Security News

Fashion retailer Guess discloses data breach after ransomware attack
2021-07-12 16:33

American fashion brand and retailer Guess is notifying affected customers of a data breach following a February ransomware attack that led to data theft. "A cybersecurity forensic firm was engaged to assist with the investigation and identified unauthorized access to Guess' systems between February 2, 2021 and February 23, 2021," the company said in breach notification letters mailed to impacted customers.

Mint Mobile hit by a data breach after numbers ported, data accessed
2021-07-10 17:18

Mint Mobile has disclosed a data breach after an unauthorized person gained access to subscribers' account information and ported phone numbers to another carrier. According to the data breach notification email sent to affected subscribers this weekend, between June 8th and June 10th, a threat actor ported the phone numbers for a "Small" number of Mint Mobile subscribers to another carrier without authorization.

Insurance giant CNA reports data breach after ransomware attack
2021-07-09 11:29

CNA Financial Corporation, a leading US-based insurance company, is notifying customers of a data breach following a Phoenix CryptoLocker ransomware attack that hit its systems in March. CNA is considered the seventh-largest commercial insurance firm in the US based on stats from the Insurance Information Institute.

S3 Ep40: Kaseya breach, PrintNightmare 0-day, and hacking versus the law [Podcast]
2021-07-08 18:45

In this week's Oh! No! story, a server room fills with toxic fumes. Download the IBM 3270 retrofont that Duck admired in the podcast.

Morgan Stanley reports data breach after vendor Accellion hack
2021-07-08 13:19

Investment banking firm Morgan Stanley has reported a data breach after attackers stole personal information belonging to its customers by hacking into the Accellion FTA server of a third-party vendor. Guidehouse, a third-party vendor that provides account maintenance services to Morgan Stanley's StockPlan Connect business, notified the investment banking company in May 2021 that attackers hacked its Accellion FTA server to steal information belonging to Morgan Stanley stock plan participants.

Oi! Our British Airways data breach compo sueball is still going, shouts rival law firm
2021-07-07 17:10

The British Airways data breach not-quite-a-class-action hasn't ended after all, a rival to yesterday's law firm has told The Register. Following PGMBM's announcement that it has settled its case with the airline over the theft of nearly 400,000 people's personal data - including some credit card details - rival outfit Your Lawyers says its own case against BA is still ongoing.

RNC Says No Data Accessed in Synnex Breach
2021-07-07 15:44

The Republican National Committee says none of its data was compromised in a cyberattack that involved B2B IT services provider Synnex. Over the weekend, Synnex was the target of a cyberattack by threat actors who attempted to access "Customer applications within the Microsoft cloud environment." As part of the services it offers, Synnex manages cloud accounts for its customers.

British Airways Settles Class Action Over 2018 Data Breach
2021-07-06 15:46

British Airways has settled a class action brought by individuals impacted by the data breach suffered by the company in 2018, but terms of the settlement have been kept private. Stolen information in the case of British Airways included names, payment card data, addresses, and email addresses.

British Airways data breach lawsuit settled: Airline coughs up potentially millions to make sueball bounce away
2021-07-06 12:58

British Airways has settled the not-quite-a-class-action* lawsuit against it, potentially paying millions of pounds to make the data breach case in the High Court of England and Wales go away. "The resolution includes provision for compensation for qualifying claimants who were part of the litigation. The resolution does not include any admission of liability by British Airways Plc," said PGMBM. The lawsuit was based on the 2018 BA data breach, where the credit card details of 380,000 people were stolen thanks to a Magecart infection on its payment processing pages.

British Airways data breach lawsuit settled: Airline coughs up around £30m to make sueball bounce away
2021-07-06 12:58

British Airways has settled the not-quite-a-class-action* lawsuit against it, potentially paying millions of pounds to make the data breach case in the High Court of England and Wales go away. "The resolution includes provision for compensation for qualifying claimants who were part of the litigation. The resolution does not include any admission of liability by British Airways Plc," said PGMBM. The lawsuit was based on the 2018 BA data breach, where the credit card details of 380,000 people were stolen thanks to a Magecart infection on its payment processing pages.