In a data breach notification letter to customers, The UPS Store has disclosed that an unauthorized party successfully devised a phishing scheme to gain entry into the email accounts of numerous store locations. The breach exposed information contained within documents that customers emailed to stores for printing and related services, the San Diego-based subsidiary of…
Japanese manufacturer Mitsubishi Electric has acknowledged its discovery last June of a data breach perpetrated by an unauthorized third party that accessed both personal employee information and corporate materials. The public disclosure came amid multiple English and Japanese news sources publishing details on the incident [1, 2, 3, 4, 5], which experts believe may be…
The Australian P&N Bank reported a data breach that exposed detailed and sensitive financial information on an unspecified number of customers. Access was gained on December 12 to the bank’s customer relationship management system, which is operated by a third-party hosting firm, was undergoing an upgrade. Details on how it was accessed were not revealed,…
The Canadian online pharmacy PlanetDrugsDirect is notifying customers of a data breach that exposed both payment and personal health insurance. In an email obtained by Bleeping Computer the bargain online retailer said exposed data could include name, address, email, phone number, medical information (including prescription) along with payment card data. The company does not believe…
Following in the footsteps of Maze and Sodinokibi, it appears the makers another malicious encryption program plans to adopt the tactic of publishing data that’s been exfiltrated from targets. According to a BleepingComputer report, Nemty ransomware developers posted on a news feed in its affiliate panel that it intends to create a website where they…
Minnesota-based hospital operator Alomere Health this month began notifying patients of a data breach affecting 49,351 individuals, after a malicious actor gained access to two employee email accounts in late October and early November. The first incident took place between Oct. 31 and Nov. 1, 2019, while the second account hijacking happened days later on…
The Houston-based steakhouse, restaurant and hospitality company Landry’s, Inc. has advised customers of a point-of-sale malware attack that stole payment card data from an order-entry system used to process kitchen and bar orders. According to a company breach notification, Landry’s food and beverage locations typically use point-of-sale terminals featuring end-to-end encryption technology that protects the…
Acitve Network’s Blue Bear Software platform reported that unauthorized activity in its network earlier this year resulted in customer PII being exposed. The company reported the issue to the California Attorney General’s office stating it recently became aware that between Oct. 1, 2019 and Nov. 13, 2019 there was illegal activity taking place on its…
Security camera and smart device maker Wyze Labs has confirmed a data breach that left exposed a database containing information on reportedly 2.4 million of its users. Wyze Co-founder Dongsheng Song confirmed the data breach on December 27 and said the exposed database contained a large amount of personal, product and some medical information. Username…
The accounting, consulting and wealth management firm Moss Adams has posted a cybersecurity incident notice centered on an employee email account that was accessed by an unauthorized person compromising PII. In the statement, which appeared on the California Attorney General’s data breach website, Moss Adams stated that on October 10, 2019 a staffer’s email account…
