July 3, 2024 at 03:39PM HealthEquity, a healthcare fintech firm, experienced a data breach when a partner’s account was compromised, resulting in unauthorized access to sensitive health information. The investigation revealed that hackers gained access through the partner’s account and exfiltrated data. HealthEquity is notifying affected individuals and offering credit monitoring and identity restoration services … Read more
July 2, 2024 at 01:45PM Human Technology Inc. and its affiliates experienced a data security incident from March 14 to March 15, 2024. They promptly initiated an investigation and notified law enforcement. Unauthorized access to sensitive data, such as contact information and medical details, was discovered. Affected individuals were offered identity theft protection and a … Read more
June 28, 2024 at 05:48AM The polyfill.io domain was suspended due to reports of malicious activity, with the Chinese owner claiming defamation. The domain was used to host polyfills, but reports of potential supply chain risks surfaced. Industry players like Google and Cloudflare took action, redirecting links and warning users. Funnull, the Chinese content delivery … Read more
June 19, 2024 at 08:46PM T-Mobile denies breach and source code theft, refutes recent cyberattack claim after IntelBroker’s threat. Screenshots of alleged data breach actually older and stolen from a third-party vendor. IntelBroker’s claim of selling T-Mobile data appears dubious. T-Mobile has faced multiple cybersecurity incidents, their third in less than two years. Source: BleepingComputer … Read more
June 19, 2024 at 03:50PM Advance Auto Parts confirmed a data breach as a threat actor attempted to sell stolen data on a hacking forum. The breach affected personal information of current and former employees, job applicants, and possibly customers. The company will provide breach notifications, identity restoration services, and has incurred $3 million in … Read more
June 17, 2024 at 10:14AM Keytronic, a printed circuit board assembly (PCBA) manufacturing firm, disclosed a data breach after a ransomware attack in which limited data, including personally identifiable information, was accessed and exfiltrated. The company suspended operations in the US and Mexico for two weeks as a precautionary measure. The cyberattack is expected to … Read more
June 17, 2024 at 10:14AM Texas-based insurance company Globe Life is investigating a data breach impacting consumer and policyholder information. The breach, disclosed in an SEC filing, is related to a web portal vulnerability. External access to the portal has been removed, and outside experts have been hired to assist with the investigation. The cyber … Read more
June 13, 2024 at 02:38PM Panera Bread, a U.S. food chain with 2,160 cafes in the U.S. and Canada, suffered a data breach in a March ransomware attack. The breach compromised employee personal data, prompting the company to offer affected individuals a year of identity protection services. The attack caused a week-long system outage, with … Read more
June 11, 2024 at 08:48AM Pure Storage confirmed a security breach in its Snowflake workspace, exposing telemetry data and customer names, usernames, and email addresses. The company took steps to secure its systems and has not found malicious activity on customer infrastructure. The attack was linked to a financially motivated threat actor, targeting organizations without … Read more
June 10, 2024 at 11:32PM Unknown financially motivated crime crew “UNC5537” has stolen a substantial amount of data from Snowflake customers by using stolen credentials. The crew may have ties to “Scattered Spider” and has targeted multiple organizations by compromising contractor systems. The theft was enabled by the absence of multi-factor authentication and the use … Read more