Data Breach | SC Media

Data Breach

Data breaches hit several organizations across the Southern US and West Coast

Oracle, Airbus, Toshiba, and Volkswagen financial data leaked following cyberattack

Threat actors stole financial data from a company that provides internet infrastructure for dozens of the world’s largest companies including Oracle, Airbus, Toshiba, and Volkswagen. The cybercriminals stole data from Germany-based CITYCOMP, which provides servers, storage and other computer equipment to other enterprise-level organizations and subsequently blackmailed the firm and threatened to publish the stolen…

FBI fielded roughly $2.7 billion worth of Internet crime complaints in 2018

The FBI’s Internet Crime Complaint Center (IC3) received nearly 352,000 complaints related to cybercrime activity that collectively was responsible for $2.7 billion in losses, according to the agency’s 2018 Internet Crime Report. The three most commonly reported internet crimes last year were non-payment/non-delivery scams (i.e. the scammer never pays for or never ships ordered merchandise),…

Washington state legislature passes data breach law, but punts on privacy law

The Washington state legislature went one-for-two this month in its attempt to pass major data breach and privacy regulations. Yesterday, lawmakers unanimously passed HB 1071, which firms up and expands requirements for public breach notifications, but the state apparently has failed to approve a sweeping new state privacy law, SB 5367, after the House declined…

App leaves over 2 million WiFi network passwords exposed on open database

More than two million WiFi network passwords were reportedly left exposed on an open database by the developer of WiFi Finder, an app designed to help device owners find and log in to hotspots. The developer, Proofusion, claims its product only lists passwords for public Wi-Fi networks offered by the likes of restaurants and other…

Unauthorized party muscles its way into Bodybuilding.com’s systems

Fitness retailer Bodybuilding.com last Friday disclosed that an unauthorized party used a phishing scam to gain access to systems containing its customer data. According to an FAQ page posted on its website, the Boise, Idaho-based retailer discovered the breach incident in February 2019, roughly seven months after the phishing email was received in July 2018.…

Microsoft web mail services breached after support agent’s credentials are compromised

Hackers reportedly compromised a Microsoft Corp. support agent’s credentials, allowing them to gain unauthorized access to the company’s various web-based email services, including Outlook, MSN and Hotmail, for at least three months in 2019. This breach exposed not only information pertaining to certain customers’ email accounts, but also in some cases the content of the…

Commission offers suggestions for stemming online spy threat from China

Chinese HR firms and recruiting agencies found to leak more than half a billion resumes

Chinese companies were discovered leaking more than half a billion resumes on the web via poorly secured ElasticSearch and MongoDB databases. The leaks occurred solely at Chinese firms over the last few months from Chinese human resource-focused companies in batches ranging from a handful of CVs to professional executive head-hunting firms all leaking customer details…

The trickle-down effect of cyberwarfare: Protecting yourself when the bad gets worse

In the post-Vault7 world, there has been an interesting shift in the cybersecurity landscape. At one time, well-funded, government-backed nation-state threat actors were the only ones capable of carrying out sophisticated cyberattacks. But now, these hacking techniques have trickled down to your average cybercriminal, equipping them with the power to take down enterprise networks, steal…

Next post in Executive Insight