Security News
The U.K.'s largest fishing retailer, Angling Direct, experienced a system breach on Nov. 5 that resulted in their domain being redirected to Pornhub. Apparently, the attackers obtained login credentials for its Twitter and other social-media accounts, since the hackers were able to alert them, and their customers, to the breach through a Nov. 7 tweet from the Angling Direct feed.
Investor trading app company Robinhood Markets has confirmed a data breach that affects the personal information of about 7 million customers - roughly a third of its user base. The perpetrator attempted to extort the company, demanding payment in return for not releasing the stolen data.
Robinhood on Monday disclosed a security breach affecting approximately 7 million customers, roughly a third of its user base, that resulted in unauthorized access of personal information by an unidentified threat actor. "Based on our investigation, the attack has been contained and we believe that no Social Security numbers, bank account numbers, or debit card numbers were exposed and that there has been no financial loss to any customers as a result of the incident," the Silicon Valley financial company noted.
Robinhood on Monday disclosed a security breach affecting approximately 7 million customers, roughly a third of its user base, that resulted in unauthorized access of personal information by an unidentified threat actor. "Based on our investigation, the attack has been contained and we believe that no Social Security numbers, bank account numbers, or debit card numbers were exposed and that there has been no financial loss to any customers as a result of the incident," the Silicon Valley financial company noted.
Stock trading platform Robinhood has disclosed a data breach after their systems were hacked and a threat actor gained access to the personal information of approximately 7 million customers.After learning of the attack and securing their systems, RobinHood also received an extortion demand.
Cybersecurity firm Palo Alto Networks warned over the weekend of an ongoing hacking campaign that has already resulted in the compromise of at least nine organizations worldwide from critical sectors, including defense, healthcare, energy, technology, and education. To breach the orgs networks, the threat actors behind this cyberespionage campaign exploited a critical vulnerability in Zoho's enterprise password management solution known as ManageEngine ADSelfService Plus which allows remotely executing code on unpatched systems without authentication.
US defense contractor Electronic Warfare Associates has disclosed a data breach after threat actors hacked their email system and stole files containing personal information. As detailed in a notice to the Montana Attorney General's office, EWA discovered that a threat actor took over one of their email accounts on August 2, 2021.
The U.K. Labour Party notified members that some of their information was impacted in a data breach after a ransomware attack hit a supplier managing the party's data. The data breach was announced in a data breach notification published on the party's website after informing relevant authorities about the incident.
Despite increasing cyberattacks targeting data in the cloud, 83% of businesses are still failing to encrypt half of the sensitive data they store in the cloud, raising even greater concerns as to the impact cyber criminals can have. 40% of organizations have experienced a cloud-based data breach in the past 12 months, according to a study conducted by 451 Research.
The BlackShadow hacking group attacked the Israeli hosting provider Cyberserve to steal client databases and disrupt the company's services. Cyberserve is an Israeli web development firm and hosting company used by various organizations, including local radio stations, museums, and educational institutions.