Security News

Volkswagen Group of America this week revealed that approximately 3.3 million people might have been affected in a data breach that impacted both Audi of America and Volkswagen of America. "VWGoA discovered the information at issue included more sensitive personal information on or about May 24, 2021. VWGoA completed the analysis to identify which specific individuals were impacted on or about June 7, 2021," the company said in a letter to the Maine Attorney General.

McDonald's, the largest fast-food chain globally, has disclosed a data breach after hackers breached its systems and stole information belonging to customers and employees from the US, South Korea, and Taiwan. As the world's global foodservice retailer, McDonald's serves almost hundreds of millions of customers every day in more than 39,000 locations in over 100 countries, including roughly 14,000 restaurants in the US alone.

Navistar International Corporation, a US-based maker of trucks and military vehicles, says that unknown attackers have stolen data from its network following a cybersecurity incident discovered on May 20, 2021. "Upon learning of the cybersecurity threat, the Company launched an investigation and undertook immediate action in accordance with its cybersecurity response plan, including employing containment protocols to mitigate the impact of the potential threat, engaging internal and third-party information technology security and forensics experts to assess any impact on the Company's IT System, and utilizing additional security measures to help safeguard the integrity of its IT System's infrastructure and data contained therein," Navistar said.

Security and IT professionals in the Middle East are demonstrating a rising desire to secure critical applications and data, driving higher encryption adoption for newer use cases like containers and IoT platforms, as well as for email and private cloud infrastructures. Encryption adoption for private cloud infrastructure is up.

Nonprofit healthcare provider, Scripps Health in San Diego, has disclosed a data breach exposing patient information after suffering a ransomware attack last month. On Tuesday, Scripps Health released an updated report on the attack and says that threat actors stole patient data during the attack.

Canada Post has informed 44 of its large commercial customers that a ransomware attack on a third-party service provider exposed shipping information for their customers. Yesterday, Canada Post disclosed that a third-party supplier named Commport Communications suffered a ransomware attack where threat actors accessed data stored in their systems.

Japan's Ministry of Foreign Affairs and Ministry of Land, Infrastructure, Transport and Tourism this week confirmed impact from a data breach at service provider Fujitsu Limited. Earlier this week, the Japanese multinational provider of IT services and products confirmed it suffered a cyberattack resulting in unauthorized access to ProjectWEB, a tool that allows organizations to share data within and outside their environments.

Domino's India has disclosed a data breach after a threat actor hacked their systems and sold their stolen data on a hacking forum. In April 2021, a threat actor created a new topic on a hacking forum where they claimed to be selling 13 TB of stolen data, including details for 18 crores orders and 1 million credit cards, from Domino's India.

Bose Corporation has disclosed a data breach following a ransomware attack that hit the company's systems in early March. The audio maker hired external security experts to restore impacted systems after the attack and forensic experts to determine if any of its data was accessed or exfiltrated by the attackers.

India's flag carrier, Air India, has admitted it fell foul of the data breach at aviation information services provider SITA, and that its disclosure comes five weeks after it was notified of the situation. A new statement [PDF] from the airline says that personal data describing around 4.5 million of its customers leaked when SITA revealed it had been breached in March 2021.