Security News

Uber has suffered a new data breach after a threat actor leaked employee email addresses, corporate reports, and IT asset information stolen from a third-party vendor in a cybersecurity incident. Early Saturday morning, a threat actor named 'UberLeaks' began leaking data allegedly stolen from Uber and Uber Eats on a hacking forum known for publishing data breaches.

Back in August 2022, popular password manager company LastPass admitted to a data breach. LastPass insisted that the developer's account hadn't given the criminals access to any customer data, or indeed to anyone's encrypted password vaults.

The Russian scooter-sharing service Whoosh has confirmed a data breach after hackers started to sell a database containing the details of 7.2 million customers on a hacking forum. On Friday, a threat actor began selling the stolen data on a hacking forum, which allegedly contains promotion codes that can be used to access the service for free, as well as partial user identification and payment card data.

Vodafone Italia is sending customers notices of a data breach, informing that one of its commercial partners, FourB S.p. Vodafone Italia urges the recipients of the notifications to remain vigilant against incoming communications, as the risk of being targeted by phishing actors and scammers has now increased.

Incoming OpenSSL critical fix: Organizations, users, get ready!The OpenSSL Project team has announced that, on November 1, 2022, they will release OpenSSL version 3.0.7, which will fix a critical vulnerability in the popular open-source cryptographic library. Apple fixes exploited iOS, iPadOS zero-dayFor the ninth time this year, Apple has released fixes for a zero-day vulnerability exploited by attackers to compromise iPhones.

All four million customers at risk of having records of medical treatments exposed Australian health insurer Medibank's data breach was today revealed to be even worse than first thought, with a...

Australian private health insurance provider Medibank has revealed that the hack and data breach it discovered over two weeks ago has affected more customers than initially thought. According to The Guardian, Medibank is working under the assumption that all its customers have been affected, including past ones.

Medibank, Australia's largest private health provider, has confirmed that last week's "Cyber incident" has resulted in a data breach. Medibank Group took action: they engaged cyber security firms and began "Isolating and removing access to some customer-facing systems to reduce the likelihood of damage to systems or data loss."

Advocate Aurora Health, a 26-hospital healthcare system in Wisconsin and Illinois, is notifying its patients of a data breach that exposed the personal data of 3,000,000 patients. The incident was caused by the improper use of Meta Pixel on AAH's websites, where patients log in and enter sensitive personal and medical information.

Microsoft said today that some of its customers' sensitive information was exposed by a misconfigured Microsoft server accessible over the Internet. "This misconfiguration resulted in the potential for unauthenticated access to some business transaction data corresponding to interactions between Microsoft and prospective customers, such as the planning or potential implementation and provisioning of Microsoft services," the company revealed.