Security News

The CISO of Acronis has downplayed what appeared to be an intrusion into its systems, insisting only one customer was affected, using stolen credentials, and that all other data remains safe. Acronis security boss Kevin Reed took to LinkedIn to dispute details of the boasted intrusion.

The CISO of Swiss cybersecurity firm Acronis has acknowledged a breach of the company's systems but stated the incident only impacted a single customer and that all other data remains safe. A Thursday post [PDF] to the notorious Breached Forums leak-mart brought news of the breach.

The impact a data breach can have on individuals can be devasting; getting back to something that vaguely resembles normality is very challenging. There are obviously huge differences between individuals and organizations regarding security.

The Play ransomware gang has begun to leak data from the City of Oakland, California, that was stolen in a recent cyberattack. The initial data leak consists of a 10GB multi-part RAR archive allegedly containing confidential documents, employee information, passports, and IDs.

A carding marketplace known as BidenCash has leaked online a free database of 2,165,700 debit and credit cards in celebration of its first anniversary. According to Cyble researchers who first spotted it, the leaked information is extensive, with details on "At least 740,858 credit cards, 811,676 debit cards, and 293 charge cards."

The US Marshals Service, the enforcement branch of the nation's federal courts, has admitted to a "Major" breach of its information security defenses allowed a ransomware infection and exfiltration of "Law-enforcement sensitive information". NBC broke news of the incident, which Marshals Service spokesperson Drew Wade described as having impacted a system that "Contains law enforcement sensitive information, including returns from legal process, administrative information, and personally identifiable information pertaining to subjects of USMS investigations, third parties, and certain USMS employees."

A threat actor has posted data the alleged data stolen from American game publisher Activision in December 2022 on a hacking forum, highlighting the data's value for phishing operations. In a forum post to the Breached hacking forum, a website used by threat actors to sell and publish stolen data, the hackers claims to have stolen the data from Activision Azure database.

Scandinavian Airlines has posted a notice warning passengers that a recent multi-hour outage of its website and mobile app was caused by a cyberattack that also exposed customer data. The cyberattack caused some form of a malfunction on the airline's online system, causing passenger data to become visible to other passengers.

Atlassian suffered a data leak after threat actors used stolen employee credentials to steal data from a third-party vendor. Atlassian confirmed to BleepingComputer that the compromised data was from third-party vendor Envoy which they use for in-office functions.

Atlassian has confirmed that a breach at a third-party vendor caused a recent leak of company data and that their network and customer information is secure. As first reported by Cyberscoop, a hacking group known as SiegedSec leaked data on Telegram yesterday, claiming to be stolen from Atlassian, a collaboration software company based out of Australia.