Data Breach news and analysis | SC Media

Data Breaches News and Analysis

NetWalker ransomware group claims attack on Fort Worth transportation agency

Another Texas-based government institution may have fallen victim to ransomware actors. According to a reliable source, the cybercriminals behind the malicious encryptor NetWalker have published online evidence of an attack on Trinity Metro, a transit agency that operates bus and commuter rail transportation services in Fort Worth and its nearby Tarrant County suburbs. Trinity Metro…

Eight cities using Click2Gov targeted in Magecart skimming attacks

Since April 10, eight cities in three states using the Click2Gov web-based platform to collect payments for services have been hit with Magecart card-skimming attacks that still appear active. Credit card information including card number, expiration date and CVV, as well as personal information such as name and contact address, were being exfiltrated from the…

UCSF paid $1.4 million ransom in NetWalker attack

The University of California, San Francisco (UCSF) ponied up $1.4 million to hackers to retrieve data encrypted during a NetWalker ransomware attack disclosed in early June.  “The data that was encrypted is important to some of the academic work we pursue as a university serving the public good,” according to a  statement from UCSF, which said…

OneClass unsecured S3 bucket exposes PII on more than one million students, instructors

An unsecured database belonging remote learning platform OneClass has exposed information associated with more than a million students in North America who use the platform to access study guides and educational assistance. “By not securing its users’ data, OneClass has created a goldmine for criminal hackers, jeopardizing the privacy and security of over a million…

Frost & Sullivan employee, customer data for sale on dark web

A group is hawking records of more than 12,000 Frost & Sullivan’s employees and customers on a hacker folder. “The breach occurred to a misconfigured backup directory on one of Frost and Sullivan public-facing servers,” Cyble CEO Beenu Arora said in a BleepingComputer report. “The backup directory had its employees and customers records, along with…

Twitter ‘incident’ leaves billing info stored in browser cache

A “data security incident” at Twitter caused billing information for companies using the social media company’s advertising and analytics platform to be stored in the browser’s cache. While Twitter doesn’t believe the information – including the last four digits off credit card numbers, email addresses and phone numbers – has been compromised it can’t rule…

Magecart skimmed from Claires.com for nearly two months

International retailer Claire’s, whose fashion accessories are popular with tweens and teenagers, was hit with a Magecart scheme that skimmed PPI, including credit card data, for nearly two months. Discovered by researchers at security firm Sansec, the malware injection began on April 20 and stopped on June 13. The skimming began on March 20, the…

Nintendo Switch hack nearly twice as bad as first reported

Crisis communications experts always advise victims to not provide an initial estimate of impacted households or users because the number is always far greater. Such is the case with Nintendo, which admitted Tuesday that 300,000 of the Nintendo Switch accounts were hacked, not the 160,000 initially reported in April. Nintendo revised the impacted accounts in…

CPA Canada breach put 329,000 accounting pros at risk

A breach at Charter Professional Accountants of Canada (CPA Canada) by an unauthorized third party exposed the personal information of 329,000 individuals. “329,000 professionals are now at risk of sustained attacks, and therefore their clients are at risk,” said Colin Bastable, CEO of Lucy Security. “Accounting firms’ numbers of clients can range from the tens to…

San Francisco benefits program breach exposes PII on 74,000

A breach of the San Francisco Employees’ Retirement System (SFERS) may have exposed the information of 74,000 members, including names, addresses, birth dates, banking and IRS data as well as details on beneficiaries. An unauthorized third party on February 24 accessed a database that a SFERS vendor, 10up Inc., was using in a test environment,…

Amtrak breach impacts unknown number of Guest Rewards accounts

Amtrak has alerted an unknown number of Guest Rewards customers it suffered a data breach at the hands of an unknown third party that gained unauthorized access to certain accounts. A notification letter signed by Vicky Radke, Amtrak’s senior director of Guest Rewards, and posted by the offices of the California and Vermont attorneys-general, informs impacted individuals that compromised…

Shiny Hunters’ latest hit: Minted among 73.1M records offered

More details have emerged about hacker group “Shiny Hunters’” prey this past month of more than 11 website victims, including Minted, a marketplace of independent illustrators and designers offering consumers items such as custom greeting cards. BleepingCompany reported that the Shiny Hunters is flooding the dark web with a combined total of 73.1 million user…

Test platform leaks Bank of America clients’ Covid-19 PPP loan applications

Bank of America has disclosed that it briefly exposed certain business clients’ Paycheck Protection Program (PPP) applications to outside parties after uploading the documents onto a test platform. The incident bears similarities to the recent news of at least states mistakenly exposing application information related to the Pandemic Unemployment Assistance (PUA) program. Both the PPP…
2 minutes on: Keeping the chill off journalism

26M LiveJournal bloggers’ credentials a hit on dark web six years later

Six years after blogging platform LiveJournal was hacked, the credentials of some 26 million users are being sold and traded on multiple hacker forums and the dark market. Complicating the breach’s fallout, the database’s old and/or unique passwords have allowed bad actors to launch targeted sextortion email campaigns. Another blogging platform, Dreamwidth, says it’s withstood…

Mathway breach latest caper for Shiny Hunters

While the Mathway breach in which 25 million email addresses and salted passwords were reportedly stolen didn’t hit the news until late last week, a recent statement by the company says that after receiving a tip, Mathway retained a leading data security firm to investigate and by May 15 confirmed that the company had been…