Data Breach News, Articles and Updates

Uber hid massive hack compromising data of 57M for a year

The information stolen in October 2016 included names, phone numbers and email addresses of the company's customers.

Misconfigured Amazon S3 server leaks Australian Broadcasting Corporation

As misconfigured Amazon servers continue to leak sensitive data, Australian Broadcasting Corporation (ABC) is the latest culprit of administrators not properly securing their cloud servers.

Forever 21 reports data breach, failed to turn on POS encryption

The clothing retailer Forever 21 reported today that some of its payment card systems had been breached when the installed encryption was not activated.

Maine IT Office leaks foster child data

The Maine Office of Information Technology is notifying approximately 2,100 foster parents that their personal data was briefly exposed on a third party site.

Equifax's net income down dramatically post data breach

Equifax was financially punished for the breach that allowed the personal data of 145.5 million of its customers to be compromised.

Former Yahoo Chief Executive Mayer testified before Congress, blamed Russia

Former Yahoo Chief Executive Marissa Mayer apologized on Wednesday for the two massive data breaches at Yahoo

2.7M Verticalscope credentials compromised

The Canadian web forum manager Verticalscope has again been hacked with 2.7 million user accounts being affected this time.

Celebgate 3.0? WWE stars Paige and Jojo nudes leaked

WWE diva Paige has once again had her intimate photos leaked just a few weeks after a third man plead guilty for hacking into celebrity accounts.

Another misconfigured Amazon S3 server leaks data of 50,000 Australian employees

Another misconfigured Amazon server has resulted in the exposure of 50,000 Australian Employees that were left unsecure by a third-party contractor.

Hilton to pay $700,000 in data breach settlement with New York, Vermont

Hilton hotels has reached a $700,000 joint settlement with the New York Attorney General's office for a pair of data breaches that were discovered in 2015, including one that exposed more than 350,000 credit card numbers.

Equifax board picks former Broadcom exec for tech committee

Scott McGregor's resume includes stints at Philips Semiconductor, Santa Cruz Operation Inc., Digital Equipment Corporation, Xerox PARC and Microsoft.

University of Iowa student arrested, charged with hacking school system to change grades

Former University of Iowa student Trevor Graves was arrested last week and charged in the U.S. District Court, Southern District of Iowa with hacking into the school's system to change grades.

T-Mobile API bug may have leaked customer account data

A bug within T-Mobile's API may have allowed attackers to access customer data that can be used to carry out phishing attacks or worse.

Password reuse results in Coinhive DNS Server used to mine Monero

Password reuse resulted in an unknown hacker taking over Coinhive's DNS server and replacing it with a JavaScript in-browser Monero cryptominer.

Tarte Cosmetics breach exposes nearly 2 million customers

Make-up company Tarte Cosmetics exposed the personal information of nearly two million online customers after two of its online MongoDB databases were reportedly misconfigured for public access.

UK to open second investigation into Equifax breach

The UK Financial Conduct Authority (FCA) has opened an investigation into the massive Equifax data breach that exposed almost 700,000 British citizens and 145.5 million worldwide.

Panama Papers-style leak may follow breach of offshore law firm Appleby

An offshore law firm representing wealthy clientele suffered a data breach earlier this year that reportedly is preparing for its sensitive financial information to be publicly leaked, in an incident similar to the 2015 Panama Papers case.

Dark Overlord threatens to release plastic surgery images of royals, celebrities

The Dark Overlord cybergang has at least temporarily moved away from attacking school districts and has turned back to threatening to release celebrity private information by hacking a London, UK plastic surgery firm.

Dept. of Education warns districts over extortion cyberattacks

The U.S. Department of Education issued a belated warning to the nation's school districts concerning cyberattacks that use threats of violence against students in an attempt to extort money from the district.

Spammed in 30 minutes or less: Domino's Australia warns of email campaign, third-party breach

Domino's Pizza Australia has disclosed that a data breach at one of its third-party suppliers may have resulted in a spam campaign aimed at customers of the restaurant and food delivery chain.

We Heart It breached, 8 million affected

The online image sharing website We Heart It told its members late last week that more than 8 million of its accounts were compromised in a data breach that took place four years ago.

Microsoft secret vulnerabilities database breached in 2013

The database was populated with information on critical flaws, many of those unfixed, in the company's software that were of great value to hackers.

Delayed delivery? Pizza Hut waits two weeks to disclose payment card data breach

Any way you slice it, it's not great news for Pizza Hut customers who learned on Saturday that their personal data was stolen during an Oct. 1-2 breach of the Italian food chain's website.

ShopRite Kingston, N.Y. pharmacy customers data exposed

ShopRite supermarket customers who patronized the chain's store in Kingston, N.Y. may have had their payment card and some health information compromised when the store improperly discarded an electronic signature device used in the store's pharmacy.

IRS suspends Equifax contract

In the aftermath of a massive breach at Equifax that exposed the data of 145.5 million American consumers, an independent security researcher reported the possibility of a second incident, prompting the company to takedown a webpage.

Equifax takes down consumer webpage to probe possible second breach

Security Analyst Randy Abrams discovered evidence of a second breach, just a month after the company said the data on 145.5 million U.S. consumers had been exposed when attackers exploited a vulnerability in Apache Struts.