Security News

Hotel giant Marriott International confirmed it was hit by another data breach after an unknown threat actor breached one of its properties and stole 20GB of files. "The threat actor used social engineering to trick one associate at a single Marriott hotel into providing access to the associate's computer. The threat actor did not impersonate any Marriott vendor."

Hotel giant Marriott International confirmed it was hit by another data breach after an unknown threat actor breached one of its properties and stole 20GB of files. "The threat actor used social engineering to trick one associate at a single Marriott hotel into providing access to the associate's computer. The threat actor did not impersonate any Marriott vendor."

Marriott Hotels has leaked data to attackers again and this time the culprits made off with 20GB of information, which reportedly included credit card info and internal company documents. The unnamed group behind the attack contacted privacy news site DataBreaches to share the news that it broke into a server at the Marriott hotel at Boston/Washington International Airport in Maryland late last month.

A threat actor has taken to a forum for news and discussion of data breaches with an offer to sell what they assert is a database containing records of over a billion Chinese civilians - allegedly stolen from the Shanghai Police. HackerDan released sample datasets: one containing delivery addresses and often instructions for drivers; another with police records; and the last with personal identification information like name, national ID number address, height, and gender.

Data breach of NFT marketplace OpenSea may expose customers to phishing attacks. The breach was caused by an employee at Customer.io, the email delivery vendor for OpenSea.

OpenSea, the largest non-fungible token marketplace, disclosed a data breach on Wednesday and warned users of phishing attacks that could target them in the coming days. The company's Head Of Security, Cory Hardman, said that an employee of Customer.io, the platform's email delivery vendor, downloaded email addresses belonging to OpenSea users and newsletter subscribers.

The U.S. Federal Trade Commission has ordered Residual Pumpkin Entity, the former owner of the CafePress t-shirt and merchandise site, to pay a $500,000 fine for covering up a data breach impacting more than 23 million customers and failing to protect their data. After its servers were breached multiple times, it tried to cover up the major data breach resulting from its sloppy security practices.

The U.S. Federal Trade Commission has ordered Residual Pumpkin Entity, the former owner of the CafePress t-shirt and merchandise site, to pay a $500,000 fine for covering up a data breach impacting more than 23 million customers and failing to protect their data. After its servers were breached multiple times, it tried to cover up the major data breach resulting from its sloppy security practices.

A 36-year-old former Amazon employee was convicted of wire fraud and computer intrusions in the U.S. for her role in the theft of personal data of no fewer than 100 million people in the 2019 Capital One breach. Paige Thompson, who operated under the online alias "Erratic" and worked for the tech giant till 2016, was found guilty of wire fraud, five counts of unauthorized access to a protected computer and damaging a protected computer.

Flagstar Bank is notifying 1.5 million customers of a data breach where hackers accessed personal data during a December cyberattack. According to data breach notifications sent to exposed customers, Flagstar experienced a security incident in December 2021 when intruders breached the bank's corporate network.