Security News

Argentinian e-commerce giant Mercado Libre has confirmed "Unauthorized access" to a part of its source code this week. Mercado additionally says data of around 300,000 of its users was accessed by threat actors.

Samsung on Monday confirmed a security breach that resulted in the exposure of internal company data, including the source code related to its Galaxy smartphones. "According to our initial analysis, the breach involves some source code relating to the operation of Galaxy devices, but does not include the personal information of our consumers or employees," the electronics giant told Bloomberg.

Popular open-source computer hardware company Adafruit Industries accidentally exposed customer data. The inadvertent disclosure involved an auditing data set used for employee training becoming public, on a GitHub repository associated with an inactive former employee's account who was learning data analysis.

The New York State Office of the Attorney General warned victims of the August 2021 T-Mobile data breach that they faced identity theft risks after some of the stolen information ended up for sale on the dark web. The alert comes after individuals impacted in the incident were notified by identity theft protection services that their info was found online, demonstrating that affected consumers are now at heightened risk for identity theft.

More than 71,000 employee credentials were stolen and leaked online following a data breach suffered by US chipmaker giant Nvidia last month. The Have I Been Pwned data breach notification service has added data belonging to 71,335 compromised accounts to its database on Wednesday.

Croatian phone carrier 'A1 Hrvatska' has disclosed a data breach exposing the personal information of 10% of its customers, roughly 200,000 people. The announcement does not provide many details other than that they suffered a cybersecurity incident involving the unauthorized access of one of their user databases, which contained sensitive personal information.

Sportswear manufacturer Puma was hit by a data breach following the ransomware attack that hit Kronos, one of its North American workforce management service providers, in December 2021. The data breach notification filed with several attorney generals' offices earlier this month says the attackers also stole personal information belonging to Puma employees and their dependents from the Kronos Private Cloud cloud environment before encrypting the data.

Report: Data breach numbers may not actually be declining, and reporting them is getting slower. A study released by Flashpoint and Risk Based Security found two startling facts: It's report of a drop in the total number of breaches is likely erroneous, and the time it takes for an organization to report.

Italian luxury fashion giant Moncler confirmed that they suffered a data breach after files were stolen by the AlphV/BlackCat ransomware operation in December and published today on the dark web. Today, in a statement shared with Bleeping Computer, Moncler confirmed that some data related to its employees, former employees, suppliers, consultants, business partners, and customers was leaked today by the AlphaV ransomware operation.

American nonprofit Goodwill has disclosed a data breach that affected the accounts of customers using its ShopGoodwill.com e-commerce auction platform. ShopGoodwill's Vice President Ryan Smith said in data breach notification letters sent to impacted individuals that some of their personal contact information was exposed due to a site vulnerability.