Western Digital discloses network breach, My Cloud service down
Western Digital announced today that its network has been breached and an unauthorized party gained access to multiple company systems. The California-based computer drive maker and provider of data storage services says in a press release that the network security incident was identified last Sunday, on March 26. An investigation is in early stages and the company is coordinating efforts with law enforcement authorities.
LastPass breach update: The few additional bits of information
LastPass breach was aided by lax security policy, allowing accessing critical data from a home computer. Also, companies implementing federated login are also affected by the breach, despite LastPass originally denying it.
Stanford University discloses data breach affecting PhD applicants
Stanford University disclosed a data breach after files containing Economics Ph.D. program admission information were downloaded from its website between December 2022 and January 2023.
Activision's Data Breach Contains Employee Information, Call of Duty and More, Report
Insider Gaming has been able to obtain the entirety of the gaming giant Activision’s data breach initially reported by vx-underground and confirmed the data contains plans for Modern Warfare 2’s upcoming DLCs, Call of Duty 2023 (Codenamed Jupiter) and Call of Duty 2024 (Codenamed Cerberus), as well as sensitive employee information.
GoDaddy: Hackers stole source code, installed malware in multi-year breach
Web hosting giant GoDaddy says it suffered a breach where unknown attackers have stolen source code and installed malware on its servers after breaching its cPanel shared hosting environment in a multi-year attack.
NortonLifeLock warns that hackers breached Password Manager accounts
Gen Digital, formerly Symantec Corporation and NortonLifeLock, is sending data breach notifications to customers, informing them that hackers have successfully breached Norton Password Manager accounts in credential-stuffing attacks.
Compromise of employee device, credentials led to CircleCI breach
CircleCI’s chief technology officer said malicious hackers infected one of their engineer’s laptops and stole elevated account privileges to breach the company’s systems and data late last year.
What’s in a PR statement: LastPass breach explained
The LastPass statement on their latest breach is full of omissions, half-truths and outright lies. I’m providing the necessary context for some of their claims.
Thousands of small to medium size businesses are suffering as Rackspace have suffered a security incident on their Hosted Exchange service. Yesterday, 2nd December 2022, Rackspace announced an outage to their Hosted Exchange Server:
Lastpass says hackers accessed customer data in new breach
LastPass says unknown attackers breached its cloud storage using information stolen during a previous security incident from August 2022. The company added that, once in, the threat actors also managed to access customer data stored in the compromised storage service.
Impact to DigitalOcean customers resulting from Mailchimp security incident
The security of DigitalOcean customers and their data is a responsibility we approach with utmost dedication. When our customers' security is threatened we respond swiftly, communicate with transpa...
911 Proxy Service Implodes After Disclosing Breach
911[.]re, a proxy service that since 2015 has sold access to hundreds of thousands of Microsoft Windows computers daily, announced this week that it is shutting down in the wake of a data breach that destroyed key components of its…
GitHub: Attacker breached dozens of orgs using stolen OAuth tokens
GitHub revealed today that an attacker is using stolen OAuth user tokens (issued to Heroku and Travis-CI) to download data from private repositories.
Impact to DigitalOcean customers resulting from Mailchimp security incident
The security of DigitalOcean customers and their data is a responsibility we approach with utmost dedication. When our customers' security is threatened we respond swiftly, communicate with transpa...
911 Proxy Service Implodes After Disclosing Breach
911[.]re, a proxy service that since 2015 has sold access to hundreds of thousands of Microsoft Windows computers daily, announced this week that it is shutting down in the wake of a data breach that destroyed key components of its…
GitHub: Attacker breached dozens of orgs using stolen OAuth tokens
GitHub revealed today that an attacker is using stolen OAuth user tokens (issued to Heroku and Travis-CI) to download data from private repositories.