A database owned by the email delivery and marketing firm Maropost was reportedly found open and unsecured exposing about 95 million customer records. Researchers at CyberNews initially found the database in early February noting it contained 19.2 million unique email addresses and marketing logs containing the relevant metadata for these emails, such as the exact…
A dark web forum specializing in marketing stolen social media accounts, SIM cards and phone numbers was itself hacked for the second time in less than a year. OGUsers on April 2 posted a notice on its site that was picked up by researchers at Under The Breach. The note stated the attacker entered OGUsers…
A misconfigured Amazon Web Services S3 bucket has exposed the data of about 14 million users of the popular Key Ring app that includes some payment and medical card information. The database was discovered by vpnMentor’s Noam Rotem and Ran Locar who found 44 million records were open to public viewing. Key Ring is generally…
The Affordacare Urgent Care Clinic, a network of medical providers based in Texas, has officially confirmed a combination data breach-ransomware attack that exposed sensitive information. The company is claiming that social security numbers were not impacted in the incident, despite security experts having demonstrated that the attackers have published stolen documents containing patients’ and employees’…
A member of a hacking forum has reportedly posted data corresponding to over 4.9 million of citizens from the country of Georgia, both living and dead. The leaked dataset was made available via a 1.04 GB Microsoft Access database file, according to a report from ZDNet, which was alerted to the dump by breach monitoring…
Previously burned by a hack of its Starwood reservations system, Marriott International on Tuesday disclosed another major data breach, this one affecting 5.2 million of its guests. According to the Bethesda, Md.-based hospitality giant, the source of the breach was an application that its hotels use to provide guests with various services. Marriott did not name…
The operators behind DoppelPaymer ransomware reportedly attacked electronics manufacturer Kimchuk earlier this month, disrupting the company’s operations and stealing sensitive data that they have been publishing online as part of an extortion plot. Meanwhile, the cybercriminal outfit has continued to also publish information stolen earlier this year from Visser Precision, a parts maker and manufacturing solutions…
Tupperware hasn’t yet put a lid on a targeted cyberattack that uses a credit card skimmer to collect customer payment information at checkout on the tupperware[.]com site and some of its local sites. The threat actors hid “malicious code within an image file that activates a fraudulent payment form during the checkout process,” according to…
A February breach at service provider Canon Business Process Services exposed the personal information of current and former GE employees and their beneficiaries. “While I’m usually a bit numb to the latest data breach, the sheer variety of exposed information is unique,” said Roger Grimes, data driven defense evangelist at KnowBe4. “GE and Canon haven’t…
The hack of an FSB contractor has exposed details of the Russian intelligence agency’s cyber weapons program aimed at exploiting vulnerabilities in IoT devices. Digital Revolution, a Russian hacking group, has claimed credit for the April 2019 breach of subcontractor ODT (Oday) LLC, which was working with frequent Russian Ministry of Internal Affairs contractor InformInvestGroup…
