December 5, 2023 at 11:42AM Over 1,600 Hugging Face API tokens were leaked, compromising the security of major organizations using their AI tools, as reported by Lasso. Clear Takeaways from Meeting Notes: 1. Security Issue Identified: The meeting has highlighted a significant security concern where more than 1,600 API tokens associated with Hugging Face have … Read more
November 30, 2023 at 05:56PM Okta updated the impact of its September hack from less than 1% to all customers, revealing the potential for heightened phishing risks due to leaked user data. Despite this, Okta reported a 20% revenue increase and remains optimistic about its identity platforms. However, some are observing a market shift away … Read more
November 29, 2023 at 01:54AM Okta disclosed further activity related to their October 2023 breach, revealing that names and emails of customer support system users were downloaded. Affecting most customers except those using separate support systems, Okta took precautionary steps and is aiding an investigation by digital forensics. The attacker’s identity is unknown, but Scattered … Read more
November 28, 2023 at 02:44PM The Qilin ransomware group has claimed responsibility for a cyber attack on Yanfeng Automotive Interiors, a major automotive parts supplier. The attack disrupted production at Stellantis, and Qilin has threatened to release sensitive data. Qilin is known for targeting companies in all sectors and recently rebranded its ransomware. Group-IB has … Read more
November 28, 2023 at 12:29PM The LockBit 3.0 ransomware group successfully encrypted files and allegedly stole data from Egyptian e-payment provider Fawry. Personal details of Fawry customers were said to have been extracted, leading to banks advising customers to remove their account information. Fawry remains confident that financial transactions will not be impacted, but leaked … Read more
November 25, 2023 at 05:08PM General Electric is investigating a cyberattack where a threat actor breached the company’s development environment and leaked allegedly stolen data. The hacker, known as IntelBroker, attempted to sell access to GE’s development and software pipelines on a hacking forum. They then posted that they are now selling both the network … Read more
November 22, 2023 at 12:40PM The Idaho National Laboratory (INL), a US Department of Energy national lab, experienced a significant data breach on November 19. Employee information, including addresses, Social Security numbers, and bank account details, were leaked. The breach impacted the Oracle HCM system servers that support INL’s Human Resources applications. An investigation involving … Read more
November 21, 2023 at 01:09PM AutoZone, the leading automotive spare parts retailer in the US, has suffered a data breach as part of the Clop MOVEit file transfer attacks. Approximately 185,000 people were affected by the breach, which occurred on May 28, 2023. While the specific data compromised has not been disclosed, identity theft protection … Read more
November 20, 2023 at 07:12AM The Rhysida ransomware group claims responsibility for the October cyberattack on the British Library, leaking stolen data including passport scans and HMRC employment documents. They have initiated an auction for the data with a starting bid of 20 Bitcoin ($745,000). The British Library confirmed the ransomware attack in November and … Read more
November 16, 2023 at 02:04PM Toyota Financial Services (TFS) has experienced unauthorized access on some of its systems in Europe and Africa as a result of a ransomware attack by the Medusa gang. The hackers are demanding an $8 million ransom and have threatened to leak stolen data if it is not paid. TFS has … Read more