Security News

The denial follows alleged reports of a hack that surfaced on the Breach Forums message board on September 3, with the threat actor noting that the server holds 2.05 billion records in a humongous 790GB database. "Who would have thought that TikTok would decide to store all their internal backend source code on one Alibaba Cloud instance using a trashy password?," the hacking group known as BlueHornet tweeted over the weekend.

South Korean chaebol Samsung on Friday said it experienced a cybersecurity incident that resulted in the unauthorized access of some customer information, the second time this year it has reported such a breach. "In late July 2022, an unauthorized third-party acquired information from some of Samsung's U.S. systems," the company disclosed in a notice.

Electronics giant Samsung has confirmed a new data breach today after some of its U.S. systems were hacked to steal customer data. Samsung later discovered on August 4 that customer personal information was accessed and exfiltrated out of its network.

Russian media streaming platform 'START' has confirmed rumors of a data breach impacting millions of users. Even though a global reset isn't enforced by START, it is recommended that all users change their passwords.

Food delivery firm DoorDash has disclosed a data breach exposing customer and employee data that is linked to the recent cyberattack on Twilio. DoorDash previously suffered a data breach in 2019 that exposed the data of nearly 5 million customers.

Food delivery firm DoorDash has disclosed a data breach exposing customer and employee data that is linked to the recent cyberattack on Twilio. In a security advisory released Thursday afternoon, DoorDash says that a threat actor gained access to the company's internal tools using stolen credentials from a third-party vendor that had access to their systems.

The Plex media streaming platform is sending password reset notices to many of its users in response to discovering unauthorized access to one of its databases."Even though all account passwords that could have been accessed were hashed and secured in accordance with best practices, out of an abundance of caution, we are requiring all Plex accounts to have their password reset," claims Plex's notice.

Greece's largest natural gas distributor DESFA confirmed on Saturday that they suffered a limited scope data breach and IT system outage following a cyberattack. DESFA deactivated many of its online services to protect client data.

Customer engagement platform Twilio on Monday disclosed that a "Sophisticated" threat actor gained "Unauthorized access" using an SMS-based phishing campaign aimed at its staff to gain information on a "Limited number" of accounts. The social-engineering attack was bent on stealing employee credentials, the company said, calling the as-yet-unidentified adversary "Well-organized" and "Methodical in their actions." The incident came to light on August 4.

Cloud communications giant Twilio, the owner of the highly popular two-factor authentication provider Authy, says that it has so far identified 125 customers who had their data accessed during a security breach discovered last week. "We have identified approximately 125 Twilio customers whose data was accessed by malicious actors for a limited period of time, and we have notified all of them," Twilio revealed in an update to the original disclosure.