Thousands of credit cards stolen in Green Bay Packers store breach
American football team Green Bay Packers says cybercriminals stole the credit card data of over 8,500 customers after hacking its official Pro Shop online retail store in a September breach.
Ascension: Health data of 5.6 million stolen in ransomware attack
Ascension, one of the largest private U.S. healthcare systems, is notifying over 5.6 million patients and employees that their personal and health data was stolen in a May cyberattack linked to the Black Basta ransomware operation.
The financial technology firm Finastra is investigating the alleged large-scale theft of information from its internal file transfer platform, KrebsOnSecurity has learned. Finastra, which provides software and services to 45 of the world’s top 50 banks, notified customers of the security incident after a cybercriminal began selling more than 400 gigabytes of data purportedly stolen from the company.
Turkey fines Amazon's Twitch 2 mln lira for data breach | Reuters
Turkey's Personal Data Protection Board (KVKK) has fined Amazon.com's gaming platform Twitch 2 million lira ($58,000) over a data breach, the official Anadolu Agency reported on Saturday.
Change Healthcare says 100 million people impacted by February ransomware attack
Change Healthcare updated filings with the federal government to warn that about 100 million people had information accessed by hackers during a ransomware attack in February. The Department of Health and Human Services’s (HHS) Office for Civil Rights said Change Healthcare notified them on October 22 that “approximately 100 million individual notices have been sent regarding this breach.”
Internet Archive breached again through stolen access tokens
The Internet Archive was breached again, this time on their Zendesk email support platform after repeated warnings that threat actors stole exposed GitLab authentication tokens.
The breach does not appear to impact the main consumer Verizon network, and instead involves the company’s push to talk (PTT) product, marketed to public sector agencies and enterprises.
Banks: Zurich asset manager hit by massive hacker attack
Extensive data leak in Switzerland: The Zurich-based asset manager Boreal Capital Management has been attacked by a hacker group, with data from around 700 current and former clients being stolen and published, according to media reports.
Deloitte Says No Threat to Sensitive Data After Hacker Claims Server Breach
A notorious hacker has announced the theft of data from an improperly protected server allegedly belonging to Deloitte. The hacker known as IntelBroker announced late last week on the BreachForums cybercrime forum the availability of “internal communications” obtained from Deloitte, specifically an internet-exposed Apache Solr server that was accessible with default credentials.
RansomHub claims Kawasaki cyberattack, threatens to leak stolen data
Kawasaki Motors Europe has announced that it's recovering from a cyberattack that caused service disruptions as the RansomHub ransomware gang threatens to leak stolen data.
Transport for London's ongoing cyber incident has taken a dark turn as the organization confirmed that some data, including bank details, might have been accessed, and 30,000 employees' passwords will need to be reset via in-person appointments.
Major US car rental breach exposes hundreds of thousands
Attackers roamed the systems of Avis Car Rental, a major car rental service provider, for several days, accessing data of nearly 300,000 individuals. Malicious actors breached Avis systems on August 3rd and roamed inside the system for three days until the company secured its networks. The company’s data breach notification letter, submitted to the Maine Attorney General’s Office, states that Avis discovered the breach on August 5th, indicating it took at least one day to kick the malicious actors out.
Toyota confirms breach after stolen data leaks on hacking forum
Toyota confirmed that its network was breached after a threat actor leaked an archive of 240GB of data stolen from the company's systems on a hacking forum.
Troy Hunt: Inside the "3 Billion People" National Public Data Breach
I decided to write this post because there's no concise way to explain the nuances of what's being described as one of the largest data breaches ever. Usually, it's easy to articulate a data breach; a service people provide their information to had someone snag it through an act of unauthorised access and publish a discrete corpus of information that can be attributed back to that source. But in the case of National Public Data, we're talking about a data aggregator most people had never heard of where a "threat actor" has published various partial sets of data with no clear way to attribute it back to the source. And they're already the subject of a class action, to add yet another variable into the mix. I've been collating information related to this incident over the last couple of months, so let me talk about what's known about the incident, what data is circulating and what remains a bit of a mystery.
Hackers leak 2.7 billion data records with Social Security numbers
Almost 2.7 billion records of personal information for people in the United States were leaked on a hacking forum, exposing names, social security numbers, all known physical addresses, and possible aliases.
IBM: Cost of a breach reaches nearly $5 million, with healthcare being hit the hardest
Businesses that fall victim to a data breach can expect a financial hit of nearly $5 million on average — a 10% increase compared to last year — according to IBM’s annual report on cybersecurity incidents.
BreachForums v1 hacking forum data leak exposes members’ info
The private member information of the BreachForums v1 hacking forum from 2022 has been leaked online, allowing threat actors and researchers to gain insight into its users.
