Data Breaches | SC Media

Data Breaches

Legislators block California data protection expansion

California lawmakers Thursday blocked expansion of data privacy law handing a victory to the tech industry collection, storage and use of consumer information. The proposed expansion would have given customers the right to know what data companies were collecting from them as well as the right to delete and restrict the sell of information. The…

Boost Mobile breached

Boost Mobile was hit with a breach which affected an unknown number of customer accounts. “Boost.com experienced unauthorized online account activity in which an unauthorized person accessed your account through your Boost phone number and Boost.com PIN code,” the company said in a notification. “The Boost Mobile fraud team discovered the incident and was able…

Data breaches hit several organizations across the Southern US and West Coast

Oracle, Airbus, Toshiba, and Volkswagen financial data leaked following cyberattack

Threat actors stole financial data from a company that provides internet infrastructure for dozens of the world’s largest companies including Oracle, Airbus, Toshiba, and Volkswagen. The cybercriminals stole data from Germany-based CITYCOMP, which provides servers, storage and other computer equipment to other enterprise-level organizations and subsequently blackmailed the firm and threatened to publish the stolen…

Password-spraying attacks abuse IMAP to break into targets’ cloud accounts

Taking advantage of recent stolen credential dumps, attackers have been exploiting legacy protocols like IMAP to engage in high-volume password-spraying campaigns for the purpose of breaking into companies’ cloud accounts, researchers at Proofpoint are reporting. Used by email clients to retrieve messages from a server, IMAP (Internet Message Access Protocol) is an ideal protocol to…

Ransomware attack targets college admissions data

Threat actors launched ransomware attacks against three U.S. colleges seizing the data on students applying for admission to the schools and demanded 1 Bitcoin or approximately $3,800 from students to retrieve their “entire admission file.” Attackers targeted Oberlin College in Ohio, Grinnell College in Iowa, and Hamilton College in New York to seize teacher recommendations,…

Cybersecurity partnerships defend threats during NCAA college football playoff championship

In a first of its kind partnership and event,  cybersecurity students from Norwich University teamed up with Respond Software to monitor cyber attacks during the NCAA College Football Playoff Championship between the Clemson Tigers and Alabama Crimson Tide. Together with stadium security, the team analyzed and resolved over 243,000 monitored events and threats during game…

Exactis breach exposes 340M records, may compel GDPR-like reg in U.S.

An exposed database at data broker Exactis exposed nearly 340 million records amounting to around two terabytes of information. “If U.S. citizens did not think their personal information has ever been compromised, this should convince them it definitely is,” said Robert Capps, vice president and authentication strategist for NuData Security, noting the Exactis “breach blows up…

Researcher finds login info for 92 million MyHeritage users on private server

A file named myheritage discovered on an outside private server contained the email addresses and hashed passwords of more than 92 million MyHeritage customers, the genealogy and DNA testing company’s CISO said. “Immediately upon receipt of the file, MyHeritage’s Information Security Team analyzed the file and began an investigation to determine how its contents were…

Next post in Data Breach