Security News

Sontiq announced it has acquired data breach intelligence fintech Breach Clarity. As a result of the acquisition, Sontiq's products - IdentityForce, Cyberscout, and EZShield - all built on its tech-enabled IIS Platform, will have the proprietary capability, BreachIQ. Sontiq is the first provider in the identity security marketplace to offer consumers an AI-driven and proprietary personalized risk score with actionable next steps based on their unique data breach history.

US bank and mortgage lender Flagstar has disclosed a data breach after the Clop ransomware gang hacked their Accellion file transfer server in January. On Friday, Flagstar Bank issued a security disclosure on their website and began emailing customers about a breach of their Accellion FTA server.

Passenger data from multiple airlines around the world has been compromised after hackers breached servers belonging to SITA, a global information technology company. A SITA representative told BleepingComputer that the intrusion impacts data of passengers from the airlines listed below.

SITA, a multinational company that specializes in air transport communications and IT, this week confirmed falling victim to a cyberattack that appears to have impacted multiple airlines around the world. SITA said on Thursday that the attack, which it described as "Highly sophisticated," affected certain passenger data stored on servers of SITA Passenger Service System Inc., which operates passenger processing systems for airlines.

Malaysia Airlines sent out an email to frequent flyer program members assuring them that there's "No evidence" their personal data has been misused in the wake of a supply-chain attack via a third-party vendor. Malaysia Airlines' frequent flyer program, Enrich, was breached sometime around March 2010 - and remained exposed until June 2019, leaving thousands of members' personal data, including name, date of birth, gender, contact information, ID number, status and tier level unprotected, an email sent out to members from the company said.

Malaysia Airlines has suffered a data breach spanning nine yearsof data that exposed the personal information of members in its Enrich frequent flyer program. Starting yesterday, Malaysia Airlines began emailing members of their Enrich rewards program to disclose that they were affected by a data breach.

Oxfam Australia has confirmed a data breach after suffering a cyberattack and their donor databases put up for sale on a hacker forum in January. Last month, BleepingComputer was the first to report that a threat actor was selling a stolen Oxfam Australia database containing 1.7 million user records.

A Dutch e-Ticketing platform has suffered a data breach after a user database containing 1.9 million unique email addresses was stolen from an unsecured staging server. Ticketcounter has confirmed the data breach to both BleepingComputer and Troy Hunt of Have I Been Pwned, who spoke to the company's owner after receiving the database.

American telecommunications provider T-Mobile has disclosed a data breach after an unknown number of customers were apparently affected by SIM swap attacks. The FBI shared guidance on how to defend against SIM swapping following an increase in the number of SIM hijacking attacks targeting cryptocurrency adopters and investors.

American VC firm Sequoia Capital has disclosed a data breach following what looks like a failed business email compromise attack from January. Since its founding in 1972, the venture capital firm Sequoia has invested in a long list of high-profile companies.