An apparent ransomware incident involving a printing and mailing vendor affects more than double the number of people originally reported as being affected, and the total now nearly reaches 2.7 million individuals. Why are so many vendors reporting huge breaches?
The U.S. Federal Trade Commission filed a lawsuit against Idaho-based data broker Kochava Inc., alleging the company collects and sells sensitive geolocation data, including information about visits to reproductive health clinics. Kochava's actions are an unfair marketplace practice, the FTC says.
Identity and access management giant Okta says some customer data was exposed by the "relentless phishing campaign" that breached Twilio, which it uses to provide some SMS services. Twilio says attackers accessed data for 163 customer organizations.
As ransomware continues to pummel organizations left, right and center, two states have responded by banning certain types of ransom payments, and more look set to soon follow suit. But experts warn such bans could have "terrible consequences," leading to costlier and more complicated recovery.
Food delivery firm DoorDash says its customers and employees have been impacted by the phishing attack on its third-party service provider. DoorDash says it experienced "unusual and suspicious activity" on its third-party vendor's computer network that was a victim of a phishing campaign.
Ethereum is offering up to $1 million bounty to white hat hackers who identify merge-related critical vulnerabilities on its blockchain. The four-fold increase in reward will be applicable between Wednesday and Sept. 8. The merge is set to be completed by Sept. 20
Cryptocurrency trading platform Coinbase faces a proposed class action from a user who says poor security led to the theft of $200,000 from his account. Attempts by plaintiff Manish Aggarwal to contact the company turned into a fight with an "impenetrable automated 'customer service' process."
The recently discovered Russian-linked MagicWeb malware that exploits on-premises Microsoft Active Directory Federated Services servers to persist in compromised systems underscores the benefits of cloud-based infrastructure and a zero trust approach to architecture, security researchers say.
A probe into alleged use of Pegasus spyware on Indian citizens identified malware on five of the 29 volunteers who submitted their devices for forensic examination. The nature of the malware was not disclosed, but Chief Justice of India said New Delhi did not cooperate with investigators.
Password manager stalwart LastPass acknowledged Thursday that a threat actor gained unauthorized access to its source code and proprietary technical information. The attacker does not appear to have gained access to customer data or encrypted password vaults.
In the latest weekly update, four editors at Information Security Media Group discuss important cybersecurity issues, including implications of the Russia-Ukraine cyberwar, the former CISA director’s somber message to the industry at Black Hat, and how the cryptocurrency landscape is changing.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing databreachtoday.com, you agree to our use of cookies.