Security News

Grocery and pharmacy chain Kroger has started informing customers and associates of a data breach involving Accellion's file transfer service FTA. The Cincinnati-based retail company operates more than 2,900 locations across 35 states and the District of Columbia, including department stores, hypermarkets, jewelry stores, supermarkets, and superstores. In a data breach notification on its website, the company says that a data security incident involving Accellion's FTA service has resulted in unauthorized access to certain Kroger data.

Supermarket giant Kroger has suffered a data breach after a service used to transfer files securely was hacked, and threat actors stole files. Yesterday, Kroger disclosed that they were the latest company to be affected by a security vulnerability in the Accellion FTA software that allowed hackers to steal data from companies utilizing the service.

Yandex - one of Europe's largest internet companies - is warning of a data breach that compromised 4,887 email accounts. The company found that a Yandex employee had been providing unauthorized access to users' mailboxes "For personal gain." This employee was one of three system administrators, who had the access privileges to provide technical support for mailboxes, said Yandex.

Russian internet and search company Yandex announced today that one of its system administrators had enabled unauthorized access to thousands of user mailboxes. The investigation revealed that the employee's actions led to the compromise of almost 5,000 Yandex email inboxes.

Antivirus solutions provider Emsisoft revealed last week that a third-party had accessed a publicly exposed database containing technical logs. The database was initially exposed on January 18, 2021, and remained so until the data breach was identified, on February 3.

Web development resources provider SitePoint has notified users of a data breach that resulted in some of their information being stolen. Based in Melbourne, Australia, and established more than two decades ago, SitePoint provides users with access to tutorials and books that can help them learn the basics of web development.

The SitePoint web professional community has disclosed a data breach after their user database was sold and eventually leaked for free on a hacker forum. This week SitePoint users told BleepingComputer that they received extortion and fake cryptocurrency giveaway emails to addresses that they state were specifically created for and only used at SitePoint.

Leading French cybersecurity company StormShield disclosed that their systems were hacked, allowing a threat actor to access the company's support ticket system and steal source code for Stormshield Network Security firewall software. StormShield is a French cybersecurity firm that develops UTM firewall devices, endpoint protection solutions, and secure file management solutions.

Stormshield, a wholly-owned subsidiary of France-based cybersecurity company Airbus CyberSecurity, has disclosed a data breach that resulted in source code and customer information getting compromised. Stormshield provides network security, endpoint security and data security solutions.

Oxfam Australia investigates a suspected data breach after a threat actor claimed to be selling their database belonging on a hacker forum. Last week, BleepingComputer learned of a threat actor claiming to be selling a database containing the Oxfam Australia contact and donor information for 1.7 million people.