Security News

Although the accommodation booking website reportedly asked the Dutch AIVD spy agency for help with the breach after its internal investigation identified "Andrew" as having connections to US spy agencies, it did not notify either its affected customers or data protection authorities in the Netherlands at the time, the newspaper allged. "When we asked for comment about the allegations, a Booking.com spokesperson told us:"With the support of external subject matter experts and following the framework established by the Dutch Data Protection Act, we confirmed that no sensitive or financial information was accessed.

The research also uncovered that organizations underestimate the risk of a cyberattack, with 73% of CIOs and CISOs "Highly confident" their organizations will not suffer an OT breach in the next year. 83% also said they had at least one OT security breach in the prior 36 months.

The U.K.'s largest fishing retailer, Angling Direct, experienced a system breach on Nov. 5 that resulted in their domain being redirected to Pornhub. Apparently, the attackers obtained login credentials for its Twitter and other social-media accounts, since the hackers were able to alert them, and their customers, to the breach through a Nov. 7 tweet from the Angling Direct feed.

Investor trading app company Robinhood Markets has confirmed a data breach that affects the personal information of about 7 million customers - roughly a third of its user base. The perpetrator attempted to extort the company, demanding payment in return for not releasing the stolen data.

Robinhood on Monday disclosed a security breach affecting approximately 7 million customers, roughly a third of its user base, that resulted in unauthorized access of personal information by an unidentified threat actor. "Based on our investigation, the attack has been contained and we believe that no Social Security numbers, bank account numbers, or debit card numbers were exposed and that there has been no financial loss to any customers as a result of the incident," the Silicon Valley financial company noted.

Robinhood on Monday disclosed a security breach affecting approximately 7 million customers, roughly a third of its user base, that resulted in unauthorized access of personal information by an unidentified threat actor. "Based on our investigation, the attack has been contained and we believe that no Social Security numbers, bank account numbers, or debit card numbers were exposed and that there has been no financial loss to any customers as a result of the incident," the Silicon Valley financial company noted.

Stock trading platform Robinhood has disclosed a data breach after their systems were hacked and a threat actor gained access to the personal information of approximately 7 million customers.After learning of the attack and securing their systems, RobinHood also received an extortion demand.

Cybersecurity firm Palo Alto Networks warned over the weekend of an ongoing hacking campaign that has already resulted in the compromise of at least nine organizations worldwide from critical sectors, including defense, healthcare, energy, technology, and education. To breach the orgs networks, the threat actors behind this cyberespionage campaign exploited a critical vulnerability in Zoho's enterprise password management solution known as ManageEngine ADSelfService Plus which allows remotely executing code on unpatched systems without authentication.

US defense contractor Electronic Warfare Associates has disclosed a data breach after threat actors hacked their email system and stole files containing personal information. As detailed in a notice to the Montana Attorney General's office, EWA discovered that a threat actor took over one of their email accounts on August 2, 2021.

The U.K. Labour Party notified members that some of their information was impacted in a data breach after a ransomware attack hit a supplier managing the party's data. The data breach was announced in a data breach notification published on the party's website after informing relevant authorities about the incident.