Security News

The California-based networking hardware manufacturer 'A10 Networks' has confirmed to BleepingComputer that the Play ransomware gang briefly gained access to its IT infrastructure and compromised data.A10 Networks specializes in the manufacturing of software and hardware application delivery controllers, identity management solutions, and bandwidth management appliances, while it also offers firewall and DDoS threat intelligence and mitigation services.

Multiple medical groups in the Heritage Provider Network in California have suffered a ransomware attack, exposing sensitive patient information to cybercriminals. The entities collectively issued a notice of data breach at the start of the month and shared a sample letter with the California Attorney General's office earlier this week.

The Weee! Asian and Hispanic food delivery service suffered a data breach exposing the personal information of 1.1 million customers.On Monday, a threat actor named 'IntelBroker' began leaking the data for Weee! on the Breached hacking and data breach forum.

A Sydney man has been sentenced to an 18-month Community Correction Order and 100 hours of community service for attempting to take advantage of the Optus data breach last year to blackmail its customers. The unnamed individual, 19 when arrested in October 2022 and now 20, used the leaked records stolen from the security lapse to orchestrate an SMS-based extortion scheme.

PeopleConnect, the owners of the TruthFinder and Instant Checkmate background check services, confirmed they suffered a data breach after hackers leaked a 2019 backup database containing the info of millions of customers. TruthFinder and Instant Checkmate are subscription-based services allowing customers to perform background checks on other people.

Google Fi, Google's U.S.-only telecommunications and mobile internet service, has informed customers that personal data was exposed by a data breach at one of its primary network providers, with some customers warned that it allowed SIM swapping attacks. Google sent notices of a data breach to Google Fi customers this week, informing them that the incident exposed their phone numbers, SIM card serial numbers, account status, account activation date, and mobile service plan details.

Hackers breached Zacks Investment Research company last year and gained access to personal and sensitive information belonging to 820,000 customers. Founded in 1978, the company helps investors with stock buying decisions by using advanced financial data analytics algorithms.

LastPass-owner GoTo on Tuesday disclosed that unidentified threat actors were able to steal encrypted backups of some customers' data along with an encryption key for some of those backups in a November 2022 incident."The affected information, which varies by product, may include account usernames, salted and hashed passwords, a portion of multi-factor Authentication settings, as well as some product settings and licensing information," GoTo's Paddy Srinivasan said.

"Recently, we were informed by a third-party technology vendor that sends transactional emails on behalf of its clients like FanDuel that they had experienced a security breach within their system that impacted several of their clients," reads a FanDuel 'Notice of Third-Party Vendor Security Incident' seen by BleepingComputer. "On Sunday evening, the vendor confirmed that FanDuel customer names and email addresses were acquired by an unauthorized actor. No customer passwords, financial account information, or other personal information was acquired in this incident."

Last Thursday, FanDuel emailed customers to warn them that the threat actors acquired their names and email addresses during the MailChimp breach. "Recently, we were informed by a third-party technology vendor that sends transactional emails on behalf of its clients like FanDuel that they had experienced a security breach within their system that impacted several of their clients," reads a FanDuel 'Notice of Third-Party Vendor Security Incident' seen by BleepingComputer.