Security News

Audi and Volkswagen have suffered a data breach affecting 3.3 million customers after a vendor exposed unsecured data on the Internet. It is responsible for US and Canadian operations for Volkswagen, Audi, Bentley, Bugatti, Lamborghini, and VW Credit, Inc. According to data breach notifications filed with the California and Maine Attorney General's office, VWGoA disclosed that a vendor left unsecured data exposed on the Internet between August 2019 and May 2021.

Volkswagen Group of America this week revealed that approximately 3.3 million people might have been affected in a data breach that impacted both Audi of America and Volkswagen of America. "VWGoA discovered the information at issue included more sensitive personal information on or about May 24, 2021. VWGoA completed the analysis to identify which specific individuals were impacted on or about June 7, 2021," the company said in a letter to the Maine Attorney General.

McDonald's, the largest fast-food chain globally, has disclosed a data breach after hackers breached its systems and stole information belonging to customers and employees from the US, South Korea, and Taiwan. As the world's global foodservice retailer, McDonald's serves almost hundreds of millions of customers every day in more than 39,000 locations in over 100 countries, including roughly 14,000 restaurants in the US alone.

Navistar International Corporation, a US-based maker of trucks and military vehicles, says that unknown attackers have stolen data from its network following a cybersecurity incident discovered on May 20, 2021. "Upon learning of the cybersecurity threat, the Company launched an investigation and undertook immediate action in accordance with its cybersecurity response plan, including employing containment protocols to mitigate the impact of the potential threat, engaging internal and third-party information technology security and forensics experts to assess any impact on the Company's IT System, and utilizing additional security measures to help safeguard the integrity of its IT System's infrastructure and data contained therein," Navistar said.

Security and IT professionals in the Middle East are demonstrating a rising desire to secure critical applications and data, driving higher encryption adoption for newer use cases like containers and IoT platforms, as well as for email and private cloud infrastructures. Encryption adoption for private cloud infrastructure is up.

Nonprofit healthcare provider, Scripps Health in San Diego, has disclosed a data breach exposing patient information after suffering a ransomware attack last month. On Tuesday, Scripps Health released an updated report on the attack and says that threat actors stole patient data during the attack.

Canada Post has informed 44 of its large commercial customers that a ransomware attack on a third-party service provider exposed shipping information for their customers. Yesterday, Canada Post disclosed that a third-party supplier named Commport Communications suffered a ransomware attack where threat actors accessed data stored in their systems.

Japan's Ministry of Foreign Affairs and Ministry of Land, Infrastructure, Transport and Tourism this week confirmed impact from a data breach at service provider Fujitsu Limited. Earlier this week, the Japanese multinational provider of IT services and products confirmed it suffered a cyberattack resulting in unauthorized access to ProjectWEB, a tool that allows organizations to share data within and outside their environments.

Domino's India has disclosed a data breach after a threat actor hacked their systems and sold their stolen data on a hacking forum. In April 2021, a threat actor created a new topic on a hacking forum where they claimed to be selling 13 TB of stolen data, including details for 18 crores orders and 1 million credit cards, from Domino's India.

Bose Corporation has disclosed a data breach following a ransomware attack that hit the company's systems in early March. The audio maker hired external security experts to restore impacted systems after the attack and forensic experts to determine if any of its data was accessed or exfiltrated by the attackers.