Security News

Private aviation services provider Solairus Aviation on Tuesday announced that some employee and customer data was compromised in a security incident at third-party vendor Avianis. In a data breach announcement on March 23, Solairus said aviation business management platform provider Avianis provided notification last December about an intrusion into Avianis' Microsoft Azure cloud platform, which hosts Solairus flight scheduling and tracking system.

Energy giant Shell has disclosed a data breach after attackers compromised the company's secure file-sharing system powered by Accellion's File Transfer Appliance. Shell disclosed the attack in a public statement published on the company's website last week and said that the incident only affected the Accellion FTA appliance used to transfer large data files securely.

Sontiq announced it has acquired data breach intelligence fintech Breach Clarity. As a result of the acquisition, Sontiq's products - IdentityForce, Cyberscout, and EZShield - all built on its tech-enabled IIS Platform, will have the proprietary capability, BreachIQ. Sontiq is the first provider in the identity security marketplace to offer consumers an AI-driven and proprietary personalized risk score with actionable next steps based on their unique data breach history.

US bank and mortgage lender Flagstar has disclosed a data breach after the Clop ransomware gang hacked their Accellion file transfer server in January. On Friday, Flagstar Bank issued a security disclosure on their website and began emailing customers about a breach of their Accellion FTA server.

Passenger data from multiple airlines around the world has been compromised after hackers breached servers belonging to SITA, a global information technology company. A SITA representative told BleepingComputer that the intrusion impacts data of passengers from the airlines listed below.

SITA, a multinational company that specializes in air transport communications and IT, this week confirmed falling victim to a cyberattack that appears to have impacted multiple airlines around the world. SITA said on Thursday that the attack, which it described as "Highly sophisticated," affected certain passenger data stored on servers of SITA Passenger Service System Inc., which operates passenger processing systems for airlines.

Malaysia Airlines sent out an email to frequent flyer program members assuring them that there's "No evidence" their personal data has been misused in the wake of a supply-chain attack via a third-party vendor. Malaysia Airlines' frequent flyer program, Enrich, was breached sometime around March 2010 - and remained exposed until June 2019, leaving thousands of members' personal data, including name, date of birth, gender, contact information, ID number, status and tier level unprotected, an email sent out to members from the company said.

Malaysia Airlines has suffered a data breach spanning nine yearsof data that exposed the personal information of members in its Enrich frequent flyer program. Starting yesterday, Malaysia Airlines began emailing members of their Enrich rewards program to disclose that they were affected by a data breach.

Oxfam Australia has confirmed a data breach after suffering a cyberattack and their donor databases put up for sale on a hacker forum in January. Last month, BleepingComputer was the first to report that a threat actor was selling a stolen Oxfam Australia database containing 1.7 million user records.

A Dutch e-Ticketing platform has suffered a data breach after a user database containing 1.9 million unique email addresses was stolen from an unsecured staging server. Ticketcounter has confirmed the data breach to both BleepingComputer and Troy Hunt of Have I Been Pwned, who spoke to the company's owner after receiving the database.