Data Breach News, Articles and Updates

Uber FTC settlement requires 20 years of privacy audits following 2014 breach

Uber has agreed to the Federal Trade Commission that it will undergo 20 years of privacy audits after the agency said the firm "failed consumers."

Almost 5,000 The Daniel Drake Center for Post-Acute Care patient records exposed

The Daniel Drake Center (DDC) for Post-Acute Care, which is part of the University of California's health system, reported patient information was accessed and viewed by an unauthorized employee over a two-year period.

Mandiant breach hackers claim to dump FireEye data

The threat actors who two weeks ago targeted Mandiant are now claiming to have leaked FireEye documents in a second leak.

Hackers release Curb Your Enthusiasm, other HBO programming

HBO is refusing to comment on the latest programming dump that included upcoming episodes of Larry David's Curb Your Enthusiasm, Ballers, Insecure and The Deuce.

HBO hackers leak $250K 'bounty' offer, alter leaked documents

The HBO hackers released what they claim to be a letter from HBO offering a $250,000 "bounty payment" while some are accusing the hacker of altering leaked documents.

Australian Red Cross data breach caused by third-party error

An error by a third-party vendor's employee led to the massive data breach that hit the Australian Red Cross last year.

Engineer arrested for stealing data from Indian identity platform

Bangalore police arrested a software engineer for stealing sensitive information on more than 50,000 people.

OPM makes strides, falls short, GAO says

Auditors said until all of the requirements are implemented, OPM's systems are at greater risk.

HBO hackers may have made off with 1.5 TB of data

The hackers who breached HBO may have stolen more than 1.5 Terabytes of data.

UniCredit Bank's third party leads to hack on 400,000 clients

An attack on Italian bank, UniCredit, has led to the accounts of 400,000 loan customers being accessed.

Sweden transport agency slips up, leaks top secret data

The leak exposed classified databases, including those on fighter pilots, police suspects and witness relocation subjects, but the Swedish government kept it mostly under wraps.

CIA Director Pompeo says WikiLeaks will 'take down America'

CIA Director Mike Pompeo continued to expressed disdain for WikiLeaks a day after the organization published more Vault7 documents.

Chipotle data breach leads to illegal ATM withdrawal

Gainsville police said they are searching for a man whose image was captured on June 30 at the Campus USA Credit Union in Gainsville where he allegedly used the login credentials from more than 40 people whose data was taken during the Chipotle Data breach in May.

Millions of SSN across 10 states leaked in Kansas Commerce Dept. breach

The personal information of millions of job seekers across ten states was compromised when an attacker managed to exploit a vulnerability in the application code of the America's Job Link Alliance division of the Kansas Department of Commerce.

Millions of Dow Jones customer records exposed due an internal error

A misconfigured database on an Amazon S3 server may have exposed the data of between two and four million Dow Jones & Co. customers, a report on the incident stated.

Ashley Madison agrees to $11.2M settlement for 2015 data breach

Ruby Corp. and Ruby Life, the parent organizations behind the adult dating website Ashley Madison, have agreed to an $11.2 million settlement with its customers who had their private information released during a 2015 data breach.

Staffing agency employee allegedly distributes patient information illegally

The Detroit Medical Center (DMC) has alerted more than 1,500 of a data breach caused by an employee who shared personal information with unauthorized individuals.

5,300 University of Iowa Health Care records exposed for two years

Thousands of University of Iowa Health Care (UIHC) patients had some of their private information inadvertently posted for more than two years on a web application development site.

Breached companies underperform on NASDAQ, study

A recent study found breaches also temporarily hurt a company's stock market status as well.

Report: Adversary hacks dark web hosting provider, accesses its customers' data

At least 91 dark web sites suffered a breach after a malicious actor accessed their hosting provider's server and apparently managed to export files and possibly linked databases as well, BleepingComputer reported on Monday.

Attackers used template injection technique to steal credentials of power plant operators

The hackers responsible for breaching the systems of multiple U.S. energy operators since May 2017 employed a phishing scheme that used malicious attachments to download a template file via an SMB connection, in order to silently harvest credentials, according to a blog post from Cisco Talos.

Data Breach hits California Association of Realtors

A subsidiary of the California Association of Realtors suffered a data breach that exposed user information for a two-month period earlier this year.

Unencrypted PII records leaked from WWE database hosted on AWS server

Bob Dyachenko, the Kromtech security researcher who discovered the data leak of 3 million WWE fans, says it was most likely accessible thanks to a misconfiguration by either WWE or a contractor.