Security News
Taiwanese chip maker ADATA denies claims of a RansomHouse cyberattack after the threat actors began posting stolen files on their data leak site. The RansomHouse gang added ADATA files to their data leak site on Tuesday, claiming they stole 1TB worth of documents in a 2022 cyberattack.
Former Uber CSO found guilty of obstruction in attempted data breach cover-up. Former Uber Chief Security Officer Joe Sullivan has been found guilty of criminal obstruction for attempting to conceal a 2016 data breach of tens of millions of customer and driver records.
Joe Sullivan, the former Chief Security Officer of Uber, has been convicted of obstruction of proceedings of the Federal Trade Commission and misprision of felony in connection with the attempted cover-up of the hack Uber suffered in 2016. "In the wake of that disclosure, the FTC's Division of Privacy and Identity Protection embarked on an investigation of Uber's data security program and practices. In May 2015, the month after Sullivan was hired, the FTC served a detailed Civil Investigative Demand on Uber, which demanded both extensive information about any other instances of unauthorized access to user personal information, and information regarding Uber's broader data security program and practices."
The Australian Federal Police has arrested a 19-year-old teen from Sydney for allegedly attempting to leverage the data leaked following the Optus data breach late last month to extort victims. Details of the scam were previously shared by 9News Australia reporter Chris O'Keefe on September 27, 2022.
A U.S. federal court jury has found former Uber Chief Security Officer Joseph Sullivan guilty of not disclosing a 2016 breach of customer and driver records to regulators and attempting to cover up the incident. "We expect those companies to protect that data and to alert customers and appropriate authorities when such data is stolen by hackers. Sullivan affirmatively worked to hide the data breach from the Federal Trade Commission and took steps to prevent the hackers from being caught."
The City of Tucson, Arizona, has disclosed a data breach affecting the personal information of more than 125,000 individuals.As revealed in a notice of data breach sent to affected people, an attacker breached the city's network and exfiltrated an undisclosed number of files containing sensitive information.
Australia's largest telecommunications company Telstra disclosed that it was the victim of a data breach through a third-party, nearly two weeks after Optus reported a breach of its own. "There has been no breach of Telstra's systems," Narelle Devine, the company's chief information security officer for the Asia Pacific region, said.
Hard-to-control collaboration, complex SaaS permissions, and risky misconfigurations - such as admin accounts without multi-factor authentication - have left a dangerous amount of cloud data exposed to insider threats and cyberattacks, according to Varonis. For the report, researchers analyzed nearly 10 billion cloud objects across a random sample of data risk assessments performed at more than 700 companies worldwide.
Optus confirmed yesterday that 2.1 million customers had government identification numbers compromised during a cyberattack last month. In an investigation, Optus confirmed that a total of 2.1 million customers had valid or expired ID document numbers exposed to the hackers.
TD Bank has disclosed a data breach affecting an undisclosed number of customers whose personal information was stolen by a former employee and used to conduct financial fraud.TD Bank is one of the largest banks in the United States by deposits, operating 1,220 branches and employing over 26,000 people.