Security News

Moving and storage giant U-Haul International disclosed a data breach after a customer contract search tool was hacked to access customers' names and driver's license information. As the company revealed notification letters sent to impacted individuals on Friday, it discovered on August 1, following an incident investigation, attackers accessed some customers' rental contracts between November 5, 2021, and April 5, 2022.

Impact of Samsung's most recent data breach unknown. Samsung announced on Sept. 2, 2022 its second data breach of 2022.

DUCK. I'm doing very, very well, thank you, Douglas! A messy thing that is bugging people is the question of this TikTok thing.

The denial follows alleged reports of a hack that surfaced on the Breach Forums message board on September 3, with the threat actor noting that the server holds 2.05 billion records in a humongous 790GB database. "Who would have thought that TikTok would decide to store all their internal backend source code on one Alibaba Cloud instance using a trashy password?," the hacking group known as BlueHornet tweeted over the weekend.

TikTok denies recent claims it was breached, and source code and user data were stolen, telling BleepingComputer that data posted to a hacking forum is "Completely unrelated" to the company. The user shared screenshots of an alleged database belonging to the companies, which they say was accessed on an Alibaba cloud instance containing data for both TikTok and WeChat users.

South Korean chaebol Samsung on Friday said it experienced a cybersecurity incident that resulted in the unauthorized access of some customer information, the second time this year it has reported such a breach. "In late July 2022, an unauthorized third-party acquired information from some of Samsung's U.S. systems," the company disclosed in a notice.

Electronics giant Samsung has confirmed a new data breach today after some of its U.S. systems were hacked to steal customer data. Samsung later discovered on August 4 that customer personal information was accessed and exfiltrated out of its network.

EdFinancial and the Oklahoma Student Loan Authority are notifying over 2.5 million loanees that their personal data was exposed in a data breach. The target of the breach was Nelnet Servicing, the Lincoln, Neb.-based servicing system and web portal provider for OSLA and EdFinancial, according to a breach disclosure letter.

Russian media streaming platform 'START' has confirmed rumors of a data breach impacting millions of users. Even though a global reset isn't enforced by START, it is recommended that all users change their passwords.

As you no doubt already know, because the story has been all over the news and social media recently, the widely-known and widely-used password manager LastPass last week reported a security breach. We regularly recommend our readers and podcast listeners to consider using a password manager, even though we've also written up numerous security blunders in password manager tools over the years.