Security News

Networking device maker Ubiquiti has confirmed that it was the target of an extortion attempt following a January security breach, as revealed by a whistleblower earlier this week. Ubiquiti added that incident response experts hired to investigate the breach didn't find evidence of customer information being targeted during the breach.

Popular Indian mobile payments service MobiKwik on Monday came under fire after 8.2 terabytes of data belonging to millions of its users began circulating on the dark web in the aftermath of a major data breach that came to light earlier this month. As of July 2020, MobiKwik serves 120 million users and 3 million retailers across the country.

has published the results of an online survey of 303 cybersecurity professionals from around the globe in which respondents compared their perception of the severity of the SolarWinds Orion software breach between when it was first reported and several weeks later as more information was revealed. Respondents also relayed how the breach has impacted their jobs, recommended changes to organizational security practices and provided lessons learned.

On Jan. 11, Ubiquiti Inc. [NYSE:UI] - a major vendor of cloud-enabled Internet of Things devices such as routers, network video recorders and security cameras - disclosed that a breach involving a third-party cloud provider had exposed customer account credentials. Now a source who participated in the response to that breach alleges Ubiquiti massively downplayed a "Catastrophic" incident to minimize the hit to its stock price, and that the third-party cloud provider claim was a fabrication.

Indian digital financial services platform Mobikwik denies claims that almost 8 TB of data put up for sale was allegedly stolen from its servers. The threat actor who put the allegedly stolen data up for sale also created a search portal to allow anyone to check if their data is included in the stolen data.

British clothing brand FatFace has sent a controversial 'confidential' data breach notification to customers after suffering a ransomware attack earlier this year. This week, customers began receiving data breach notifications revealing that the popular lifestyle clothing brand, FatFace, had suffered a data breach after a cyberattack on January 17th, 2021.

A proposed executive order would set new rules on the disclosure of data breaches that also affect United States government agencies, according to a Reuters news report. The report said the executive order, which could be released as soon as the next week, would require software vendors to notify U.S. government customers of cyber-security breaches that also affect them.

Private aviation services provider Solairus Aviation on Tuesday announced that some employee and customer data was compromised in a security incident at third-party vendor Avianis. In a data breach announcement on March 23, Solairus said aviation business management platform provider Avianis provided notification last December about an intrusion into Avianis' Microsoft Azure cloud platform, which hosts Solairus flight scheduling and tracking system.

The phishers had access for more than 24 hours, and sources tell KrebsOnSecurity the intruders used that time to steal Social Security numbers and sensitive files on thousands of state workers, and to send targeted phishing messages to at least 9,000 other workers and their contacts. "SCO has notified the employee's contacts who may have received a potentially malicious email from the unauthorized user. SCO team members have identified all personal information included in the compromised email account and begun the process of notifying affected parties. The Controller is going over and beyond the notification requirements in law by providing both actual mailed notification and substitute notification in an effort to ensure the broadest possible notification."

Energy giant Shell has disclosed a data breach after attackers compromised the company's secure file-sharing system powered by Accellion's File Transfer Appliance. Shell disclosed the attack in a public statement published on the company's website last week and said that the incident only affected the Accellion FTA appliance used to transfer large data files securely.