Data Breaches news & analysis | SC Media

Data Breach

netherlandscrireport_1230499

Report: Hacker steals Dutch prostitution forum data

Hookers.nl, a Dutch online forum for prostitutes, escorts and their clientele, has reportedly suffered a data breach that has exposed the details of 250,000 users, whose data is being offered for sale. Compromised information includes email addresses, usernames, IP addresses and passwords. Usernames are typically aliases but certain real names can likely be derived from…

Imperva CTO: Breach caused by mishandled database migration

The data breach that recently affected certain customers of Imperva’s Cloud Web Application Firewall (WAF) product was made possible by a series of missteps as the cybersecurity company migrated to a cloud-based database service, the firm’s chief technology officer disclosed yesterday in a blog post. Collectively, these errors allowed an unauthorized party to steal an…

Stolen credentials used to access TransUnion Canada’s consumer credit files

A malicious actor used stolen credentials to access a web portal operated by credit reporting agency TransUnion Canada and then used that portal to access consumer files. This week, BleepingComputer posted a report containing scanned images of a disclosure notification that TransUnion Canada has begun mailing out to affected consumers. The notification, dated Sept. 19,…

Health, personal data of 1 million New Zealanders exposed in series of intrusions

The medical and personal information of about 1 million people was exposed after a breach of Tū Ora Compass Health, a primary health organization (PHO) located in New Zealand. The non-governmental organization (NGO) discovered four intrusions – by what Ministry of Health Director-General of Health Ashley Bloomfield said were two hacktivists and two “more sophisticated…

Data on 92M Brazilians found for sale on underground forums

Several members-only dark web forums are reportedly auctioning what appears to be a stolen government database featuring the personal information of 92 million Brazilian citizens. The 16GB SQL database contains such information as name, birth date, mother’s name, gender and tax details including taxpayer IDs, according to BleepingComputer, which credits the discovery to a researcher…

Estonian hacker sentenced

Hy-Vee details 2019 POS data breach incident

Mid-Western supermarket chain Hy-Vee issued an update regarding the POS data breach it reported in August, including when it happened on the locations involved. Hy-Vee said in an October 3 release that unauthorized access was detected on July 29, 2019 and focused on Hy-Vee fuel pumps, drive-thru coffee shops, and restaurants at Hy-Vee Market Grilles,…

Evidence tying Cobalt Group to Magecart Group 4 unveiled

The security firms Malwarebytes and HYAS have strung together several pieces of evidence that they believe tie Magecart Group 4 to the Cobalt Group. The two companies found that the Cobalt Group and Magecart Group 4 have several overarching similarities, such as the use of advanced techniques during their attacks and a history with banking…

Attacker breaches Comodo forums by exploiting vBulletin flaw

More than 170,000 users of online forums operated by cybersecurity company Comodo Group reportedly had their data stolen by a malicious actor who exploited a recently disclosed vulnerability in vBulletin’s internet forum software. The Clifton, N.J.-based Comodo learned of the attack on September 29, and responded by taking its forums offline and applying patches, the…

The word is out: Zynga was breached

A well-known hacker is taking credit for a data breach at the mobile game maker Zynga, claiming he gained access to 218 million user records. On Sept. 12, Zynga reported that a cybersecurity incident had taken place and account login information for certain players of Draw Something and Words With Friends may have been accessed.…

Next post in Data Breach