Security News

Cisco Duo's security team warns that hackers stole some customers' VoIP and SMS logs for multi-factor authentication messages in a cyberattack on their telephony provider. In emails sent to customers, Cisco Duo says an unnamed provider who handles the company's SMS and VOIP multi-factor authentication messages was compromised on April 1, 2024.

Canadian retail chain Giant Tiger disclosed a data breach in March 2024.A threat actor has now publicly claimed responsibility for the data breach and leaked 2.8 million records on a hacker forum that they claim are of Giant Tiger customers.

Business intelligence / data analytics software vendor Sisense has apparently suffered a data breach that spurred the company and the US Cybersecurity and Infrastructure Security Agency to push the company's customers to "Reset credentials and secrets potentially exposed to, or used to access, Sisense services." Details about the security incident are still being kept under wraps by Sisense.

AT&T is notifying 51 million former and current customers, warning them of a data breach that exposed their personal information on a hacking forum. These notifications are related to the recent leak of a massive amount of AT&T customer data on the Breach hacking forums that was offered for sale for $1 million in 2021.

Home Depot has confirmed that it suffered a data breach after one of its SaaS vendors mistakenly exposed a small sample of limited employee data, which could potentially be used in targeted phishing attacks.On Thursday, a threat actor known as IntelBroker leaked limited data for approximately 10,000 Home Depot employees on a hacking forum.

Cancer treatment and research center City of Hope is warning that a data breach exposed the sensitive information of over 820,000 patients. City of Hope is a National Cancer Institute-designated comprehensive cancer center providing treatment for cancer, diabetes, and other life-threatening diseases.

Data breach alerting service Have I Been Pwned warns that SurveyLama suffered a data breach in February 2024, which exposed the sensitive data of 4.4 million users. Hunt told BleepingComputer that he was notified of the exposure by one of the impacted users and independently verified the data.

AT&T is facing multiple class-action lawsuits following the company's admission to a massive data breach that exposed the sensitive data of 73 million current and former customers. The lawsuit alleges that AT&T failed to adequately protect customers' personal data, leading to a cyberattack and subsequent data breach that exposed sensitive information for 73 million people.

The OWASP Foundation has disclosed a data breach after some members' resumes were exposed online due to a misconfiguration of its old Wiki web server. OWASP says it discovered the Media Wiki misconfiguration in late February following several support requests.

MarineMax, self-described as one of the world's largest recreational boat and yacht retailers, says attackers stole employee and customer data after breaching its systems in a March cyberattack. The Florida-based yacht seller said in a March 12 SEC filing that it didn't store sensitive data in the compromised systems.