Data Breaches news & analysis | SC Media

Data Breach

Home Chef confirms data breach after eight million records sold on dark web

The recent breach of Home Chef, confirmed this week, after malicious actor Shiny Hunters sold eight million of its records on the dark web underscores the looming security challenge of managing employees who access business data from outside the confines of the secure network. “With increased BYOD and remote work, acceptable usage policy enforcement is…

Six need-to-know takeaways from the Verizon breach report

Phishing attacks and stolen credentials have become attackers’ most popular avenues of network compromise, and employee errors are helping pave the way according to Verizon’s newly released 2020 Data Breach Investigations Report (DBIR). Verizon researchers analyzed 157,525 known “incidents” (defined as a security event that results in the compromise of an information asset) and 3,950…

British airline easyJet breached, data of 9 million customers compromised

An attack against British airline easyJet by “a highly sophisticated source” accessed the email addresses and travel details of approximately nine million customers, including credit card details of 2,208 customers. The company did not reveal when it learned of the attack or what a forensic investigation revealed, nor did it specify the breach date.  Although the…

Defending the database

22 million emails found in mystery open database

An otherwise unremarkable find of an open Elasticsearch database containing millions of records became a Sherlock Holmes mystery as researchers cannot figure out the database’s origins. Security researcher Troy Hunt, of Have I Been Pwned, was informed in February about an open database he has named db8151dd containing 90GB of data containing 22.8 million emails.…

Magellan Health warns ransomware attack exposed PII

Magellan Health is warning customers that an April 11 ransomware attack may have affected their personal information. A Mandiant investigation determined an “unauthorized actor gained access to Magellan’s systems after sending a phishing email on April 6” impersonating one of the company’s clients, the company said in a notice from Magellan Senior Vice President and…

Ransomware attack prompts Texas courts to disable websites, servers

A ransomware attack on Texas courts discovered “during the overnight hours” last Thursday night forced the Office of Court Administration (OCA) to disable websites and servers. Noting that “at this time, there is no indication that sensitive information, including personal information, was compromised,” the OCA said in a release that it “was able to catch the…

WeLeakData hack reveals hackers’ private messages

A month after hacker forum WeLeakData.com was shuttered, the content of its database, including hackers’ private messages, is for sale on the dark web. Noting claims that the FBI seized the forum, resulting in its closure, are unsupported, researchers at Cyble who identified and verified the database leak said, “After a brief time of being…

Hollywood

REvil hackers extort law firm with Lady Gaga, Nicki Minaj, Elton John as clients

Cyberattackers have breached a high-profile entertainment and media law firm, infecting the practice with ransomware and stealing files that apparently pertain to its star clients, including Lady Gaga, Madonna, Elton John, Barbara Streisand, Bruce Springsteen, Mariah Carey and Mary J. Blige. A cyber analyst who requested anonymity provided SC Media with content posted on the…

The report shines a light on the Syrian Electronic Army, including its attacks, tactics and members.

‘Shiny Hunters’ bursts onto dark web scene following breaches, Microsoft data theft claims

A malicious actor known as Shiny Hunters has emerged as a serious dark web player following a spate of high-profile breaches, and now the hacker or hackers is claiming to have stolen data from Microsoft’s private GitHub repositories and is threatening to release the code for free. According to researchers from ZeroFOX Alpha Team, Shiny…

Next post in Cybercrime