Security News

PurFoods, which conducts business in the U.S. as 'Mom's Meals,' is warning of a data breach after the personal information of 1.2 million customers and employees was stolen in a ransomware attack. The data breach impacts individuals who have received Mom's Meals packages, current and former employees, and independent contractors.

Risk and financial advisory solutions provider Kroll on Friday disclosed that one of its employees fell victim to a "Highly sophisticated" SIM swapping attack."Specifically, T-Mobile, without any authority from or contact with Kroll or its employee, transferred that employee's phone number to the threat actor's phone at their request," it said in an advisory.

Pôle emploi, France's governmental unemployment registration and financial aid agency, is informing of a data breach that exposed data belonging to 10 million individuals. Although the agency does not specify the number of impacted individuals, Le Parisien reports an estimate of 10 million people to be impacted.

Multiple reports on social media warn of a data breach at financial and risk advisory company Kroll that resulted in exposing to an unauthorized third-party the personal data of some credit claimants. Kroll is facilitating claims for insolvent companies FTX, BlockFi, and Genesis Global Holdco.

Starting on Monday, Discord has been reaching out to users affected by a data breach disclosed earlier this year to let them know what Personal Identifying Information was exposed in the incident. The breach stemmed from a security breach at a third-party service provider detected on March 29, involving the compromise of an account belonging to a customer support agent.

Missouri's Department of Social Services warns that protected Medicaid healthcare information was exposed in a data breach after IBM suffered a MOVEit data theft attack. Yesterday, the Missouri Department of Social Services disclosed a data breach that exposed health information related to Medicaid services in the state.

The UK Electoral Commission disclosed a massive data breach exposing the personal information of anyone who registered to vote in the United Kingdom between 2014 and 2022. The disclosure comes ten months after the Commission first detected the breach and two years after the initial breach occurred, raising questions about why it took so long to report the incident to the public.

The Colorado Department of Higher Education discloses a massive data breach impacting students, past students, and teachers after suffering a ransomware attack in June. "On June 19, 2023, CDHE became aware it was the victim of a cybersecurity ransomware incident that impacted its network systems," explains the data breach notification.

Serco Inc, the Americas division of multinational outsourcing company Serco Group, has disclosed a data breach after attackers stole the personal information of over 10,000 individuals from a third-party vendor's MoveIT managed file transfer server. "On June 30, 2023, Serco was made aware that our third-party benefits administration provider, CBIZ, experienced a ransomware attack and data breach," the company explained.

While consumers are usually the ones worried about their information being exposed in data breaches, it's now the hacker's turn, as the notorious Breached cybercrime forum's database is up for sale and member data shared with Have I Been Pwned. Yesterday, the Have I Been Pwned data breach notification service announced that visitors can check if their information was exposed in a data breach of the Breached cybercrime forum.