Data Breaches News and Analysis
Same story all over again: Microsoft research finds millions of reused passwords
The loud pleas made by the cybersecurity industry, along with the repeated examples of what happens when login credentials are reused, seemingly have fallen on deaf ears as Microsoft found more than 44 million repeated passwords just for its Azure AD and Microsoft Services Accounts. According to a newly published Microsoft Security Intelligence Report, the…
3,000 affected by Fort Worth water utility data breach
The Fort Worth, Texas Water Department is notifying about 3,000 customers that their payment information may have been exposed during a data breach. The utility reported that payments made between August 27, 2019 and October 23, 2019 were included in the breach and the content exposed included cardholder’s name, credit card billing address, credit card…
Data center provider CyrusOne hit with REvil ransomware: Report
One day after news broke that data center provider CyrusOne was reportedly hit with a combination ransomware/data breach involving the REvil (aka Sodinokibi) ransomware the company issued a statement confirming the incident. Initially, CyrusOne did not release any details, but ZDNet reported the attack took place on December 4. A screenshot of the ransom note…
Sprint contractor reportedly stored non-Sprint customers’ phone bills on open server
Hundreds of thousands of cell phone bills and other documents belonging to AT&T, Verizon and T-Mobile customers were reportedly exposed after a Sprint contractor left them sitting on an open public server. The documents had been collected and stored in the first place as part a marketing effort to persuade subscribers of rival carrier services…
Data breach more than 4X worse than first thought for Montgomery County schools
What at first looked like a single data breach affecting Montgomery County Public Schools (MCPS) in Maryland turned out to be a series of breaches that impacted thousands of more students than was originally reported. On Oct. 4, 2019, MCPS disclosed that a district student had one day earlier allegedly executed a brute-force credentials-stealing attack…
Church’s hit by cyber chicken thieves
Church’s Chicken suffered a cyberattack that penetrated the payment processing system at some of the chain’s corporate locations compromising payment card information. The company operates 941 locations across the United States, but in a statement noted only 165 of those, all owned and operated by the corporation, were impacted. Payment card numbers, names and expiration…
Cloud Infrastructure IAM Lessons from the Capital One Breach
Cloud infrastructure is the foundation of more companies than ever. As with any foundation, any crack can lead to significant damage to the infrastructure. One potential crack is a trusted identity with unnecessary and excessive privileges. A “trusted identity” is invariably associated with people — employees, contractors or other insiders. But identity in the cloud…
Data breach reportedly affects over 20M users of Mixcloud streaming service
An unauthorized party illegally accessed systems belonging to British online audio streaming service Mixcloud and is now reportedly selling the company’s user data on the dark web. Roughly 20 million to 22 million accounts were compromised in the November incident, according to multiple media organizations that were contacted by the malicious hacker late last week.…
Fin7 behind DiBella’s data breach affecting 305,000 cards
Fifteen months after DiBella’s Old Fashioned Submarines was notified by the FBI and credit card companies of a data breach the sandwich shop chain has issued a notice informing its customers of the incident. The company reported its stores in Connecticut, Indiana, Michigan, Ohio, New York and Pennsylvania may have had the information on as…
Catch NYC, Catch Steak hit with payment card skimming malware
The Catch Hospitality Group is notifying customers of its New York City restaurants of a POS malware incident that may have compromised their payment cards. Catch NYC (including Catch Roof) and Catch Steak had payment card skimming malware injected into the POS systems in use at the restaurant bars that searched for track data which…
Target files $74 million suit against Chubb over breach coverage
The Target has filed a lawsuit against Chubb with the retailer claiming the insurance carrier did not properly compensate it for costs incurred following the 2013 data breach. In the lawsuit Target said the requirement for its banks to replace its customers physical payment cards that were compromised “Constitutes ‘loss of use of tangible property…
Data breach compromises T-Mobile prepaid accounts
Wireless communications company T-Mobile has disclosed a data breach incident that impacts certain customers with pre-paid service accounts. “Our cybersecurity team discovered and shut down malicious, unauthorized access to some information related to your T-Mobile prepaid wireless account. We promptly reported this to authorities,” stated a notification that the Germany-based company posted online. Compromised information…
Unsecured server exposes 4 billion records, 1.2 billion people
Two security researchers have uncovered four billion records on 1.2 billion people on an unsecured Elasticsearch server impacting what is estimated to be hundreds of millions of people. The data itself comes from the data aggregator and enrichment companies People Data Labs (PDL) and OxyData.Io and contains basic personal information, such as names, home and…
Leaky Gekko Group database exposes info on hotel brands, travelers
European hotel booking platform provider Gekko Group mistakenly stored over 1 terabyte of information on a publicly configured server, exposing troves of data related to its hotel B2B clients, as well as travel agents and their customers. The majority of the exposed data was collected by Gekko brands Teldar Travel, which provides a booking system…
Report: GitHub repository exposes WeWork customer contracts
Data belonging to clients of shared workspace company WeWork was reportedly left exposed and accessible to the public via GitHub, while a web portal separately leaked information on prospective customers. Mossab Hussein, security researcher from Dubian-based spiderSilk, discovered the data mismanagement and reported it to Vice/Motherboard, which published a report on the findings today. The…
Stolen GateHub and EpicBot credentials spotted on hacking forum
Millions of credentials stolen from the GateHub cryptocurrency wallet service and gaming bot provider EpicBot were reportedly posted on popular hacking forum site RaidForums last month, along with other personal information. Roughly 2.2 million accounts were affected – 1,408,078 of which belong GateHub users, while 816,662 were created by EpicBot users, according to security researcher…
PayMyTab database leaked PII on diners
An exposed database belonging to PayMyTab leaked PII on customers who dined at restaurants using the mobile payment system. An anonymous third party discovered the open AWS S3 bucket and brought it to the attention of researchers at vpnMonitor through Helen Foster, a partner at the Davis Wright Tremaine law firm in Washington. “This leak…
Macys.com Magecart attack yields payment, personal info
Hackers accessed macys.com’s “Checkout” and “My Wallet” pages early last month and added malicious script to lift shoppers’ personal information, such as credit card data, then send it to a remote site. The company discovered the Oct. 7 hack on Oct. 15 when it observed “a suspicious connection” between macys.com and the remote website, the company said in…
Data breach potentially endangers Fairfax, Va. police officers
About 1,800 people, including 500 Fairfax, Va., county police department employees, had their PII possibly exposed when a USB drive carrying the information went missing. The USB drive containing the full names, birth dates and Social Security numbers for the Fairfax police officers and other employees belonged to Police Chief Cynthia McAlister, who heads the…
Extensive personal health information exposed in Solara Medical data breach
Solara Medical Supplies reported on November 13 that its system was exposed for several months earlier this year after several employees fell for a phishing scam giving access to their Office 365 accounts to an unauthorized person. The illegal access was discovered on June 28, 2019 and a further investigation found the data breach existed…
