Security News

Food delivery firm DoorDash has disclosed a data breach exposing customer and employee data that is linked to the recent cyberattack on Twilio. In a security advisory released Thursday afternoon, DoorDash says that a threat actor gained access to the company's internal tools using stolen credentials from a third-party vendor that had access to their systems.

The Plex media streaming platform is sending password reset notices to many of its users in response to discovering unauthorized access to one of its databases."Even though all account passwords that could have been accessed were hashed and secured in accordance with best practices, out of an abundance of caution, we are requiring all Plex accounts to have their password reset," claims Plex's notice.

Greece's largest natural gas distributor DESFA confirmed on Saturday that they suffered a limited scope data breach and IT system outage following a cyberattack. DESFA deactivated many of its online services to protect client data.

Customer engagement platform Twilio on Monday disclosed that a "Sophisticated" threat actor gained "Unauthorized access" using an SMS-based phishing campaign aimed at its staff to gain information on a "Limited number" of accounts. The social-engineering attack was bent on stealing employee credentials, the company said, calling the as-yet-unidentified adversary "Well-organized" and "Methodical in their actions." The incident came to light on August 4.

Cloud communications giant Twilio, the owner of the highly popular two-factor authentication provider Authy, says that it has so far identified 125 customers who had their data accessed during a security breach discovered last week. "We have identified approximately 125 Twilio customers whose data was accessed by malicious actors for a limited period of time, and we have notified all of them," Twilio revealed in an update to the original disclosure.

Cloud communications company Twilio has announced that some of it employees have been phished and that the attackers used the stolen credentials to gain access to some internal company systems and customer data.Apparently, Twilio employees were not the only ones targeted by these attackers.

Cloud communications company Twilio says some of its customers' data was accessed by attackers who breached internal systems after stealing employee credentials in an SMS phishing attack. "On August 4, 2022, Twilio became aware of unauthorized access to information related to a limited number of Twilio customer accounts through a sophisticated social engineering attack designed to steal employee credentials," Twilio said over the weekend.

Black Kite: Cost of data breach averages $15 million. Based on a review of 2,400 cyber incidents between 2017-2022 at 1,700 companies, cyber risk monitoring firm Black Kite concluded the average cost, excluding outliers, of a data breach today is $15 million.

The global average cost of a data breach reaches an all-time high of $4.35 millionIBM Security released the 2022 Cost of a Data Breach Report, revealing costlier and higher-impact data breaches than ever before, with the global average cost of a data breach reaching an all-time high of $4.35 million for studied organizations. Minimizing risk: Key cybersecurity-related M&A considerationsIn this Help Net Security video, Lenny Zeltser, CISO at Axonius, shares key cybersecurity-related considerations that both acquirer and acquired should keep in mind as they go through M&A. Trust in fintech security has been waveringThe growing rate of cybercrime has added to the market unrest and questioned fintech preparedness; some claimed that the industry players are more susceptible to virtual threats than traditional banking, with greater resources at their disposal.

IBM Security released the 2022 Cost of a Data Breach Report, revealing costlier and higher-impact data breaches than ever before, with the global average cost of a data breach reaching an all-time high of $4.35 million for studied organizations. Almost 80% of critical infrastructure organizations studied don't adopt zero trust strategies, seeing average breach costs rise to $5.4 million - a $1.17 million increase compared to those that do.