From 112K to 4M folks' data – HR biz attack goes from bad to mega bad
It took a 1 year+ probe, plenty of client calls for VeriSource to understand just how much of a yikes it has on its hands
Cyber-crime28 Apr 2025 | 6
Data Breach
Back online after 'catastrophic' attack, 4chan says it's too broke for good IT
Image board hints that rumors of a poorly maintained back end may be true
Security28 Apr 2025 | 28
Blue Shield says it shared health info on up to 4.7M patients with Google Ads
Tech giants don't need smartphone mics to target adverts – your insurer just gives your data away, anyway
CSO23 Apr 2025 | 24
Law firm 'didn't think' data theft was a breach, says ICO. Now it's nursing a £60K fine
DPP Law is appealing against data watchdog's conclusions
Security16 Apr 2025 | 23
Where it Hertz: Customer data driven off in Cleo attacks
Car hire biz takes your privacy seriously, though
Cyber-crime15 Apr 2025 | 7
Old Fortinet flaws under attack with new method its patch didn't prevent
Infosec In Brief PLUS: Chinese robodogs include backdoor; OpenAI helps spammer; A Dutch data disaster; And more!
Security14 Apr 2025 | 6
BROADER TOPICS
Oracle faces Texas-sized lawsuit over alleged cloud snafu and radio silence
Victims expect to spend considerable time and money over privacy incident, lawyers argue
PaaS + IaaS02 Apr 2025 | 9
Check Point confirms breach, but says it was 'old' data and crook made 'false' claims
Explanation leaves a 'lot of questions unanswered,' says infosec researcher
Cyber-crime31 Mar 2025 | 4
Cardiff's children's chief confirms data leak 2 months after cyber risk was 'escalated'
Department director admits Welsh capital's council still trying to get heads around threat of dark web leaks
Security28 Mar 2025 | 3
Infosec pro Troy Hunt HasBeenPwned in Mailchimp phish
16,000 stolen records pertain to former and active mail subscribers
Cyber-crime25 Mar 2025 | 37
23andMe's genes not strong enough to avoid Chapter 11
CEO steps down after multiple failed attempts to take the DNA testing company private
Cyber-crime24 Mar 2025 | 46
Oracle Cloud says it's not true someone broke into its login servers and stole data
Despite evidence to the contrary as alleged pilfered info goes on sale
Cyber-crime23 Mar 2025 | 29
Names, bank info, and more spills from top sperm bank
Cyber-crime is officially getting out of hand
Bootnotes19 Mar 2025 | 17
'Uber for nurses' exposes 86K+ medical records, PII in open S3 bucket for months
Exclusive Non-password-protected, unencrypted 108GB database … what could possibly go wrong
Security11 Mar 2025 | 14
Allstate Insurance sued for delivering personal info on a platter, in plaintext, to anyone who went looking for it
Crooks built bots to exploit astoundingly bad quotation website and made off with data on thousands
CSO10 Mar 2025 | 10
Wallbleed vulnerability unearths secrets of China's Great Firewall 125 bytes at a time
Boffins poked around inside censorship engines – here's what they found
Networks27 Feb 2025 | 38
Rather than add a backdoor, Apple decides to kill iCloud encryption for UK peeps
Infosec in brief Plus: SEC launches new crypto crime unit; Phishing toolkit upgraded; and more
Security24 Feb 2025 | 89
Twin Google flaws allowed researcher to get from YouTube ID to Gmail address in a few easy steps
Infosec In Brief PLUS: DOGE web design disappoints; FBI stops crypto scams; Zacks attacked again; and more!
Security17 Feb 2025 | 13
2 charged over alleged New IRA terrorism activity linked to cops' spilled data
Officer says mistakenly published police details were shared 'a considerable amount of times'
Security14 Feb 2025 | 21
Have I Been Pwned likely to ban resellers from buying subs, citing 'sh*tty behavior' and onerous support requests
'What are customers actually getting from resellers other than massive price markups?' asks Troy Hunt
Channel13 Feb 2025 | 33
DeepSeek's iOS app is a security nightmare, and that's before you consider its TikTok links
Infosec In Brief PLUS: Spanish cops think they've bagged NATO hacker; HPE warns staff of data breach; Lazy Facebook phishing, and more!
Security10 Feb 2025 | 23
Grubhub serves up security incident with a side of needing to change your password
Contact info and partial payment details may be compromised
Cyber-crime04 Feb 2025 |
Medical monitoring machines spotted stealing patient data, users warned to pull the plug ASAP
Infosec in brief PLUS: MGM settles breach suits; AWS doesn't trust you with security defaults; A new .NET backdoor; and more
Security03 Feb 2025 | 9
CDNs: Great for speeding up the internet, bad for location privacy
Infosec in brief Also, Subaru web portal spills user deets, Tornado Cash sanctions overturned, a Stark ransomware attack, and more
Security27 Jan 2025 | 5
Datacus extractus: Harry Potter publisher breached without resorting to magic
Infosec in brief PLUS: Allstate sued for allegedly tracking drivers; Dutch DDoS; More fake jobs from Pyongyang; and more
Security20 Jan 2025 | 7
Infoseccer: Private security biz let guard down, exposed 120K+ files
Assist Security’s client list includes fashion icons, critical infrastructure orgs
Security16 Jan 2025 | 14
GoDaddy slapped with wet lettuce for years of lax security and 'several major breaches'
Watchdog alleged it had no SIEM or MFA, orders rapid adoption of basic infosec tools
CSO15 Jan 2025 | 13
Europe coughs up €400 to punter after breaking its own GDPR data protection rules
Infosec in brief PLUS: Data broker leak reveals extent of info trading; Hot new ransomware gang might be all AI, no bark; and more
Security13 Jan 2025 | 15
Turbulence at UN aviation agency as probe into potential data theft begins
Crime forum-dweller claims to have leaked 42,000 documents packed with personal info
Cyber-crime07 Jan 2025 |
Telemetry data from 800K VW Group EVs exposed online
Infosec in Brief PLUS: DoJ bans data sale to enemy nations; Do Kwon extradited to US; Tenable CEO passes away; and more
Security06 Jan 2025 | 45
Ireland fines Meta for 2018 'View As' breach that exposed 30M accounts
€251 million? Zuck can find that in his couch cushions, but Meta still vows to appeal
Security17 Dec 2024 | 13
Deloitte says cyberattack on Rhode Island benefits portal carries 'major security threat'
Personal and financial data probably stolen
Cyber-crime16 Dec 2024 | 2
RansomHub claims to net data hat-trick against Bologna FC
Crooks say they have stolen sensitive files on managers and players
Cyber-crime30 Nov 2024 | 2
Ransom gang claims attack on NHS Alder Hey Children's Hospital
Second alleged intrusion on English NHS org systems this week
Cyber-crime29 Nov 2024 | 21
Helpline for Yakuza victims fears it leaked their personal info
Organized crime types tend not to be kind to those who go against them, so this is nasty
Security22 Nov 2024 | 20
Keyboard robbers steal 171K customers' data from AnnieMac mortgage house
Names and social security numbers of folks looking for the biggest loan of their lives exposed
Cyber-crime15 Nov 2024 | 6
Cybercriminal devoid of boundaries gets 10-year prison sentence
Serial extortionist of medical facilities stooped to cavernous lows in search of small payouts
Cyber-crime14 Nov 2024 | 6
Kids' shoemaker Start-Rite trips over security again, spilling customer card info
Updated Full details exposed, putting shoppers at serious risk of fraud
Cyber-crime14 Nov 2024 | 14
Amazon confirms employee data exposed in leak linked to MOVEit vulnerability
Over 5 million records from 25 organizations posted to black hat forum
Cyber-crime12 Nov 2024 | 2
FBI issues warning as crooks ramp up emergency data request scams
Just because it's .gov doesn't mean that email is trustworthy
Cyber-crime11 Nov 2024 | 12
Cyberattackers stole Microlise staff data following DHL, Serco disruption
Experts say incident has 'all the hallmarks of ransomware'
Cyber-crime06 Nov 2024 | 5
Columbus, Ohio, confirms 500K people affected by Rhysida ransomware attack
Victims were placed in serious danger following highly sensitive data dump
Cyber-crime04 Nov 2024 | 5
Healthcare Services Group discloses 'cybersecurity incident' in SEC filing
Laundry and dining provider still investigating cause and scope
Cybersecurity Month18 Oct 2024 | 5
Troubled US insurance giant hit by extortion after data leak
Globe Life claims blackmailers shared stolen into with short sellers
Security17 Oct 2024 |
Brazilian police claim they've cuffed serial cybercrook behind FBI and Airbus attacks
Early stage opsec failures lead to landmark arrest of suspected serial data thief
Cybersecurity Month17 Oct 2024 | 3
US contractor pays $300K to settle accusation it didn't properly look after Medicare users' data
Resolves allegations it improperly stored screenshots containing PII that were later snaffled
Cybersecurity Month16 Oct 2024 | 7
US healthcare org admits up to 400,000 people's personal info was snatched
It waited till just before Columbus Day weekend to make mandated filing, but don't worry, we saw it
Cybersecurity Month14 Oct 2024 | 3
Healthcare attacks spread beyond US – just ask India's Star Health
Updated Acknowledges bulk customer data leak weeks after Telegram channels dangled it online
Cyber-crime11 Oct 2024 | 1
Internet Archive user info stolen in cyberattack, succumbs to DDoS
31M folks' usernames, email addresses, salted-encrypted passwords now out there
Cybersecurity Month10 Oct 2024 | 22
About a quarter million Comcast subscribers had their data stolen from debt collector
Cable giant says ransomware involved, FBCS keeps schtum
Cybersecurity Month04 Oct 2024 | 6
Sensitive data on 61K+ patients accessed in Alabama hospital cyberattack
Intruder pored over medical records, insurance details, Social Security numbers in some cases
Cybersecurity Month03 Oct 2024 |
Northern Ireland cops whose info was leaked in 2023 may get £240M+ damages
Officers put in danger when republican dissidents grabbed hold of their names and details
Legal25 Sep 2024 | 2
Apple's latest macOS release is breaking security software, network connections
Infosec In Brief PLUS: Payer of $75M ransom reportedly identified; Craigslist founder becomes security philanthropist, and more
Security23 Sep 2024 | 22
Cybercrooks strut away with haute couture Harvey Nichols data
Nothing high-end about the sparsely detailed, poorly publicized breach
Cyber-crime20 Sep 2024 | 10
Thousands of orgs at risk of knowledge base data leaks via ServiceNow misconfigurations
Updated Better check your widgets, people
Research19 Sep 2024 | 7
Rhysida ransomware gang ships off Port of Seattle data for $6M
Auction acts as payback after authority publicly refuses to pay up
Cyber-crime17 Sep 2024 | 2
Down and out: Aegon's pension pothole and TfL's mystery 'maintenance'
When is maintenance maintenance, and when is it 'we've been pwned'?
On-Prem10 Sep 2024 | 15
1.7M potentially pwned after payment services provider takes a year to notice break-in
Criminals with plenty of time on their hands may now have credit card details
Cyber-crime09 Sep 2024 | 17
Kremlin-linked COLDRIVER crooks take pro-democracy NGOs for phishy ride
The latest of many attempts to stifle perceived threats to Putin's regime
Security09 Sep 2024 | 10
Check your IP cameras: There's a new Mirai botnet on the rise
Infosec in brief Also, US offering $2.5M for Belarusian hacker, Backpage kingpins jailed, additional MOVEit victims, and more
Security31 Aug 2024 | 22
Plane tracker app FlightAware admits user data exposed for years
Updated Privacy blunder alert omits number of key details
Security20 Aug 2024 | 42
National Public Data tells officials 'only' 1.3M people affected by intrusion
Investigators previously said the number was much, much higher
Cyber-crime19 Aug 2024 | 6
Biting the hand that feeds IT
