Security News

Car mount and mobile accessory maker iOttie warns that its site was compromised for almost two months to steal online shoppers' credit cards and personal information. In a new data breach notification issued yesterday, iOttie says they discovered on June 13th that its online store was compromised between April 12th, 2023, and June 2nd with malicious scripts.

Multinational shipping company UPS is alerting Canadian customers that some of their personal information might have been exposed via its online package look-up tools and abused in phishing attacks. At first glance, the letters sent by UPS Canada, titled "Fighting phishing and smishing - an update from UPS," seem to be a warning to customers about the dangers of phishing.

Zacks Investment Research has reportedly suffered an older, previously undisclosed data breach impacting 8.8 million customers, with the database now shared on a hacking forum. Data breach notification service Have I Been Pwned listed an additional Zacks breach this weekend after being sent a database containing 8.8 million user records.

Verizon Business today released the results of its 16th annual Data Breach Investigations Report, which analyzed 16,312 security incidents and 5,199 breaches. Chief among its findings is the soaring cost of ransomware - malicious software that encrypts an organization's data and extorts large sums of money to restore access.

Last week, Progress Software Corporation, which sells software and services for user interface developement, devops, file management and more, alerted customers of its MOVEit Transfer product about a critical vulnerability dubbed CVE-2023-34362. If the backend data is stored in a SQL database, the web server might convert that URL into a SQL command like the one shown below.

Leading snowboard maker Burton Snowboards confirmed notified customers of a data breach after some of their sensitive information was "Potentially" accessed or stolen during what the company described in February as a "Cyber incident." The attack was discovered by Burton on February 11 after causing a "System outage" and forcing the company to cancel online orders.

Managed Care of North America Dental has published a data breach notification on its website, informing almost 9 million patients that their personal data were compromised.MCNA Dental is one of the largest government-sponsored dental care and oral health insurance providers in the U.S. In a notice published Friday, MCNA says it became aware of unauthorized access to its computer systems on March 6th, 2023, with an investigation revealing that the hackers first gained access to MCNA's network on February 26th, 2023.

Luxottica has confirmed one of its partners suffered a data breach in 2021 that exposed the personal information of 70 million customers after a database was posted this month for free on hacking forums. Luxottica suffered a data breach in August 2020 that exposed the personal information of 829,454 EyeMed and Lenscrafters patients.

We and our store and/or access information on a device, such as cookies and process personal data, such as unique identifiers and standard information sent by a device for personalised ads and content, ad and content measurement, and audience insights, as well as to develop and improve products. With your permission we and our partners may use precise geolocation data and identification through device scanning.

U.S. tech company and Siemens subsidiary Brightly Software is notifying customers that their personal information and credentials were stolen by attackers who gained access to the database of its SchoolDude online platform. "We at Brightly Software are writing to let you know about a recent security incident affecting an account you have on our SchoolDude application, an online platform used by educational institutions for placing and tracking maintenance work orders," Brightly told affected SchoolDude users.