Security News

BlueBleed: Microsoft customer data leak claimed to be 'one of the largest' in years
2022-10-20 15:00

Microsoft has confirmed a data leak linked to a misconfigured server for a cloud storage service but is disputing the extent of the problem.In a revelation this week, Microsoft's Security Response Center said the cloud provider was notified by threat intelligence firm SOCRadar on September 24 about the misconfigured endpoint that exposed business transaction data related to interactions between Microsoft and customers.

Australian police secret agents exposed in Colombian data leak
2022-10-14 12:51

Identities of secret agents working for the Australian Federal Police have been exposed after hackers leaked documents stolen from the Colombian government. The leak comes from a hacktivist group called Guacamaya and includes more than five terabytes of classified data, including emails, documents, and methods AFP agents were using to stop drug cartels from running their business in Australia.

Toyota discloses data leak after access key exposed on GitHub
2022-10-10 17:50

Toyota Motor Corporation is warning that customers' personal information may have been exposed after an access key was publicly available on GitHub for almost five years. Toyota discovered recently that a portion of the T-Connect site source code was mistakenly published on GitHub and contained an access key to the data server that stored customer email addresses and management numbers.

No Shangri-La for you: Top hotel chain confirms data leak
2022-10-05 02:15

Hotel chain Shangri-La Group has admitted to its systems being attacked, and personal data describing guests accessed by unknown parties, over a timeframe that includes the dates on which a high-level international defence conference was staged at one of its Singapore properties. "Shangri-La Group recently discovered unauthorized activities on our IT network," states a notice from the chain that goes on to reveal that "Between May and July 2022, a sophisticated threat actor managed to bypass Shangri-La's IT security monitoring systems undetected, and illegally accessed. guest databases".

IRS data leak exposes personal info of 120,000 taxpayers
2022-09-03 20:39

On Friday, the IRS disclosed that in addition to sharing Form 990-T data for charities, they also accidentally included data for taxpayers' IRAs that was not meant to be public. "The IRS recently discovered that some machine-readable Form 990-T data made available for bulk download section on the Tax Exempt Organization Search should not have been made public," the IRS disclosed on Friday.

BreachForums booms on the back of billion-record Chinese data leak
2022-07-29 07:05

The popularity of stolen data bazaar BreachForums surged after it was used to sell a giant database of stolen information describing Chinese citizens, threat intelligence firm Cybersixgill said on Thursday. The number of leaks posted on BreachForums increased - from an average of 14 a month to 52 per month - following the posting of the infamous billion-record Shanghai National Police database in early July, reported Cybersixgill.

Walmart-controlled flight booking service suffers substantial data leak
2022-07-19 11:15

An Indian flight booking website majority-owned by US retail colossus Walmart has experienced a data breach, but is saying very little about what happened or the risks to customers. Cleartrip would you mind telling us when the breach happened? pic.

Alibaba execs hauled in to discuss Shanghai Police data leak
2022-07-18 01:15

Senior execs from Alibaba Cloud were summoned to discuss the data leak that saw information pertaining to a billion Chinese citizens sold on the dark web, according to Nikkei and The Wall Street Journal. The Shanghai Police leak is believed to be the biggest data breach ever.

Bandai Namco confirms hack after ALPHV ransomware data leak threat
2022-07-13 20:50

Game publishing giant Bandai Namco has confirmed that they suffered a cyberattack that may have resulted in the theft of customers' personal data. This past Monday, the BlackCat ransomware operation claimed to have breached Bandai Namco and stolen corporate data during the attack.

Microsoft 365 now prevents data leaks with new session timeouts
2022-06-28 20:10

Microsoft announced today the general availability of tenant-wide idle session timeout for Microsoft 365 web apps to protect confidential data on shared or non-company devices left unattended. After an IT admin such as a Microsoft 365 or Office 365 global admin enables this new feature, users who have reached the configured period of inactivity will be notified that they're going to be automatically signed out.