Security News

T-Mobile disclosed a new data breach after a threat actor stole the personal information of 37 million current postpaid and prepaid customer accounts through one of its Application Programming...

Nissan North America has begun sending data breach notifications informing customers of a breach at a third-party service provider that exposed customer information. In the notification sample, Nissan claims it received notice of a data breach from one of its software development vendors on June 21, 2022.

U.S. rail and locomotive company Wabtec Corporation has disclosed a data breach that exposed personal and sensitive information. Wabtec is a U.S.-based public company producing state-of-the-art locomotives and rail systems.

The August 2022 security breach of LastPass may have been more severe than previously disclosed by the company. The popular password management service on Thursday revealed that malicious actors obtained a trove of personal information belonging to its customers that include their encrypted password vaults using data siphoned from the break-in.

Leading sports betting company BetMGM disclosed a data breach after a threat actor stole personal information belonging to an undisclosed number of customers. "BetMGM's online operations were not compromised. BetMGM is coordinating with law enforcement and taking steps to further enhance its security."

Uber has suffered a new data breach after a threat actor leaked employee email addresses, corporate reports, and IT asset information stolen from a third-party vendor in a cybersecurity incident. Early Saturday morning, a threat actor named 'UberLeaks' began leaking data allegedly stolen from Uber and Uber Eats on a hacking forum known for publishing data breaches.

Back in August 2022, popular password manager company LastPass admitted to a data breach. LastPass insisted that the developer's account hadn't given the criminals access to any customer data, or indeed to anyone's encrypted password vaults.

The Russian scooter-sharing service Whoosh has confirmed a data breach after hackers started to sell a database containing the details of 7.2 million customers on a hacking forum. On Friday, a threat actor began selling the stolen data on a hacking forum, which allegedly contains promotion codes that can be used to access the service for free, as well as partial user identification and payment card data.

Vodafone Italia is sending customers notices of a data breach, informing that one of its commercial partners, FourB S.p. Vodafone Italia urges the recipients of the notifications to remain vigilant against incoming communications, as the risk of being targeted by phishing actors and scammers has now increased.

Incoming OpenSSL critical fix: Organizations, users, get ready!The OpenSSL Project team has announced that, on November 1, 2022, they will release OpenSSL version 3.0.7, which will fix a critical vulnerability in the popular open-source cryptographic library. Apple fixes exploited iOS, iPadOS zero-dayFor the ninth time this year, Apple has released fixes for a zero-day vulnerability exploited by attackers to compromise iPhones.