Security News

Infosec in brief T-Mobile has had another bad week on the infosec front - this time stemming from a system glitch that exposed customer account data, followed by allegations of another breach the carrier denied. According to customers who complained of the issue on Reddit and X, the T-Mobile app was displaying other customers' data instead of their own - including the strangers' purchase history, credit card information, and address.

U.S. educational nonprofit National Student Clearinghouse has disclosed a data breach affecting 890 schools using its services across the United States. According to the data breach notification letters, the data exposed in the attack varies for each affected individual.

Air Canada, the flag carrier and the largest airline of Canada, disclosed a cyber security incident this week in which hackers "Briefly" obtained limited access to its internal systems."An unauthorized group briefly obtained limited access to an internal Air Canada system related to limited personal information of some employees and certain records," reads a statement published Wednesday, September 20th, on Air Canada's press website.

Ethereum blockchain analytics firm Nansen asks a subset of its users to reset passwords following a recent data breach at its authentication provider. Nansen is a popular entity in the cryptocurrency space, offering users insights into Ethereum wallet activity, helping identify emerging projects, and generally helping people make informed investment decisions.

T-Mobile has denied suffering another data breach following Thursday night reports that a threat actor leaked a large database allegedly containing T-Mobile employees' data. The mobile carrier told BleepingComputer that the leaked data is believed to belong to an authorized retailer, which was breached earlier this year.

Pizza Hut Australia is sending data breach notifications to customers, warning that a cyberattack allowed hackers to access their personal information. The notification warns that the hacker gained unauthorized access to Pizza Hut Australia systems storing sensitive info for customers who made online orders, as well as partial financial data and encrypted account passwords.

Pizza Hut's Australian outpost has suffered a data breach. Yes, dear reader - that means the bad guys have seen a database of people who like pineapple on their pizzas.

The dreaded data breach is an outcome feared by companies of all sizes in today's threat landscape, largely due to the significant costs involved. Each year, IBM's eagerly anticipated Cost of a Data Breach Report seems to come with the bad news of an increase in data breach costs, and 2023 is no exception.

In this Help Net Security interview, Scott Sutherland, VP of Research at NetSPI, delves into the intricacies of their Breach and Attack Simulation platform and discusses how it offers unique features - from customizable procedures to advanced plays - that help organizations maximize their ROI. This interview also explores the crucial role of Key Performance Indicators in tracking the efficacy of security measures. Can you provide a high-level overview of NetSPI's Breach and Attack Simulation platform and what makes it unique?

Hack blamed on new Google Authenticator sync feature. Retool is blaming the success of the hack on a new feature in Google Authenticator that allows users to synchronize their 2FA codes with their Google account.