Security News

LockBit brags: We'll leak thousands of SpaceX blueprints stolen from supplier
2023-03-13 23:40

Ransomware gang Lockbit has boasted it broke into Maximum Industries, which makes parts for SpaceX, and stole 3,000 proprietary schematics developed by Elon Musk's rocketeers. The prolific cybercrime crew also mocked the SpaceX supremo, and threatened to leak or sell on the blueprints from March 20 if the gang's demands to pay up aren't met.

Acronis downplays intrusion after 12GB trove leaks online
2023-03-10 03:45

The CISO of Acronis has downplayed what appeared to be an intrusion into its systems, insisting only one customer was affected, using stolen credentials, and that all other data remains safe. Acronis security boss Kevin Reed took to LinkedIn to dispute details of the boasted intrusion.

Acronis downplays intrusion after 12GB trove leaks online
2023-03-10 03:45

The CISO of Swiss cybersecurity firm Acronis has acknowledged a breach of the company's systems but stated the incident only impacted a single customer and that all other data remains safe. A Thursday post [PDF] to the notorious Breached Forums leak-mart brought news of the breach.

Preventing corporate data breaches starts with remembering that leaks have real victims
2023-03-07 05:30

The impact a data breach can have on individuals can be devasting; getting back to something that vaguely resembles normality is very challenging. There are obviously huge differences between individuals and organizations regarding security.

Ransomware gang leaks data stolen from City of Oakland
2023-03-04 20:47

The Play ransomware gang has begun to leak data from the City of Oakland, California, that was stolen in a recent cyberattack. The initial data leak consists of a 10GB multi-part RAR archive allegedly containing confidential documents, employee information, passports, and IDs.

BidenCash market leaks over 2 million stolen credit cards for free
2023-03-03 20:16

A carding marketplace known as BidenCash has leaked online a free database of 2,165,700 debit and credit cards in celebration of its first anniversary. According to Cyble researchers who first spotted it, the leaked information is extensive, with details on "At least 740,858 credit cards, 811,676 debit cards, and 293 charge cards."

US Marshals Service leaks ‘law enforcement sensitive information’ in ransomware incident
2023-02-28 06:59

The US Marshals Service, the enforcement branch of the nation's federal courts, has admitted to a "Major" breach of its information security defenses allowed a ransomware infection and exfiltration of "Law-enforcement sensitive information". NBC broke news of the incident, which Marshals Service spokesperson Drew Wade described as having impacted a system that "Contains law enforcement sensitive information, including returns from legal process, administrative information, and personally identifiable information pertaining to subjects of USMS investigations, third parties, and certain USMS employees."

Hacker leaks alleged Activision employee data on cybercrime forum
2023-02-27 17:08

A threat actor has posted data the alleged data stolen from American game publisher Activision in December 2022 on a hacking forum, highlighting the data's value for phishing operations. In a forum post to the Breached hacking forum, a website used by threat actors to sell and publish stolen data, the hackers claims to have stolen the data from Activision Azure database.

Scandinavian Airlines says cyberattack caused passenger data leak
2023-02-16 20:32

Scandinavian Airlines has posted a notice warning passengers that a recent multi-hour outage of its website and mobile app was caused by a cyberattack that also exposed customer data. The cyberattack caused some form of a malfunction on the airline's online system, causing passenger data to become visible to other passengers.

Atlassian data leak caused by stolen employee credentials
2023-02-16 17:41

Atlassian suffered a data leak after threat actors used stolen employee credentials to steal data from a third-party vendor. Atlassian confirmed to BleepingComputer that the compromised data was from third-party vendor Envoy which they use for in-office functions.