Data Breaches News and Analysis
26M LiveJournal bloggers’ credentials a hit on dark web six years later
Six years after blogging platform LiveJournal was hacked, the credentials of some 26 million users are being sold and traded on multiple hacker forums and the dark market. Complicating the breach’s fallout, the database’s old and/or unique passwords have allowed bad actors to launch targeted sextortion email campaigns. Another blogging platform, Dreamwidth, says it’s withstood…
Arbonne breach of 3,500+ Calif. residents’ PII could test privacy law
The exposure of the PII of more than 3,500 California residents in the database of international multi-level marketing firm Arbonne following a breach on April 23 offers a glimpse into whether the state will enforce its new privacy statute that went into effect in January. Almost half of a four-page information sheet from Arbonne describing…
Mathway breach latest caper for Shiny Hunters
While the Mathway breach in which 25 million email addresses and salted passwords were reportedly stolen didn’t hit the news until late last week, a recent statement by the company says that after receiving a tip, Mathway retained a leading data security firm to investigate and by May 15 confirmed that the company had been…
Malicious actor holds at least 31 stolen SQL databases for ransom
A malicious cyber actor or hacking collective has reportedly been sweeping the internet for online stores’ unsecured SQL databases, copying their contents, and threatening to publish the information if the rightful owners don’t pay up. The perpetrator has stolen the copied versions of at least 31 SQL databases, which have been put up for sale…
Home Chef confirms data breach after eight million records sold on dark web
The recent breach of Home Chef, confirmed this week, after malicious actor Shiny Hunters sold eight million of its records on the dark web underscores the looming security challenge of managing employees who access business data from outside the confines of the secure network. “With increased BYOD and remote work, acceptable usage policy enforcement is…
Six need-to-know takeaways from the Verizon breach report
Phishing attacks and stolen credentials have become attackers’ most popular avenues of network compromise, and employee errors are helping pave the way according to Verizon’s newly released 2020 Data Breach Investigations Report (DBIR). Verizon researchers analyzed 157,525 known “incidents” (defined as a security event that results in the compromise of an information asset) and 3,950…
British airline easyJet breached, data of 9 million customers compromised
An attack against British airline easyJet by “a highly sophisticated source” accessed the email addresses and travel details of approximately nine million customers, including credit card details of 2,208 customers. The company did not reveal when it learned of the attack or what a forensic investigation revealed, nor did it specify the breach date. Although the…
22 million emails found in mystery open database
An otherwise unremarkable find of an open Elasticsearch database containing millions of records became a Sherlock Holmes mystery as researchers cannot figure out the database’s origins. Security researcher Troy Hunt, of Have I Been Pwned, was informed in February about an open database he has named db8151dd containing 90GB of data containing 22.8 million emails.…
Magellan Health warns ransomware attack exposed PII
Magellan Health is warning customers that an April 11 ransomware attack may have affected their personal information. A Mandiant investigation determined an “unauthorized actor gained access to Magellan’s systems after sending a phishing email on April 6” impersonating one of the company’s clients, the company said in a notice from Magellan Senior Vice President and…
Ransomware attack prompts Texas courts to disable websites, servers
A ransomware attack on Texas courts discovered “during the overnight hours” last Thursday night forced the Office of Court Administration (OCA) to disable websites and servers. Noting that “at this time, there is no indication that sensitive information, including personal information, was compromised,” the OCA said in a release that it “was able to catch the…
Pitney Bowes hit with second ransomware attack
For the second time in a seven-month span, Pitney Bowes has been hit by a ransomware attack, but cyber experts and financial analysts cautioned against rashly judging the company’s security practices – or assuming fiscal doom – with some suggesting that lessons learned from the first attack may have limited the damage of the most…
WeLeakData hack reveals hackers’ private messages
A month after hacker forum WeLeakData.com was shuttered, the content of its database, including hackers’ private messages, is for sale on the dark web. Noting claims that the FBI seized the forum, resulting in its closure, are unsupported, researchers at Cyble who identified and verified the database leak said, “After a brief time of being…
REvil hackers extort law firm with Lady Gaga, Nicki Minaj, Elton John as clients
Cyberattackers have breached a high-profile entertainment and media law firm, infecting the practice with ransomware and stealing files that apparently pertain to its star clients, including Lady Gaga, Madonna, Elton John, Barbara Streisand, Bruce Springsteen, Mariah Carey and Mary J. Blige. A cyber analyst who requested anonymity provided SC Media with content posted on the…
‘Shiny Hunters’ bursts onto dark web scene following breaches, Microsoft data theft claims
A malicious actor known as Shiny Hunters has emerged as a serious dark web player following a spate of high-profile breaches, and now the hacker or hackers is claiming to have stolen data from Microsoft’s private GitHub repositories and is threatening to release the code for free. According to researchers from ZeroFOX Alpha Team, Shiny…
No reprieve for health care orgs as ransomware hits hospital operator, plastic surgeons
If there was any lingering hope that cybercriminals would show mercy on health care providers during the COVID-19 crisis — as some claimed they would do — that pipe dream evaporated with the news that various ransomware groups attacked Fresenius, Europe’s largest private hospital operator, as well as a pair of U.S.-based plastic surgery clinics.…
Roblox hacker enabled by insider threats; expert offers tips to curb rogue employees
A hacker reportedly used both bribery and social engineering to gain unauthorized access to a customer support system operated by the popular video game Roblox — illustrating why companies must be on the lookout for employees who fit the mold of an insider threat. The unnamed hacker told Motherboard that they paid one insider to…
GoDaddy takes seven months to discover data breach
Cybersecurity pros are coming down hard on GoDaddy after the domain registry company reported that an outsider had accessed customer login credentials possibly affecting all 19 million company accounts. GoDaddy informed its customers on May 4 of the breach saying an unauthorized individual accessed the login credentials used to connect to SSH on the hosting…
ExecuPharm employee info compromised following reported ransomware attack
ExecuPharm, a provider of pharmaceutical clinical research support services, has suffered a data security incident that has reportedly been identified as a CLOP ransomware attack, coupled with a corresponding data leak. Security experts have expressed concern that cybercriminals will target health care organizations at a time when their services may be needed to help respond…
Nintendo confirms 160,000 user accounts hacked
Nintendo has confirmed 160,000 user accounts have been accessed exposing a limited amount of PII and possibly access to Nintendo store accounts. The gaming company reported that starting in early April accounts were accessed through the Nintendo Network ID (NNID), which is primarily used for Switch gaming, Nintendo online store accounts and grants access to…
Paay open database exposes 2.5M transactions, challenges PCI compliance
The start-up payment processing firm Paay that promotes itself as providing extra security to online transactions called that claim into question when it misconfigured a payment card database, exposing 2.5 million credit card transactions and raising concerns over PCI compliance. New York-based Paay was exposed by security researcher Anurag Sen who found transaction information that…
