Over a million Neighbourhood Watch members exposed through web app bug Unverified users could scoop up data on high-value individuals without any form of verification process Security23 Apr 2024 | 6
Lawsuit accuses Grindr of illegally sharing users' HIV status LGBTQ+ dating app's maker previously denied selling sensitive user data Applications22 Apr 2024 | 5
Cybercriminals threaten to leak all 5 million records from stolen database of high-risk individuals It’s the second time the World-Check list has fallen into the wrong hands Cyber-crime19 Apr 2024 | 21
185K people's sensitive data in the pits after ransomware raid on Cherry Health Extent of information seized will be a concern for those affected Cyber-crime18 Apr 2024 | 6
US House approves FISA renewal – warrantless surveillance and all Infosec in brief PLUS: Chinese chipmaker Nexperia attacked; A Microsoft-signed backdoor; CISA starts scanning your malware; and more Security15 Apr 2024 | 12
Global taxi software vendor exposes details of nearly 300K across UK and Ireland Exclusive High-profile individuals including MPs said to be caught up in leak Research11 Apr 2024 | 5
SharePoint logs are easily circumvented and Microsoft is dragging its heels Now is the perfect time to review those permissions Applications10 Apr 2024 | 7
Puppies, kittens, data at risk after 'cyber incident' at veterinary giant IT systems pulled offline for chance to paws and reflect Security08 Apr 2024 | 12
Ransomware gang did steal residents' confidential data, UK city council admits INC Ransom emerges as a growing threat as some ex-LockBit/ALPHV affiliates get new gigs Cyber-crime04 Apr 2024 | 17
OWASP server blunder exposes decade of resumes Irony alerts: Open Web Application Security Project Foundation suffers lapse Security02 Apr 2024 | 5
Pandabuy confirms crooks nabbed data on 1.3M punters Nothing says 'sorry' like 10 percent off shipping for a month Cyber-crime02 Apr 2024 |
Nearly 3M people hit in Harvard Pilgrim healthcare data theft Infosec in brief Also, TheMoon botnet back for EoL SOHO routers, Sellafield to be prosecuted for 'infosec failures', plus critical vulns Security01 Apr 2024 | 3
AT&T admits massive 70M+ mid-March customer data dump is real though old Still claims the personal info wasn't stolen from its systems Security01 Apr 2024 | 10
Street newspaper appears to have Big Issue with Qilin ransomware gang The days of cybercriminals having something of a moral compass are over Cyber-crime27 Mar 2024 | 12
Microsoft confirms memory leak in March Windows Server security update Infosec in brief ALSO: Viasat hack wiper malware is back, users are the number one cause of data loss, and critical vulns Security25 Mar 2024 | 11
Yacht dealer to the stars attacked by Rhysida ransomware gang MarineMax may be in choppy waters after 'stolen data' given million-dollar price tag Cyber-crime21 Mar 2024 | 9
Serial extortionist of medical facilities pleads guilty to cybercrime charges Robert Purbeck even went as far as threatening a dentist with the sale of his child’s data Cyber-crime20 Mar 2024 | 6
Record breach of French government exposes up to 43 million people's data Zut alors! Department for registering and helping unemployed people broken into Cyber-crime14 Mar 2024 | 28
Nissan to let 100,000 Aussies and Kiwis know their data was stolen in cyberattack Akira ransomware crooks brag of swiping thousands of ID documents during break-in Cyber-crime14 Mar 2024 | 7
Stanford University failed to detect ransomware intruders for 4 months 27,000 individuals had data stolen, which for some included names and social security numbers Cyber-crime13 Mar 2024 | 4
Swiss cheese security? Play ransomware gang milks government of 65,000 files Classified docs, readable passwords, and thousands of personal information nabbed in Xplain breach Cyber-crime08 Mar 2024 | 11
Japan orders local giants LINE and NAVER to disentangle their tech stacks Government mighty displeased about a shared Active Directory that led to a big data leak Security06 Mar 2024 | 2
US accuses Army vet cyber-Casanova of sharing Russia-Ukraine war secrets Where better to expose confidential data than on a dating app? Security05 Mar 2024 | 17
American Express admits card data exposed and blames third party Don't leave home without … IT security Security04 Mar 2024 | 9
Air National Guardsman Teixeira to admit he was Pentagon files leaker Updated Turns out bragging on Discord has unfortunate consequences Security01 Mar 2024 | 48
Cops visit school of 'wrong person's child,' mix up victims and suspects in epic data fail Data watchdog reprimands police force for confusing 2 people with same name and birthday to disastrous results Security01 Mar 2024 | 118
NTT boss takes early retirement to atone for data leak No mere mea culpa would suffice after 9.2 million records leaked over a decade, warnings were ignored, and lies were told Security01 Mar 2024 | 8
U-Haul tells 67K customers that cyber-crooks drove away with their personal info Thieves broke into IT system using stolen login Cyber-crime23 Feb 2024 | 13
Insider steals 79,000 email addresses at work to promote own business After saying they're very sorry, they escape with a slap on the wrist Security20 Feb 2024 | 38
ALPHV gang claims it's the attacker that broke into Prudential Financial, LoanDepot Ransomware group continues to exploit US regulatory requirements to its advantage Cyber-crime19 Feb 2024 |
Southern Water cyberattack expected to hit hundreds of thousands of customers Brit utility also curiously disappears from Black Basta leak site Cyber-crime14 Feb 2024 | 44
FCC gets tough: Telcos must now tell you when your personal info is stolen Yep, cell carriers didn't have to do this before Security12 Feb 2024 | 8
Jet engine dealer to major airlines discloses 'unauthorized activity' Pulls part of system offline as Black Basta docs suggest the worst Cyber-crime12 Feb 2024 | 6
Mon Dieu! Nearly half the French population have data nabbed in massive breach Infosec In Brief PLUS: Juniper's support portal leaks customer info; Canada moves to ban Flipper Zero; Critical vulns Security12 Feb 2024 | 19
Verizon says 63K employees' info fell into the wrong hands – an insider this time Telco says it's a private matter, data 'not shared externally' Security06 Feb 2024 |
Blackbaud settles with FTC after that IT breach exposed millions of people's info Cloud software slinger admits no guilt, promises better basic security hygiene Cyber-crime02 Feb 2024 | 6
Biden will veto attempts to kill off SEC's security breach reporting rules Senate, House can try but won't make it past the Prez, says White House Security01 Feb 2024 | 18
LockBit shows no remorse for ransomware attack on children's hospital It even had the gall to set the ransom demand at $800K … for a nonprofit Cyber-crime01 Feb 2024 | 42
Guess the company: Takes your DNA, blames you when criminals steal it, can’t spot a cyberattack for 5 months Breach filings show Reddit post led to the discovery rather than any sophisticated cyber defenses Cyber-crime26 Jan 2024 | 36
Akira ransomware gang says it stole passport scans from Lush in 110 GB data heist Updated Cosmetics brand goes from Jackson Pollocking your bathwater to cleaning up serious a digital mess Cyber-crime26 Jan 2024 | 35
COVID-19 test lab accused of exposing 1.3 million patient records to open internet Now that's a Dutch crunch Research24 Jan 2024 | 2
UK water giant admits attackers broke into system as gang holds it to ransom Comes mere months after Western intelligence agencies warned of attacks on water providers Cyber-crime23 Jan 2024 | 35
Australia imposes cyber sanctions on Russian it says ransomwared health insurer 'Aleksandr Ermakov' isn't allowed down under after being linked to ten-million-record leak Cyber-crime23 Jan 2024 | 9
Subway's data torpedoed by LockBit, ransomware gang claims Fast food chain could face a footlong recovery process if allegations are true Cyber-crime22 Jan 2024 | 8
Thieves steal 35.5M customers’ data from Vans sneakers maker But what kind of info was actually compromised? None of your business Cyber-crime19 Jan 2024 | 8
FTC secures first databroker settlement banning sale of sensitive location data Infosec in brief Also, iOS spyware abused Apple's own ECC, breach victim says it can't figure out what hackers took, and some critical vulns Security15 Jan 2024 | 3
BreachForums boss busted for bond blunders – including using a VPN Fitzpatrick faces potentially decades in prison later this month, so may as well get some foreign Netflix in beforehand Cyber-crime05 Jan 2024 | 2
Copy that? Xerox confirms 'security incident' at subsidiary Company’s removal from ransomware gang’s leak blog could mean negotiations underway Cyber-crime03 Jan 2024 |
Data loss prevention isn't rocket science, but NASA hasn't made it work in Microsoft 365 Privacy review finds breach response plan is a mess, training could be better, but protection regime mostly holds up Public Sector21 Dec 2023 | 13
Millions of Xfinity customers' info, hashed passwords feared stolen in cyberattack 35M-plus Comcast user IDs accessed by intruder via Citrix Bleed Cyber-crime19 Dec 2023 | 29
Mr Cooper cyberattack laid bare: 14.7M people's info stolen, costs hit $25M Mortgage lender says no evidence of identity theft (yet) after SSNs, DoBs, addresses, more swiped Cyber-crime18 Dec 2023 | 14
MongoDB warns breach of internal systems exposed customer contact info Infosec in brief PLUS: Cancer patients get ransom notes for Christmas, Delta Dental is the latest MOVEit victim, and critical vulns Security18 Dec 2023 | 2
Nearly a million non-profit donors' details left exposed in unsecured database Trusted by major charities, DonorView publicly exposed children’s names and addresses, among other data Cyber-crime13 Dec 2023 | 22
Britain's Ministry of Defence fined £350K over Afghan interpreter BCC email blunder UK GDPR penalty slashed from £1M after department agrees to improve processes Public Sector13 Dec 2023 | 16
Discord in the ranks: Lone Airman behind top-secret info leak on chat platform Poor cybersecurity hygiene in the military? Surely not! Cyber-crime12 Dec 2023 | 21
Northern Ireland cops count human cost of August data breach Officers potentially targeted by dissidents can't afford to relocate for their safety, while others seek support to change their names Security12 Dec 2023 | 16
2.5M patients infected with data loss in Norton Healthcare ransomware outbreak AlphV lays claims to the intrusion Security11 Dec 2023 | 6
23andMe responds to breach with new suit-limiting user terms Security in brief Also: 'well-known Bay Area tech' firm's laptops stolen and check out some critical vulns Security11 Dec 2023 | 15
Yet another UK public sector data blab, this time info of pregnant women, cancer patients NHS Trust admits highly sensitive data left online for nearly three years Public Sector07 Dec 2023 | 10
BlackCat ransomware crims threaten to directly extort victim's customers Accounting software firm Tipalti says it’s investigating alleged break-in of its systems Cyber-crime05 Dec 2023 | 4
Hershey phishes! Crooks snarf chocolate lovers' creds Stealing Kit Kat maker's data?! Give me a break Security04 Dec 2023 | 48
EU lawmakers finalize cyber security rules that panicked open source devs Infosec in brief PLUS: Montana TikTok ban ruled unconstitutional; Dollar Tree employee data stolen; critical vulnerabilities Security04 Dec 2023 | 17