The Target has filed a lawsuit against Chubb with the retailer claiming the insurance carrier did not properly compensate it for costs incurred following the 2013 data breach. In the lawsuit Target said the requirement for its banks to replace its customers physical payment cards that were compromised “Constitutes ‘loss of use of tangible property…
Wireless communications company T-Mobile has disclosed a data breach incident that impacts certain customers with pre-paid service accounts. “Our cybersecurity team discovered and shut down malicious, unauthorized access to some information related to your T-Mobile prepaid wireless account. We promptly reported this to authorities,” stated a notification that the Germany-based company posted online. Compromised information…
Two security researchers have uncovered four billion records on 1.2 billion people on an unsecured Elasticsearch server impacting what is estimated to be hundreds of millions of people. The data itself comes from the data aggregator and enrichment companies People Data Labs (PDL) and OxyData.Io and contains basic personal information, such as names, home and…
European hotel booking platform provider Gekko Group mistakenly stored over 1 terabyte of information on a publicly configured server, exposing troves of data related to its hotel B2B clients, as well as travel agents and their customers. The majority of the exposed data was collected by Gekko brands Teldar Travel, which provides a booking system…
Data belonging to clients of shared workspace company WeWork was reportedly left exposed and accessible to the public via GitHub, while a web portal separately leaked information on prospective customers. Mossab Hussein, security researcher from Dubian-based spiderSilk, discovered the data mismanagement and reported it to Vice/Motherboard, which published a report on the findings today. The…
Millions of credentials stolen from the GateHub cryptocurrency wallet service and gaming bot provider EpicBot were reportedly posted on popular hacking forum site RaidForums last month, along with other personal information. Roughly 2.2 million accounts were affected – 1,408,078 of which belong GateHub users, while 816,662 were created by EpicBot users, according to security researcher…
An exposed database belonging to PayMyTab leaked PII on customers who dined at restaurants using the mobile payment system. An anonymous third party discovered the open AWS S3 bucket and brought it to the attention of researchers at vpnMonitor through Helen Foster, a partner at the Davis Wright Tremaine law firm in Washington. “This leak…
Hackers accessed macys.com’s “Checkout” and “My Wallet” pages early last month and added malicious script to lift shoppers’ personal information, such as credit card data, then send it to a remote site. The company discovered the Oct. 7 hack on Oct. 15 when it observed “a suspicious connection” between macys.com and the remote website, the company said in…
About 1,800 people, including 500 Fairfax, Va., county police department employees, had their PII possibly exposed when a USB drive carrying the information went missing. The USB drive containing the full names, birth dates and Social Security numbers for the Fairfax police officers and other employees belonged to Police Chief Cynthia McAlister, who heads the…
Solara Medical Supplies reported on November 13 that its system was exposed for several months earlier this year after several employees fell for a phishing scam giving access to their Office 365 accounts to an unauthorized person. The illegal access was discovered on June 28, 2019 and a further investigation found the data breach existed…
