Data Breaches news & analysis | SC Media
Skip to navigation Skip to main content

Data Breach

Coronavirus, Data Breach, Finance, Security News, Web Services Security, E-Commerce Security, Website/Web Server Security

Test platform leaks Bank of America clients’ Covid-19 PPP loan applications

By
Publish Date

Bank of America has disclosed that it briefly exposed certain business clients’ Paycheck Protection Program (PPP) applications to outside parties after uploading the documents onto a test platform. The incident bears similarities to the recent news of at least states mistakenly exposing application information related to the Pandemic Unemployment Assistance (PUA) program. Both the PPP…

2 minutes on: Keeping the chill off journalism
Data Breach, Privacy & Compliance News and Analysis, Security News

26M LiveJournal bloggers’ credentials a hit on dark web six years later

By
Publish Date

Six years after blogging platform LiveJournal was hacked, the credentials of some 26 million users are being sold and traded on multiple hacker forums and the dark market. Complicating the breach’s fallout, the database’s old and/or unique passwords have allowed bad actors to launch targeted sextortion email campaigns. Another blogging platform, Dreamwidth, says it’s withstood…

Data Breach Disclosure
Data Breach, Privacy & Compliance News and Analysis, Security News

Arbonne breach of 3,500+ Calif. residents’ PII could test privacy law

By
Publish Date

The exposure of the PII of more than 3,500 California residents in the database of international multi-level marketing firm Arbonne following a breach on April 23 offers a glimpse into whether the state will enforce its new privacy statute that went into effect in January. Almost half of a four-page information sheet from Arbonne describing…

Data Breach, Malware, Security News

Mathway breach latest caper for Shiny Hunters

By
Publish Date

While the Mathway breach in which 25 million email addresses and salted passwords were reportedly stolen didn’t hit the news until late last week, a recent statement by the company says that after receiving a tip, Mathway retained a leading data security firm to investigate and by May 15 confirmed that the company had been…

Cybercrime, Data Breach, Retail, Security News, Web Services Security, E-Commerce Security, Website/Web Server Security

Malicious actor holds at least 31 stolen SQL databases for ransom

By
Publish Date

A malicious cyber actor or hacking collective has reportedly been sweeping the internet for online stores’ unsecured SQL databases, copying their contents, and threatening to publish the information if the rightful owners don’t pay up. The perpetrator has stolen the copied versions of at least 31 SQL databases, which have been put up for sale…

Data Breach, Privacy & Compliance News and Analysis, Security News

Home Chef confirms data breach after eight million records sold on dark web

By
Publish Date

The recent breach of Home Chef, confirmed this week, after malicious actor Shiny Hunters sold eight million of its records on the dark web underscores the looming security challenge of managing employees who access business data from outside the confines of the secure network. “With increased BYOD and remote work, acceptable usage policy enforcement is…

Cybercrime, Data Breach, Malware, Phishing, Research, Security News

Six need-to-know takeaways from the Verizon breach report

By
Publish Date

Phishing attacks and stolen credentials have become attackers’ most popular avenues of network compromise, and employee errors are helping pave the way according to Verizon’s newly released 2020 Data Breach Investigations Report (DBIR). Verizon researchers analyzed 157,525 known “incidents” (defined as a security event that results in the compromise of an information asset) and 3,950…

Data Breach, Privacy & Compliance News and Analysis, Security News

British airline easyJet breached, data of 9 million customers compromised

By
Publish Date

An attack against British airline easyJet by “a highly sophisticated source” accessed the email addresses and travel details of approximately nine million customers, including credit card details of 2,208 customers. The company did not reveal when it learned of the attack or what a forensic investigation revealed, nor did it specify the breach date.  Although the…

Defending the database
Data Breach, Security News

22 million emails found in mystery open database

By
Publish Date

An otherwise unremarkable find of an open Elasticsearch database containing millions of records became a Sherlock Holmes mystery as researchers cannot figure out the database’s origins. Security researcher Troy Hunt, of Have I Been Pwned, was informed in February about an open database he has named db8151dd containing 90GB of data containing 22.8 million emails.…

Data Breach, Ransomware, Security News

Magellan Health warns ransomware attack exposed PII

By
Publish Date

Magellan Health is warning customers that an April 11 ransomware attack may have affected their personal information. A Mandiant investigation determined an “unauthorized actor gained access to Magellan’s systems after sending a phishing email on April 6” impersonating one of the company’s clients, the company said in a notice from Magellan Senior Vice President and…

Next post in Security News