Security News

Dropbox disclosed a security breach after threat actors stole 130 code repositories after gaining access to one of its GitHub accounts using employee credentials stolen in a phishing attack. "To date, our investigation has found that the code accessed by this threat actor contained some credentials-primarily, API keys-used by Dropbox developers," Dropbox revealed on Tuesday.

Incoming OpenSSL critical fix: Organizations, users, get ready!The OpenSSL Project team has announced that, on November 1, 2022, they will release OpenSSL version 3.0.7, which will fix a critical vulnerability in the popular open-source cryptographic library. Apple fixes exploited iOS, iPadOS zero-dayFor the ninth time this year, Apple has released fixes for a zero-day vulnerability exploited by attackers to compromise iPhones.

Communication services provider Twilio this week disclosed that it experienced another "Brief security incident" in June 2022 perpetrated by the same threat actor behind the August hack that resulted in unauthorized access of customer information. "In the June incident, a Twilio employee was socially engineered through voice phishing to provide their credentials, and the malicious actor was able to access customer contact information for a limited number of customers," Twilio said.

54% of office workers would reconsider working for a company that had recently experienced a cyber breach, according to a study by Encore. An independent study of 100 C-level executives, 100 chief information security officers and 500 office workers in the US and the UK, conducted by Censuswide, sought to uncover the gap that remains between boards and security teams when it comes to addressing cyber demands.

Australian health insurance firm Medibank on Wednesday disclosed that the personal information of all of its customers had been unauthorizedly accessed following a recent ransomware attack.In an update to its ongoing investigation into the incident, the firm said the attackers had access to "Significant amounts of health claims data" as well as personal data belonging to its ahm health insurance subsidiary and international students.

All four million customers at risk of having records of medical treatments exposed Australian health insurer Medibank's data breach was today revealed to be even worse than first thought, with a...

According to a data breach notification shared with the Montana Attorney General's office, See Tickets discovered the breach in April 2021, when they started an investigation with the help of a forensics firm. After engaging with forensic experts and Visa, MasterCard, American Express, and Discover to investigate the incident further, See Tickets concluded on September 12, 2022, that unauthorized parties may have accessed customer credit card information.

Australian private health insurance provider Medibank has revealed that the hack and data breach it discovered over two weeks ago has affected more customers than initially thought. According to The Guardian, Medibank is working under the assumption that all its customers have been affected, including past ones.

Medibank, Australia's largest private health provider, has confirmed that last week's "Cyber incident" has resulted in a data breach. Medibank Group took action: they engaged cyber security firms and began "Isolating and removing access to some customer-facing systems to reduce the likelihood of damage to systems or data loss."

Advocate Aurora Health, a 26-hospital healthcare system in Wisconsin and Illinois, is notifying its patients of a data breach that exposed the personal data of 3,000,000 patients. The incident was caused by the improper use of Meta Pixel on AAH's websites, where patients log in and enter sensitive personal and medical information.