Data Breaches News and Analysis
LeBron James among the 1st stars to have their stolen law firm files put up for auction
The Sodinokibi/REvil ransomware gang has apparently made good on its threat to auction off files it lifted from celebrity law firm Grubman Shire Meiselas & Sacks. The group on July 1 reportedly placed legal documents corresponding to Nicki Minaj, Mariah Carey and LeBron James up for bid, with the starting price set at $600,000 per…
NetWalker ransomware group claims attack on Fort Worth transportation agency
Another Texas-based government institution may have fallen victim to ransomware actors. According to a reliable source, the cybercriminals behind the malicious encryptor NetWalker have published online evidence of an attack on Trinity Metro, a transit agency that operates bus and commuter rail transportation services in Fort Worth and its nearby Tarrant County suburbs. Trinity Metro…
Eight cities using Click2Gov targeted in Magecart skimming attacks
Since April 10, eight cities in three states using the Click2Gov web-based platform to collect payments for services have been hit with Magecart card-skimming attacks that still appear active. Credit card information including card number, expiration date and CVV, as well as personal information such as name and contact address, were being exfiltrated from the…
UCSF paid $1.4 million ransom in NetWalker attack
The University of California, San Francisco (UCSF) ponied up $1.4 million to hackers to retrieve data encrypted during a NetWalker ransomware attack disclosed in early June. “The data that was encrypted is important to some of the academic work we pursue as a university serving the public good,” according to a statement from UCSF, which said…
OneClass unsecured S3 bucket exposes PII on more than one million students, instructors
An unsecured database belonging remote learning platform OneClass has exposed information associated with more than a million students in North America who use the platform to access study guides and educational assistance. “By not securing its users’ data, OneClass has created a goldmine for criminal hackers, jeopardizing the privacy and security of over a million…
Frost & Sullivan employee, customer data for sale on dark web
A group is hawking records of more than 12,000 Frost & Sullivan’s employees and customers on a hacker folder. “The breach occurred to a misconfigured backup directory on one of Frost and Sullivan public-facing servers,” Cyble CEO Beenu Arora said in a BleepingComputer report. “The backup directory had its employees and customers records, along with…
Twitter ‘incident’ leaves billing info stored in browser cache
A “data security incident” at Twitter caused billing information for companies using the social media company’s advertising and analytics platform to be stored in the browser’s cache. While Twitter doesn’t believe the information – including the last four digits off credit card numbers, email addresses and phone numbers – has been compromised it can’t rule…
BlueLeaks files expose data from law enforcement, fusion centers
As protesters continue to take to the streets to demand racial justice and police reform in the wake of George Floyd’s death, the activist group DDoSecrets published data on a searchable portal that it says was nicked from more than 200 law enforcement agencies and fusion centers in the U.S. The BlueLeaks files – more…
Equifax CISO Farshchi: Transparency, focus on behavior transformed security, culture
When Jamil Farshchi takes the stage this morning at InfoSec World 2020 to deliver the keynote “Leaders Needed: Preventing the Next Big Breach,” no one would doubt the Equifax CISO knows from whence he speaks. After all, he joined the credit monitoring company after a devastating breach reported in 2017 exposed information on tens of…
Magecart skimmed from Claires.com for nearly two months
International retailer Claire’s, whose fashion accessories are popular with tweens and teenagers, was hit with a Magecart scheme that skimmed PPI, including credit card data, for nearly two months. Discovered by researchers at security firm Sansec, the malware injection began on April 20 and stopped on June 13. The skimming began on March 20, the…
Nintendo Switch hack nearly twice as bad as first reported
Crisis communications experts always advise victims to not provide an initial estimate of impacted households or users because the number is always far greater. Such is the case with Nintendo, which admitted Tuesday that 300,000 of the Nintendo Switch accounts were hacked, not the 160,000 initially reported in April. Nintendo revised the impacted accounts in…
NASA cyber incidents up 366 percent, cybersecurity budget down $3.1M
That the DopplePaymer ransomware gang claimed to breach NASA contractor DMI shouldn’t come as any surprise, considering that the space agency – and potentially by extension any organization in its orbit – is a frequent target of cyberattacks. Atlas VPN found that cyber incidents at NASA increased by 366 percent in 2019 to 1,468 incidents,…
CPA Canada breach put 329,000 accounting pros at risk
A breach at Charter Professional Accountants of Canada (CPA Canada) by an unauthorized third party exposed the personal information of 329,000 individuals. “329,000 professionals are now at risk of sustained attacks, and therefore their clients are at risk,” said Colin Bastable, CEO of Lucy Security. “Accounting firms’ numbers of clients can range from the tens to…
San Francisco benefits program breach exposes PII on 74,000
A breach of the San Francisco Employees’ Retirement System (SFERS) may have exposed the information of 74,000 members, including names, addresses, birth dates, banking and IRS data as well as details on beneficiaries. An unauthorized third party on February 24 accessed a database that a SFERS vendor, 10up Inc., was using in a test environment,…
Amtrak breach impacts unknown number of Guest Rewards accounts
Amtrak has alerted an unknown number of Guest Rewards customers it suffered a data breach at the hands of an unknown third party that gained unauthorized access to certain accounts. A notification letter signed by Vicky Radke, Amtrak’s senior director of Guest Rewards, and posted by the offices of the California and Vermont attorneys-general, informs impacted individuals that compromised…
Shiny Hunters’ latest hit: Minted among 73.1M records offered
More details have emerged about hacker group “Shiny Hunters’” prey this past month of more than 11 website victims, including Minted, a marketplace of independent illustrators and designers offering consumers items such as custom greeting cards. BleepingCompany reported that the Shiny Hunters is flooding the dark web with a combined total of 73.1 million user…
Test platform leaks Bank of America clients’ Covid-19 PPP loan applications
Bank of America has disclosed that it briefly exposed certain business clients’ Paycheck Protection Program (PPP) applications to outside parties after uploading the documents onto a test platform. The incident bears similarities to the recent news of at least states mistakenly exposing application information related to the Pandemic Unemployment Assistance (PUA) program. Both the PPP…
26M LiveJournal bloggers’ credentials a hit on dark web six years later
Six years after blogging platform LiveJournal was hacked, the credentials of some 26 million users are being sold and traded on multiple hacker forums and the dark market. Complicating the breach’s fallout, the database’s old and/or unique passwords have allowed bad actors to launch targeted sextortion email campaigns. Another blogging platform, Dreamwidth, says it’s withstood…
Arbonne breach of 3,500+ Calif. residents’ PII could test privacy law
The exposure of the PII of more than 3,500 California residents in the database of international multi-level marketing firm Arbonne following a breach on April 23 offers a glimpse into whether the state will enforce its new privacy statute that went into effect in January. Almost half of a four-page information sheet from Arbonne describing…
Mathway breach latest caper for Shiny Hunters
While the Mathway breach in which 25 million email addresses and salted passwords were reportedly stolen didn’t hit the news until late last week, a recent statement by the company says that after receiving a tip, Mathway retained a leading data security firm to investigate and by May 15 confirmed that the company had been…
