Security News

Japanese aerospace company Kawasaki Heavy Industries on Monday warned of a security incident that may have led to unauthorized access of customer data. According to the company's data breach notification, it first discovered unauthorized parties accessing a server in Japan, from an overseas office in Thailand, on June 11, 2020.

Japanese game developer Koei Tecmo has disclosed a data breach and taken their European and American websites offline after stolen data was posted to a hacker forum. Since learning of the attack, Koei Tecmo released a data breach advisory stating that a forum on a UK subsidiary's website was compromised and the stolen data was leaked online.

The NetGalley book promotion site has suffered a data breach that allowed threat actors to access a database with members' personal information. NetGalley is a website that allows authors and publishers to promote digital review copies of their books to book advocates, influential readers, and industry professionals in the hopes that they will recommend the books to their audience.

Experts offer insights about the legal and financial hits, as well as the devastating loss of reputation, your business might suffer if it is the victim of a data breach. The consequences of a data breach involve a complex sequence of events specific to the victimized business and its responsibilities to regulators, governments, and customers.

UK energy supplier People's Energy this week started informing customers of a data breach that affected some of their personal information. In a data breach notification published on its website, the energy supplier reveals that, on December 16, it was the victim of a cyberattack in which an unauthorized party accessed one of the systems used to store member data.

Spotify has alerted users that some of their registration data was inadvertently exposed to a third-party business partner, including emails addresses, preferred display names, passwords, gender and dates of birth. "A very small subset of Spotify users was impacted by a software bug, which has now been fixed and addressed." A statement from a Spotify spokesperson to Threatpost read. "Protecting our users' privacy and maintaining their trust are top priorities at Spotify. To address this issue, we issued a password reset to impacted users. We take these obligations extremely seriously."

A phishing scam is underway that targets Ledger wallet users with fake data breach notifications used to steal cryptocurrency from recipients. Ledger is a hardware cryptocurrency wallet that allows you to store, manage, and sell cryptocurrency.

Cybersecurity professionals should brace for pandemic warfare in 2021, according to a new report from Experian. Experian's eighth annual Data Breach Industry Forecast outlines five predictions for the data breach industry.

U.S. healthcare provider AspenPointe notified patients of a data breach stemming from a September 2020 cyberattack that enabled attackers to steal protected health information and personally identifiable information. AspenPointe is a nonprofit funded by Medicaid, state, federal, and local government contracts, as well as donations, that manages 12 organizations serving over 50,000 individuals and families every.

French multinational production and distribution firm Banijay Group SAS was hit earlier this month by a DoppelPaymer ransomware attack and had sensitive information stolen by the ransomware operators during the incident. While Banijay has only shared that they have suffered a cyber-attack and that some of their data might have been compromised, the DoppelPaymer ransomware gang is claiming to be responsible.