Data Breaches news & analysis | SC Media

Data Breach

Georgia Tech stung with 1.3 million-person data breach

By

Georgia Tech is reporting that it suffered a data breach when a Georgia Institute of Technology web app exposed the information on 1.3 million current and former students, student applicants along with staff members. The incident was discovered in late March, the school stated adding the breach is being investigated by the Georgia Tech cybersecurity…

Arizona Beverages ransomware attack exacerbated by unpatched servers, poorly configured back-up system

By

Arizona Beverages, quick to the grocer’s shelf with its ubiquitous iced teas, has been slow to get much of its network running again after it discovered its backup system wasn’t properly configured to restore its systems in the wake of a targeted ransomware attack and was forced to spend a pretty penny to bring in…

VSkimmer trojan steals card data on point-of-sale systems

2M credit cards exposed in Buca di Beppo, Earl of Sandwich, Planet Hollywood parent company breach

By

A point-of-sale data breach allegedly discovered a month ago and just now admitted, exposed two million credit cards belonging to diners of Earl Enterprises restaurants. KrebsOnSecurity claims to have contacted the Italian restaurant chain that owns Buca di Beppo, Earl of Sandwich, Planet Hollywood and other restaurant brands, on Feb. 21, 2019, after finding evidence…

Amazon Logo

Saudis hacked Jeff Bezos’s personal data, probe finds

By

Saudi Arabia’s government gleaned private information from Amazon CEO Jeff Bezos’s phone, security consultant Gavin de Becker said following an investigation into how texts and intimate photos from Bezos’s phone found their way to the National Enquirer. “Our investigators and several experts concluded with high confidence that the Saudis had access to Bezos’s phone, and…

Toyota reports second breach in five weeks

By

For the second time in five weeks, Toyota has acknowledged a breach – this one affecting 3.1 million customers at its subsidiaries while the first was in Australia and believed to be the work of Ocean Lotus, or APT32. The company isn’t yet sure if the hackers nicked any data from its systems but said…

UConn Health Center hit with $5M suite over breach

By

The University of Connecticut Health Center is being hit with a class action lawsuit over a data breach that exposed 326,000 current and former patients. The lawsuit, which is seeking $5 million in damages, was filed last week on behalf of New London, Conn., resident Yoselin Martinez who alleges the university took months after the…

Kanopy.com ElasticSearch database left unsecured

By

The movie streaming service Kanopy has been leaking access and API logs through an unsecured ElasticSearch database, according to a cybersecurity researcher. Justin Paine, director of trust and safety at Cloudflare according to LinkedIn, and blogging under the name xxdesmus noted that since March 7 the site has been leaking up to 40 million log…

github_1439470

Paper: Leaked authentication secrets rampant across GitHub

By

An academic study of GitHub found that more than 100,000 of the web service’s code repositories contain publicly accessible authentication secrets such as API and cryptographic keys, while thousands of new secrets are leaked each day. North Carolina State University researchers Michael Meli, Matthew McNiece (also from Cisco Systems) and Bradley Reaves detail their findings…

Cyber crime ringleader sentenced to five years in prison

Hedge fund manager sentenced to 60 months security fraud, hacking scheme

By

A hedge fund manager convicted of conspiracy to commit securities fraud and computer intrusion, among other, crimes was sentenced in U.S. District Court to 60 months in prison Thursday. Vitaly Korchevsky, 53, was also ordered to pay a $14.4 million forfeiture and a $250,000 fine for his role in a scheme in which Ukrainian hackers…

Phishing scam stings Oregon Dept. of Human Services, compromises emails containing resident data

By

The Oregon Department of Human Services (DHS) was the victim of a phishing campaign earlier this year, resulting in a data breach that reportedly involves the records of up to 1.6 million state residents. According to a March 21 Oregon DHS press release, the incident took place last Jan. 8, when nine separate agency employees…

Next post in Security News