restoration services … Read more
July 3, 2024 at 12:13PM In 2024, ransomware demands have soared, with an average extortion demand per attack surpassing $5.2 million in the first half of the year. The largest demand was $100 million following an attack on India’s RCC, followed by demands of $50 million and $25 million for other organizations. Despite a decrease … Read more
July 3, 2024 at 12:00PM FIA, the international auto racing governing body, revealed unauthorized access to personal data in a phishing attack. It has informed data protection regulators and implemented additional security measures. However, specific details regarding the breach, affected individuals, and stolen data remain undisclosed. The organization emphasized its commitment to data protection and … Read more
July 3, 2024 at 08:41AM almost 300,000 individuals were affected by a ransomware attack at Florida Community Health Centers in June 2023, compromising personal and health information. FCHC is providing impacted individuals with 12 months of complimentary credit monitoring and identity theft protection services. The incident was disclosed to the Maine Attorney General’s Office and … Read more
July 3, 2024 at 08:41AM Patelco Credit Union, serving 500,000 customers, faced a ransomware attack, impacting its online banking, mobile app, and call center. Electronic transactions are unavailable and restoration efforts are ongoing. Patelco emphasized secure system restoration, cooperation with cybersecurity experts, regulators, and law enforcement. Customer reimbursement for late payment fees is assured. Based … Read more
July 2, 2024 at 05:30PM A ransomware attack on a financial services provider has reverberated across its partners, leading to potential exposure of customer data. The attack, launched by the LockBit group, targeted Evolve Bank & Trust, compromising customer information. This has rippled through multiple companies, including Wise and Affirm, prompting investigations and concerns among … Read more