Security News

Spotify has alerted users that some of their registration data was inadvertently exposed to a third-party business partner, including emails addresses, preferred display names, passwords, gender and dates of birth. "A very small subset of Spotify users was impacted by a software bug, which has now been fixed and addressed." A statement from a Spotify spokesperson to Threatpost read. "Protecting our users' privacy and maintaining their trust are top priorities at Spotify. To address this issue, we issued a password reset to impacted users. We take these obligations extremely seriously."

A phishing scam is underway that targets Ledger wallet users with fake data breach notifications used to steal cryptocurrency from recipients. Ledger is a hardware cryptocurrency wallet that allows you to store, manage, and sell cryptocurrency.

Cybersecurity professionals should brace for pandemic warfare in 2021, according to a new report from Experian. Experian's eighth annual Data Breach Industry Forecast outlines five predictions for the data breach industry.

U.S. healthcare provider AspenPointe notified patients of a data breach stemming from a September 2020 cyberattack that enabled attackers to steal protected health information and personally identifiable information. AspenPointe is a nonprofit funded by Medicaid, state, federal, and local government contracts, as well as donations, that manages 12 organizations serving over 50,000 individuals and families every.

French multinational production and distribution firm Banijay Group SAS was hit earlier this month by a DoppelPaymer ransomware attack and had sensitive information stolen by the ransomware operators during the incident. While Banijay has only shared that they have suffered a cyber-attack and that some of their data might have been compromised, the DoppelPaymer ransomware gang is claiming to be responsible.

Specialty networking solutions provider Belden on Tuesday disclosed a data breach resulting in the theft of employee and business information. The company said the incident involved "Unauthorized access and copying of some current and former employee data, as well as limited company information regarding some business partners."

Home Depot has agreed to shell out $17.5 million under a settlement with the attorney generals of 46 states and the District of Columbia over the massive data breach suffered by the home improvement retailer in 2014, when cybercriminals managed to steal email addresses and payment card data belonging to more than 40 million customers in the United States. Consistent with previous state data breach settlements, undergo a post settlement information security assessment which in part will evaluate its implementation of the agreed upon information security program.

Public health officials in Delaware on Sunday disclosed that the personal information of thousands of people who were tested for the coronavirus this summer was mistakenly shared with an unauthorized individual. The state's Division of Public Health said the data breach happened when a temporary staff member sent two unencrypted emails in August that included files with the test results, names, dates of birth and phone numbers of 10,000 people.

Japanese game giant Capcom has announced a data breach after confirming that attackers stole sensitive customer and employee information during a recent ransomware attack. On November 2nd, 2020, Capcom was hit with a cyberattack that led to them shutting down portions of their network to halt the infection's spread. It was soon learned that the Ragnar Locker ransomware operation caused Capcom's cyberattack after a security researcher found a sample of the malware used in their attack.

Ticketmaster's UK division has been slapped with a $1.65 million fine by the Information Commissioner's Office in the UK, over its 2018 data breach that impacted 9.4 million customers. The breach affected international customers who purchased, or attempted to purchase, event tickets between September 2017 and late June 2018; while UK users were impacted between February and June 2018.