Security News

Nearly four weeks after the Police Service of Northern Ireland published data on 10,000 employees in a botched response to a Freedom of Information request, another two men, aged 21 and 22, have been released on bail after being arrested under the Terrorism Act. On August 8, it mistakenly published a spreadsheet with the details of every serving Northern Ireland police officer online in response to a Freedom of Information request at the beginning of August.

The University of Sydney announced that a breach at a third-party service provider exposed personal information of recently applied and enrolled international applicants. In the data breach announcement, the university says that incident had a limited impact and the preliminary investigation found no evidence that local students, staff, or alumni have been impacted.

Topgolf Callaway suffered a data breach at the start of August, which exposed the sensitive personal and account data of more than a million customers.In a letter sent to impacted individuals on August 29, 2023, the company explains that an IT system incident that occurred on August 1st has affected the availability of its e-commerce services and exposed certain customer information to an unauthorized entity. This impacts customers of Callaway and its sub-brands Odyssey, Ogio, and Callaway Gold Preowned sites that all operate under the same business umbrella.

Forever 21 clothing and accessories retailer is sending data breach notifications to more than half a million individuals who had their personal information exposed to network intruders.The investigation revealed that hackers had intermittent access to Forever 21 systems between January and March this year and leveraged this access to steal data.

American entertainment giant Paramount Global disclosed a data breach after its systems got hacked and attackers gained access to personally identifiable information.Paramount said in breach notification letters signed by Nickelodeon Animation Studio EVP Brian Keane sent to affected individuals that the attackers had access to its systems between May and June 2023.

Hackers are targeting Cisco Adaptive Security Appliance SSL VPNs in credential stuffing and brute-force attacks that take advantage of lapses in security defenses, such as not enforcing multi-factor authentication. Last week, BleepingComputer reported that the Akira ransomware gang was breaching Cisco VPNs for initial network access.

London's Metropolitan Police has said a third-party data breach exposed staff and officers' names, ranks, photos, vetting levels, and salary information. The supplier did not store police addresses, phone numbers or financial account details so it appears that data remains secure.

PurFoods, which conducts business in the U.S. as 'Mom's Meals,' is warning of a data breach after the personal information of 1.2 million customers and employees was stolen in a ransomware attack. The data breach impacts individuals who have received Mom's Meals packages, current and former employees, and independent contractors.

Risk and financial advisory solutions provider Kroll on Friday disclosed that one of its employees fell victim to a "Highly sophisticated" SIM swapping attack."Specifically, T-Mobile, without any authority from or contact with Kroll or its employee, transferred that employee's phone number to the threat actor's phone at their request," it said in an advisory.

Pôle emploi, France's governmental unemployment registration and financial aid agency, is informing of a data breach that exposed data belonging to 10 million individuals. Although the agency does not specify the number of impacted individuals, Le Parisien reports an estimate of 10 million people to be impacted.