Security News
The data snafu dates back to 2020, and, according to EyeMed, it's likely the result of one of its people falling for a phish. The investigation later revealed that the intrusion ran from around June 24 to July 1, 2020, during which time miscreants read and stole emails and attachments containing consumers' non-public health information, including data concerning minors, that date back six years prior to the cyberattack.
Microsoft said today that some of its customers' sensitive information was exposed by a misconfigured Microsoft server accessible over the Internet. "This misconfiguration resulted in the potential for unauthenticated access to some business transaction data corresponding to interactions between Microsoft and prospective customers, such as the planning or potential implementation and provisioning of Microsoft services," the company revealed.
Popular international fine wine online retailer iDealwine has suffered a data breach during the past weekend, and has yet to reveal the number of customers affected. Its e-shop is still offline,...
Recent research from Thales has found that malware, ransomware, and phishing continue to plague global organizations. 21% have experienced a ransomware attack in the last year, with 43% of those experiencing a significant impact on operations.
Woolworths' MyDeal subsidiary has disclosed a data breach affecting 2.2 million customers, with the hacker trying to sell the stolen data on a hacker forum. Last Friday, MyDeal stated that it suffered a breach after a hacker used compromised user credentials to access the company's Customer Relationship Management system, allowing the threat actor to view and export customer information.
Chinese company Zoetop, former owner of the wildly popular SHEIN and ROMWE "Fast fashion" brands, has been fined $1,900,000 by the State of New York. Frankly, we're surprised that Zoetop got off so lightly, considering the size, wealth and brand power of the company, its apparent lack of even basic precautions that could have prevented or reduced the danger posed by the breach, and its ongoing dishonesty in handling the breach after it became known.
In April 2022, Omnicell reported a data breach affecting nearly 62,000 patients. Will you be the next victim like Omnicell? If you are overlooking the importance of data protection, attackers can get you in no time.
Australian carrier Optus's recent data breach will be investigated by two regulators, the double trouble likely an indicator of the nation's displeasure at the incident - which saw almost ten million locals' personal data exposed online. One of the probes will be conducted by the Australian Communications and Media Authority, which will ponder "Obligations relating to the acquisition, authentication, retention, disposal and protection of personal information, and requirements to provide fraud mitigation protections." The Authority's chair, Nerida O'Loughlin, said "A key focus for the ACMA will be Optus's compliance with these obligations."
Taiwanese chip maker ADATA denies claims of a RansomHouse cyberattack after the threat actors began posting stolen files on their data leak site. The RansomHouse gang added ADATA files to their data leak site on Tuesday, claiming they stole 1TB worth of documents in a 2022 cyberattack.
Former Uber CSO found guilty of obstruction in attempted data breach cover-up. Former Uber Chief Security Officer Joe Sullivan has been found guilty of criminal obstruction for attempting to conceal a 2016 data breach of tens of millions of customer and driver records.