Security News

The same group behind the SolarWinds supply-chain attacks has been targeting Microsoft's corporate networks to gain access to specific organizations - primarily, U.S.-based IT and government organizations. Microsoft officially announced the attacks after Reuters obtained an email sent to customers which explained that the threat group Nobelium stole customer-service-agent credentials to gain access and launch attacks against Microsoft customers.

Mercedes-Benz USA has just disclosed a data breach impacting some of its customers. The company assessed 1.6 million customer records which included customer names, addresses, emails, phone numbers, and some purchased vehicle information to determine the impact.

The City of Tulsa, Oklahoma, is warning residents that their personal data may have been exposed after a ransomware gang published police citations online. The attack disrupted Tulsa's online bill payment systems, utility billing, and email, as well as the websites for the City of Tulsa, the Tulsa City Council, Tulsa Police, and the Tulsa 311.

A fertility clinic serving the Atlanta area has been hit with a ransomware attack that also exposed private health information for 38,000 of its patients. "We discovered that a file server containing embryology data was encrypted and therefore inaccessible," according to the notice.

A Georgia-based fertility clinic has disclosed a data breach after files containing sensitive patient information were stolen during a ransomware attack. In a data breach notification issued by both RBA and its affiliate MyEggBank, RBA states that they first learned that they were hit by a ransomware attack on April 16th, 2021, when "a file server containing embryology data was encrypted and therefore inaccessible."

Poland's deputy prime minister Jaros?aw Kaczy?ski says last week's breach of multiple Polish officials' private email accounts was carried out from servers within the Russian Federation. "After reading the information provided to me by the Internal Security Agency and the Military Counterintelligence Service, I inform you that the most important Polish officials, ministers, and deputies of various political options were subject to a cyber attack," Kaczy?ski said in a statement published today.

Wegmans Food Markets notified customers that some of their information was exposed after the company became aware that two of its databases were publicly accessible on the Internet because of a configuration issue. Wegmans is a 106-store major regional supermarket chain with stores in the mid-Atlantic and Northeastern regions.

Carnival Corp. said Thursday that a data breach in March might have exposed personal information about customers and employees on Carnival Cruise Line, Holland America Line and Princess Cruises. The breach comes after Carnival was hit twice last year by ransomware attacks.

OpsCompass announced the results of a report it conducted on cloud security posture and management challenges. "Operations teams are managing increasingly complex cloud infrastructure and are hyper-concerned about misconfigurations and configuration drift resulting in security gaps and potential breaches. Our goal with this report is to assess what teams are experiencing today, understand their concerns, and drive conversations to improve cloud security."

Eggfree Cake Box has disclosed a data breach after threat actors hacked their website to stole credit card numbers. Cake Box is a UK chain of stores selling fresh cream celebration cakes made without eggs.