Search This Blog
Powered by Blogger.

Blog Archive

Labels

Footer About

Footer About

Labels

Load More
Trendy Right Now

Popular Posts

Showing posts with label Customer Data. Show all posts
personal data leak
Customer Data Cyber Attacks Data Breaches Data Leak Data protection data security Personal Data personal data leak

WestJet Confirms Cyberattack Exposed Passenger Data but No Financial Details

 

WestJet has confirmed that a cyberattack in June compromised certain passenger information, though the airline maintains that the breach did not involve sensitive financial or password data. The incident, which took place on June 13, was attributed to a “sophisticated, criminal third party,” according to a notice issued by the airline to U.S. residents earlier this week. 

WestJet stated that its internal precautionary measures successfully prevented the attackers from gaining access to credit and debit card details, including card numbers, expiry dates, and CVV codes. The airline further confirmed that no user passwords were stolen. However, the company acknowledged that some passengers’ personal information had been exposed. The compromised data included names, contact details, information and documents related to reservations and travel, and details regarding the passengers’ relationship with WestJet. 

“Containment is complete, and additional system and data security measures have been implemented,” WestJet said in an official release. The airline emphasized that analysis of the incident is still ongoing and that it continues to strengthen its cybersecurity framework to safeguard customer data. 

As part of its response plan, WestJet is contacting affected customers to offer support and guidance. The airline has partnered with Cyberscout, a company specializing in identity theft protection and fraud assistance, to help impacted individuals with remediation services. WestJet has also published advisory information on its website to assist passengers who may be concerned about their data.  

In its statement, the airline reassured customers that swift containment measures limited the breach’s impact. “Our cybersecurity teams acted immediately to contain the situation and secure our systems. We take our responsibility to protect customer information very seriously,” the company said. 

WestJet confirmed that it is working closely with law enforcement agencies, including the U.S. Federal Bureau of Investigation (FBI) and the Canadian Centre for Cyber Security. The airline also notified U.S. credit reporting agencies—TransUnion, Experian, and Equifax—along with the attorneys general of several U.S. states, Transport Canada, the Office of the Privacy Commissioner of Canada, and relevant provincial and international data protection authorities. 

While WestJet maintains that the exposed information does not appear to include sensitive financial or authentication details, cybersecurity experts note that personal identifiers such as names and contact data can still pose privacy and fraud risks if misused. The airline’s transparency and engagement with regulatory agencies reflect an effort to mitigate potential harm and restore public trust. 

The company reiterated that it remains committed to improving its security posture through enhanced monitoring, employee training, and the implementation of additional cybersecurity controls. The investigation into the breach continues, and WestJet has promised to provide further updates as new information becomes available. 

The incident highlights the ongoing threat of cyberattacks against the aviation industry, where companies hold large volumes of personal and travel-related data. Despite the rise in security investments, even well-established airlines remain attractive targets for sophisticated cybercriminals. WestJet’s quick response and cooperation with authorities underscore the importance of rapid containment and transparency in handling such data breaches.
Read more »
Smartphones
Customer Data Devices factory reset Privacy Smartphones

Where Does Your Personal Data Go When You Ditch a Device?

 




When people upgrade their phones, laptops, or tablets, the old devices often end up in trade-in programs or at electronic waste collection points. But what happens to the personal information stored on those devices after they leave your hands? The answer is more complicated than many assume.


Resale programs and secure erasure

Companies that refurbish and resell electronics usually follow structured procedures to protect customer data. Devices that are still functional and have resale value are wiped using certified erasure software, designed to make data permanently inaccessible. This process typically produces a digital certificate confirming that the wipe was completed. Devices that cannot be repaired or reused are diverted to recycling instead.


Recycling centres and hidden risks

Collection centres that process large volumes of e-waste follow a different model. Devices are first sorted and stripped of hazardous parts such as batteries, before being fed into shredders that break down the materials for recovery. While this may sound final, experts point out that the chain of custody for individual devices is not always secure. In the past, some recyclers offered on-site data destruction services, but these programs were scaled back due to high operating costs.

Although the risk of someone recovering data from shredded parts is very low, it is not entirely impossible. The cost of reconstructing files often outweighs the potential value of the data, but individuals who store sensitive information may still face exposure if devices are not properly erased before recycling.


Factory reset: not a full solution

Many users believe that deleting files or performing a factory reset provides sufficient protection. However, a reset often only clears visible settings and does not necessarily erase underlying data. Depending on the device, fragments of information such as banking details, personal messages, or login credentials can still be retrieved by someone with technical expertise.


Steps you can take before disposal

Security experts recommend that users take precautions themselves rather than relying solely on resellers or recyclers. Before handing over a device:

1. Back up essential files and remove linked accounts.

2. Take out SIM cards and memory cards.

3. Encrypt the device to make any remaining data unreadable.

4. Use secure-erase software or request an erasure certificate if trading in.

5. For highly sensitive information, consider physically destroying the storage drive instead of recycling.


Not every device poses the same risk. For routine personal use, secure erasure and responsible recycling are usually sufficient. For devices holding highly confidential or financial data, stronger measures are advisable. But experts also warn against avoiding recycling altogether. Keeping outdated electronics at home or in storage carries its own risks, as devices can still be stolen or accessed.

Ultimately, safeguarding personal information before disposal is the responsibility of the user. Taking a few extra steps now can protect your privacy while ensuring devices are recycled responsibly.



Read more »
Phishing Scams
Credit Union Customer Data Customer Data Exposed Cyber Attacks cybercriminals Data Leak data security Hacker attack Personal Data Phishing Scams

Blackpool Credit Union Cyberattack Exposes Customer Data in Cork

 

A Cork-based credit union has issued a warning to its customers after a recent cyberattack exposed sensitive personal information. Blackpool Credit Union confirmed that the breach occurred late last month and subsequently notified members through a formal letter. Investigators determined that hackers may have gained access to personal records, including names, contact information, residential addresses, dates of birth, and account details. While there is no evidence that any funds were stolen or PIN numbers compromised, concerns remain that the stolen data could be misused. 

The investigation raised the possibility that cybercriminals may publish the stolen records on underground marketplaces such as the dark web. This type of exposure increases the risk of identity theft or secondary scams, particularly phishing attacks in which fraudsters impersonate trusted organizations to steal additional details from unsuspecting victims. Customers were urged to remain vigilant and to treat any unsolicited communication requesting personal or financial information with caution. 

The Central Bank of Ireland has been briefed on the situation and is monitoring developments. It has advised any members with concerns to reach out directly to Blackpool Credit Union through its official phone line. Meanwhile, a spokesperson for the credit union assured the public that services remain operational and that members can continue to access assistance in person, by phone, or through email. The organization emphasized that safeguarding customer data remains a priority and expressed regret over the incident. Impacted individuals will be contacted directly for follow-up support. 

The Irish League of Credit Unions reinforced the importance of caution, noting that legitimate credit unions will never ask members to verify accounts through text messages or unsolicited communications. Fraudsters often exploit publicly available details to appear convincing, setting up sophisticated websites and emails to lure individuals into disclosing confidential information. Customers were reminded to independently verify the authenticity of any suspicious outreach and to rely on official registers when dealing with financial services.  

Experts warn that people who have already fallen victim to scams are more likely to be targeted again. Attackers often pressure individuals into making hasty decisions, using the sense of urgency to trick them into disclosing sensitive information or transferring money. Customers were encouraged to take their time before responding to unexpected requests and to trust their instincts if something feels unusual or out of place.

The Central Bank reiterated its awareness of the breach and confirmed that it is in direct communication with Blackpool Credit Union regarding the response measures. Members seeking clarification were again directed to the credit union’s official helpline for assistance.
Read more »
Ransomwares
Colt ransomware attack Colt WarLock hackers Customer Data Cyber Attacks Dark Web data stealing Ransom Demand ransomware attacks Ransomware group Ransomwares

Colt Technology Services Confirms Customer Data Theft After Warlock Ransomware Attack



UK-based telecommunications provider Colt Technology Services has confirmed that sensitive customer-related documentation was stolen in a recent ransomware incident. The company initially disclosed on August 12 that it had suffered a cyberattack, but this marks the first confirmation that data exfiltration took place. In its updated advisory, Colt revealed that a criminal group accessed specific files from its systems that may contain customer information and subsequently posted the filenames on dark web forums. 

To assist affected clients, Colt has set up a dedicated call center where customers can request the list of exposed filenames. “We understand that this is concerning for you,” the company stated in its advisory. Notably, Colt also implemented a no-index HTML meta tag on the advisory webpage, ensuring the content would not appear in search engine results. 

The development follows claims from the Warlock ransomware gang, also known as Storm-2603, that they are auctioning one million stolen Colt documents for $200,000 on the Ramp cybercrime marketplace. The group alleges the files contain financial data, customer records, and details of network architecture. 
Cybersecurity experts verified that the Tox ID used in the forum listing matches identifiers seen in the gang’s earlier ransom notes, strengthening the link to Colt’s breach. The Warlock Group, attributed to Chinese threat actors, emerged in March 2025 and initially leveraged leaked LockBit Windows and Babuk VMware ESXi encryptors to launch attacks. Early operations used LockBit-style ransom notes modified with unique Tox IDs to manage negotiations. 

By June, the group rebranded under the name “Warlock Group,” establishing its own negotiation platforms and leak sites to facilitate extortion. Recent intelligence reports, including one from Microsoft, have indicated that the group has been exploiting vulnerabilities in Microsoft SharePoint to gain unauthorized access to corporate networks. Once inside, they deploy ransomware to encrypt data and steal sensitive files for leverage. 

The group’s ransom demands vary significantly, ranging from $450,000 to several million dollars, depending on the target organization and data involved. Colt’s disclosure highlights ongoing challenges faced by enterprises in safeguarding critical infrastructure against sophisticated ransomware actors. Telecommunications companies, which manage vast volumes of sensitive customer and network data, remain particularly attractive targets. 

As threat actors refine their tactics and increasingly combine encryption with data theft, the risks to both organizations and their clients continue to escalate. While Colt has not confirmed whether it plans to engage with the ransomware operators, the company emphasized its focus on mitigating the impact for customers. 

For now, the stolen documents remain for sale on the dark web, and the situation underscores the broader need for enterprises to strengthen resilience against the evolving ransomware landscape.
Read more »
Meta AI
AI Chatbots AI technology Character AI chatbot security Customer Data Data Breach data security health data Meta AI

Texas Attorney General Probes Meta AI Studio and Character.AI Over Child Data and Health Claims

 

Texas Attorney General Ken Paxton has opened an investigation into Meta AI Studio and Character.AI over concerns that their AI chatbots may present themselves as health or therapeutic tools while potentially misusing data collected from underage users. Paxton argued that some chatbots on these platforms misrepresent their expertise by suggesting they are licensed professionals, which could leave minors vulnerable to misleading or harmful information. 

The issue extends beyond false claims of qualifications. AI models often learn from user prompts, raising concerns that children’s data may be stored and used for training purposes without adequate safeguards. Texas law places particular restrictions on the collection and use of minors’ data under the SCOPE Act, which requires companies to limit how information from children is processed and to provide parents with greater control over privacy settings. 

As part of the inquiry, Paxton issued Civil Investigative Demands (CIDs) to Meta and Character.AI to determine whether either company is in violation of consumer protection laws in the state. While neither company explicitly promotes its AI tools as substitutes for licensed mental health services, there are multiple examples of “Therapist” or “Psychologist” chatbots available on Character.AI. Reports have also shown that some of these bots claim to hold professional licenses, despite being fictional. 

In response to the investigation, Character.AI emphasized that its products are intended solely for entertainment and are not designed to provide medical or therapeutic advice. The company said it places disclaimers throughout its platform to remind users that AI characters are fictional and should not be treated as real individuals. Similarly, Meta stated that its AI assistants are clearly labeled and include disclaimers highlighting that responses are generated by machines, not people. 

The company also said its AI tools are designed to encourage users to seek qualified medical or safety professionals when appropriate. Despite these disclaimers, critics argue that such warnings are easy to overlook and may not effectively prevent misuse. Questions also remain about how the companies collect, store, and use user data. 

According to their privacy policies, Meta gathers prompts and feedback to enhance AI performance, while Character.AI collects identifiers and demographic details that may be applied to advertising and other purposes. Whether these practices comply with Texas’ SCOPE Act will likely depend on how easily children can create accounts and how much parental oversight is built into the platforms. 

The investigation highlights broader concerns about the role of AI in sensitive areas such as mental health and child privacy. The outcome could shape how companies must handle data from younger users while limiting the risks of AI systems making misleading claims that could harm vulnerable individuals.
Read more »
Privacy Lawsuit
Alexa Amazon Customer Data Data collection Data Privacy Data Privacy Laws Data Safety User Data Personal Data Privacy privacy laws Privacy Lawsuit

Federal Judge Allows Amazon Alexa Users’ Privacy Lawsuit to Proceed Nationwide

 

A federal judge in Seattle has ruled that Amazon must face a nationwide lawsuit involving tens of millions of Alexa users. The case alleges that the company improperly recorded and stored private conversations without user consent. U.S. District Judge Robert Lasnik determined that Alexa owners met the legal requirements to pursue collective legal action for damages and an injunction to halt the alleged practices. 

The lawsuit claims Amazon violated Washington state law by failing to disclose that it retained and potentially used voice recordings for commercial purposes. Plaintiffs argue that Alexa was intentionally designed to secretly capture billions of private conversations, not just the voice commands directed at the device. According to their claim, these recordings may have been stored and repurposed without permission, raising serious privacy concerns. Amazon strongly disputes the allegations. 

The company insists that Alexa includes multiple safeguards to prevent accidental activation and denies evidence exists showing it recorded conversations belonging to any of the plaintiffs. Despite Amazon’s defense, Judge Lasnik stated that millions of users may have been impacted in a similar manner, allowing the case to move forward. Plaintiffs are also seeking an order requiring Amazon to delete any recordings and related data it may still hold. The broader issue at stake in this case centers on privacy rights within the home.

If proven, the claims suggest that sensitive conversations could have been intercepted and stored without explicit approval from users. Privacy experts caution that voice data, if mishandled or exposed, can lead to identity risks, unauthorized information sharing, and long-term security threats. Critics further argue that the lawsuit highlights the growing power imbalance between consumers and large technology companies. Amazon has previously faced scrutiny over its corporate practices, including its environmental footprint. 

A 2023 report revealed that the company’s expanding data centers in Virginia would consume more energy than the entire city of Seattle, fueling additional criticism about the company’s long-term sustainability and accountability. The case against Amazon underscores the increasing tension between technological convenience and personal privacy. 

As voice-activated assistants become commonplace in homes, courts will likely play a decisive role in determining the boundaries of data collection and consumer protection. The outcome of this lawsuit could set a precedent for how tech companies handle user data and whether customers can trust that private conversations remain private.
Read more »
Personal Data Breach
Bank Data Leak Credit Union Customer Data Cyberattacks Data Breach Data Leak Data protection data security financial attack Personal Data Breach

Connex Credit Union Confirms Data Breach Impacting 172,000 Customers

 

Connex Credit Union, headquartered in North Haven, Connecticut, recently revealed that a data breach may have affected around 172,000 of its members. The compromised data includes names, account numbers, debit card information, Social Security numbers, and government identification used for account openings. The credit union emphasized that there is no indication that customer accounts or funds were accessed during the incident. 

The breach was identified after Connex noticed unusual activity in its digital systems on June 3, prompting an internal investigation. The review indicated that certain files could have been accessed or copied without permission on June 2 and 3. By late July, the credit union had determined which members were potentially affected. To inform customers and prevent fraud, Connex posted a notice on its website warning that scammers might attempt to impersonate the credit union through calls or messages. 

The advisory stressed that Connex would never request PINs, account numbers, or passwords over the phone. To support affected individuals, the credit union set up a toll-free call center and is offering a year of free credit monitoring and identity theft protection through TransUnion’s CyberScout service. Connex also reported the breach to federal authorities, including the National Credit Union Administration, and committed to cooperating fully with law enforcement to hold the attackers accountable. 

This breach is part of a broader trend of cyberattacks on financial institutions. Earlier in 2025, Western Alliance Bank in Phoenix reported a cyber incident that potentially exposed 22,000 customers’ information due to vulnerabilities in third-party file transfer software, which remained undetected for over three months. Regulatory agencies have also been targeted; in April, attackers accessed emails from the Office of the Comptroller of the Currency containing sensitive financial information, prompting banks such as JPMorgan Chase and Bank of America to temporarily halt electronic data sharing. Other credit unions have faced similar incidents. 

In 2024, TDECU in Lake Jackson, Texas, learned it had been affected by a MoveIt cybersecurity breach over a year after it occurred. One of the largest bank breaches in recent memory took place in July 2019, when Capital One was hacked by a former Amazon Web Services employee, compromising data of 106 million individuals. The company faced an $80 million penalty to the OCC and a $190 million class-action settlement, while the hacker was convicted in 2022 for wire fraud and unauthorized access. 

As cyberattacks become more sophisticated, this incident underscores the importance of vigilance, strong cybersecurity practices, and proactive protection measures for customers and financial institutions alike.
Read more »
Network Security
Airlines aviation Cloud Customer Data customer privacy Data Breach Network Security

Airline suffers data breach, customer information stolen


Air France and KLM announced that threat actors had compromised a customer service platform and stolen customer data. Along with Transavia, KLM and Air France are units of Air France-KLM Group, a Dutch-French multinational airline holding organization. Established in 2004, it is a big name in international air transport. 

"KLM has reported to the Dutch Data Protection Authority; Air France has done this in France at the CNIL. Customers whose data may have been accessed are currently being informed and advised to be extra alert to suspicious emails or phone calls," the group said.

With 78,000 employees and a fleet of 564 aircraft, Air France-KLM offers services for 300 destinations in 90 countries worldwide. The group transported 98 million passengers globally in 2024. The airlines said that they have closed the threat actors’ access to the hacked systems once the breach was discovered. They also claim that the attack didn’t impact their networks.

"Air France and KLM have detected unusual activity on an external platform we use for customer service. This activity resulted in unauthorized access to customer data. Our IT security teams, along with the relevant external party, took immediate action to stop the unauthorized access. Measures have also been implemented to prevent recurrence. Internal Air France and KLM systems were not affected," the group said.

The attackers stole data, including names, email addresses, contact numbers, transaction records, and details of rewards programs. But the group has said that the passengers’ personal and financial data was not compromised. The airlines have informed the concerned authorities in the respective countries of the attack. They have also notified the impacted individuals about the breach.

"KLM has reported the incident to the Dutch Data Protection Authority; Air France has done so in France with the CNIL.” "Customers whose data may have been accessed are currently being informed and advised to be extra vigilant for suspicious emails or phone calls," they said. 

Read more »
Security Breach
Customer Data CyberCrime Cyberhackers Cybersecurity Data Breach Jewellery Pandora Security Breach

Pandora Admits Customer Data Compromised in Security Breach


 

A major player in the global fashion jewellery market for many years, Pandora has long been positioned as a dominant force in this field as the world's largest jewellery brand. However, the luxury retailer is now one of a growing number of companies that have been targeted by cybercriminals. 

Pandora confirmed on August 5, 2025, that a cyberattack had been launched on the platform used to store customer data by a third party. A Forbes report indicates that the breach was caused by unauthorised access to basic personal information, including customer name and email address. As a result, no passwords, credit card numbers, or any other sensitive financial information were compromised, the company stressed. 

In response to the incident, Pandora has taken steps to contain it, improved its security measures, and stated that at the present time, no evidence has been found that suggests that the stolen information has been leaked or misused. There is no doubt that supply chain dependencies can be a vulnerability for attackers due to the recent breach at Danish jewellery giant Pandora, as evidenced by this breach. 

The incident, rather than being the result of a direct intrusion into Pandora's core infrastructure, has been traced back to a third-party vendor platform — a reminder of the vulnerability of external services, including customer relationship management tools and marketing automation systems, which can be used by hackers as gateways. 

Using this tactic, cybercriminals were able to gain unauthorised access to customer data. Cybercriminals often employ this tactic to facilitate secondary crimes such as phishing, identity theft, and targeted scams. This incident is part of a broader industry challenge, with organisations increasingly outsourcing critical functions while ignoring the security risks associated with these outsourcing agreements. 

However, Pandora has not revealed who the third-party platform is; however, it has confirmed that some of Pandora's customer information was accessed through it, so the company's core internal systems remained unaffected by the intrusion. According to the jewellery retailer, the intrusion has been swiftly contained, and additional security measures have been put in place in order to ensure that future attacks do not occur again. 

According to the investigation, only the most common types of data - the names, dates, and email addresses of customers - were copied, and there was no compromise of passwords, identity documents or financial information. Several researchers have noted that cybercriminals have been orchestrating social engineering campaigns on behalf of companies and help desks for as long as January 2025, often to obtain Salesforce credentials or trick the staff into authorising malicious OAuth applications. 

It is not the only issue that is concerning the retail sector, as Chanel, a French fashion and cosmetics giant, also confirmed earlier this month a cyberattack perpetrated by the ShinyHunter extortion group, reportedly targeting Salesforce applications on August 1 through a social media-based intrusion, causing a significant amount of disruption in the industry. 

In the last year, the UK retail sector has been experiencing challenges as a result of cyberattacks that have affected major brands such as M&S, Harrods, and The Co-op. This latest incident comes at a time when the retail sector has been facing an increasing number of cyberattacks. A breach earlier this year resulting in the theft of customer data led M&S to declare a loss of around £300 million for its annual profit. 

It has been noted that in recent years, retailers have become prime targets for sophisticated hackers due to the vast amounts of consumer information they collect for marketing purposes and the outdated security infrastructure they use. Many retailers have underinvested in cybersecurity resilience in their pursuit of speed, scale, and convenience, which is something well-organised threat actors, such as Scattered Spider, are exploiting by taking advantage of this gap. 

Cybersecurity expert Christoph Cemper advised Pandora customers to remain vigilant against potential phishing emails, warning that such attacks can lead to the theft of sensitive information or financial losses if recipients click malicious links or download harmful attachments. Pandora reaffirmed its commitment to data protection, stating, Cemper, however, emphasised that retailers must adopt more proactive measures to safeguard customer information. 

Despite this incident, Pandora stressed the importance of not compromising passwords, payment information, or other sensitive details of customers. Specifically, the incident only involved “very common types of customer data”, including names and e-mail addresses, with no compromises to passwords, payment information, or other sensitive information. 

As a result of its investigation, the company stated that no evidence of misuse of the stolen data was found, but it advised customers to remain vigilant, especially in situations where they receive unsolicited emails or ask for personal information online. In its warning to customers, Pandora advised them not to click on unfamiliar links or download attachments from unverified sources. 

Pandora did not specify who was responsible for the intrusion, how the hack was executed, or how many people had been affected. Nonetheless, security researchers have been able to link the incident to the ShinyHunters group, which is said to have targeted corporate Salesforce databases with various social engineering and phishing techniques since January 2025. 

Several of the members of this group claim that they will "perform a mass sale or leak" of data from companies unwilling to comply with ransom demands. As far as Salesforce is concerned, the company has not been compromised. Its statement attributed these breaches instead to sophisticated phishing attacks and social engineering attacks that have become increasingly sophisticated over the years, reiterating that customers are responsible for safeguarding their data on their own. 

Today's interconnected retail environment serves as a reminder that cyber risks are no longer confined to a company's own network perimeter but are now a part of a company's wider digital footprint. It has become increasingly apparent that the lines between internal and external security responsibilities are blurring in light of the increasing use of vulnerability in third-party platforms, social engineering tactics, and overlooked digital entry points. 

The stakes for global brands are not limited to immediate disruption to operations. In addition to consumer trust, brand reputation, and regulatory scrutiny, cybersecurity experts agree that a holistic approach is now needed in order to mitigate cyberattacks. In addition to rigorous vendor risk assessments, continuous employee training, advanced threat detection, and resilient incident response frameworks, these strategies are all important. 

In an industry like luxury retail that is vulnerable to cyberattacks, Pandora's experience demonstrates what is becoming an increasingly common industry imperative: proactive defences are becoming not just an option but an essential tool for safeguarding the online relationships of customers and protecting their digital assets.
Read more »
insurance
Akira Bitcoin Customer Data Cyber Attacks Germany insurance

German Mobile Insurance Giant Falls After Devastating Ransomware Attack

 



A cyberattack has brought down one of Germany’s largest phone insurance and repair networks, forcing the once-thriving Einhaus Group into insolvency. The company, which at its peak generated around €70 million in annual revenue and partnered with big names such as Deutsche Telekom, Cyberport, and 1&1, has been unable to recover from the financial and operational chaos that followed the attack.


The Day Everything Stopped

In March 2023, founder Wilhelm Einhaus arrived at the company’s offices to an unsettling sight. Every printer had churned out the same note: “We’ve hacked you. All further information can be found on the dark web.” Investigations revealed the work of the hacking group known as “Royal.” They had infiltrated the company’s network, encrypting all of its core systems, the very tools needed to process claims, manage customer data, and run daily operations.

Without these systems, business ground to a halt. The hackers demanded around $230,000 in Bitcoin to unlock the computers. Facing immediate and heavy losses, and with no way to operate manually at the same scale, Einhaus Group reportedly agreed to pay. The financial damage, however, was already severe, estimated in the multi-million-euro range. Police were brought in early, but the payment decision was made to avoid even greater harm.


Desperate Measures to Stay Afloat

Before the attack, the company employed roughly 170 people. Within months, more than 100 positions were cut, leaving only eight employees to handle all ongoing work. With so few staff, much of the processing had to be done by hand, slowing operations dramatically.

To raise funds, the company sold its headquarters and liquidated various investments. These moves bought time but did not restore the business to its former state.


Seized Ransom, But No Relief

In a twist, German authorities later apprehended three suspects believed to be linked to the “Royal” group. They also seized cryptocurrency valued in the high six-figure euro range, suspected to be connected to the ransom payments.

However, Einhaus Group has not received its money back. Prosecutors have refused to release the seized funds until investigations are complete — a process that could take years. Other ransomware victims in Germany are in the same position, with no guarantee they will ever recover the full amount.


Final Stages of the Collapse

Three separate companies tied to the Einhaus Group have now formally entered insolvency proceedings. While liquidation is a strong possibility, founder Wilhelm Einhaus, now 72, insists he has no plans to retire. If the business is dissolved, he says he will start again from scratch.

The Einhaus case is not unique. Just recently, the UK’s 158-year-old transport company Knights of Old collapsed after a ransomware attack by a group known as “Akira,” leaving 700 people jobless. Cyberattacks are increasingly proving fatal to established businesses not just through stolen data, but by dismantling the very infrastructure needed to survive.


Read more »
Personal Data
Advanced Social Engineering Customer Data Customer Data Exposed Data Breach Data Leak Data Privacy data security Malware. Scattered Spider Personal Data

Allianz Life Data Breach Exposes Personal Information of 1.4 Million Customers

 

Allianz Life Insurance has disclosed a major cybersecurity breach that exposed the personal details of approximately 1.4 million individuals. The breach was detected on July 16, 2025, and the company reported the incident to the Maine Attorney General’s office the following day. Initial findings suggest that the majority of Allianz Life’s customer base may have been impacted by the incident. 

According to Allianz Life, the attackers did not rely on exploiting technical weaknesses but instead used advanced social engineering strategies to deceive company employees. This approach bypasses system-level defenses by manipulating human behavior and trust. The cybercriminal group believed to be responsible is Scattered Spider, a collective that recently orchestrated a damaging attack on UK retailer Marks & Spencer, leading to substantial financial disruption. 

In this case, the attackers allegedly gained access to a third-party customer relationship management (CRM) platform used by Allianz Life. The company noted that there is no indication that its core systems were affected. However, the stolen data reportedly includes personally identifiable information (PII) of customers, financial advisors, and certain employees. Allianz SE, the parent company, confirmed that the information was exfiltrated using social engineering techniques that exploited human error rather than digital vulnerabilities. 

Social engineering attacks often involve tactics such as impersonating internal staff or calling IT help desks to request password resets. Scattered Spider has been known to use these methods in past campaigns, including those that targeted MGM Resorts and Caesar’s Palace. Their operations typically focus on high-profile organizations and are designed to extract valuable data with minimal use of traditional hacking methods. 

The breach at Allianz is part of a larger trend of rising cyberattacks on the insurance industry. Other firms like Aflac, Erie Insurance, and Philadelphia Insurance have also suffered similar incidents in recent months, raising alarms about the sector’s cybersecurity readiness.  

Industry experts emphasize the growing need for businesses to bolster their cybersecurity defenses—not just by investing in better tools but also by educating their workforce. A recent Experis report identified cybersecurity as the top concern for technology firms in 2025. Alarmingly, Tech.co research shows that nearly 98% of senior leaders still struggle to recognize phishing attempts, which are a common entry point for such breaches. 

The Allianz Life breach highlights the urgent need for organizations to treat cybersecurity as a shared responsibility, ensuring that every employee is trained to identify and respond to suspicious activities. Without such collective vigilance, the threat landscape will continue to grow more dangerous.
Read more »
Phishing Scams
account protection Account security Amazon Customer Data Cyber Attacks Cyberscams Cybertheft data security Data Theft Login Login Security Passkey Passkey Security Phishing Scams

Amazon Customers Face Surge in Phishing Attacks Through Fake Emails and Texts

 

Cybercriminals are actively targeting Amazon users with a sharp increase in phishing scams, and the company is sounding the alarm. Fraudsters are sending deceptive emails that appear to originate from Amazon, prompting users to log in via a counterfeit Amazon webpage. Once a person enters their credentials, attackers steal the information to take over the account. The urgency to secure your Amazon account has never been greater.  

These scam emails often warn customers about unexpected Amazon Prime renewal charges. What makes them particularly dangerous is the use of stolen personal data to make the emails appear genuine. Amazon’s warning reached over 200 million users, emphasizing the widespread nature of this threat. 

Adding to the concern, cybersecurity firm Guardio reported a dramatic spike in a related scam—this time delivered through SMS. This variant claims to offer fake refunds, again luring users to a fraudulent Amazon login page. According to Guardio, these text-based scams have jumped by 5000% in just two weeks, showing how aggressively attackers are adapting their tactics. 

Amazon says it is actively fighting back, having removed 55,000 phishing websites and 12,000 scam phone numbers involved in impersonation schemes over the past year. Despite these efforts, scammers persist. To combat this, Amazon issued six practical tips for customers to recognize and avoid impersonation fraud.  

The U.S. Federal Trade Commission (FTC) has also issued alerts, noting that scammers are pretending to be Amazon representatives. These fake messages typically claim there’s a problem with a recent purchase. But there’s no refund or issue—just a trap designed to steal money or private data. 

To stay protected, Amazon strongly recommends two major security measures. First, enable two-step verification (2SV) via the “Login & Security” settings in your account. Avoid using SMS-based verification, which is more vulnerable. Instead, use a trusted authenticator app such as Google Authenticator or Apple’s Passwords. If you’ve already set up SMS verification, disable it and reset your 2SV preferences to switch to an app-based method. 

Second, add a passkey to your account. This provides a stronger layer of defense by linking your login to your device’s biometric or PIN-based security, making phishing attacks far less effective. Unlike traditional methods, passkeys cannot be intercepted through fake login pages. 

Cyberattacks are growing more sophisticated and aggressive. By updating your account with these safety tools today, you significantly reduce the risk of being compromised.
Read more »
Ransomwares
Customer Data Cyberattack Data Breach Data Leak data security Personal Information personal information exposure Qilin Qilin Ransomware Ransomware attack Ransomware group Ransomwares

Lee Enterprises Ransomware Attack Exposes Data of 40,000 Individuals

 

Lee Enterprises, a major U.S. news publisher, is alerting nearly 40,000 individuals about a data breach following a ransomware attack that took place in early February 2025. The company, which owns and operates 77 daily newspapers and hundreds of weekly and special-interest publications across 26 states, reported that the cyberattack resulted in the theft of personal information belonging to thousands of people. 

Details of the breach were revealed in a recent disclosure to the Maine Attorney General’s office. According to the company, the attackers gained unauthorized access to internal documents on February 3, 2025. These files contained combinations of personal identifiers such as names, Social Security numbers, driver’s license details, bank account information, medical data, and health insurance policy numbers. The security incident caused widespread operational disruptions. 

Following the attack, Lee Enterprises was forced to shut down multiple parts of its IT infrastructure, impacting both the printing and delivery of its newspapers. Several internal tools and systems became inaccessible, including virtual private networks and cloud storage services, complicating daily workflows across its local newsrooms. In a filing with the U.S. Securities and Exchange Commission shortly after the breach, the company confirmed that critical systems had been encrypted and that a portion of its data had been copied by the attackers. 

The source of the attack is yet to be identified, a group known as Qilin has allegedly claimed responsibility near the end of February. The group alleged it had stolen over 120,000 internal files, totaling 350 gigabytes, and threatened to publish the material unless their demands were met. Soon after, Qilin posted a sample of the stolen data to a dark web leak site, which included scans of government-issued IDs, financial spreadsheets, contracts, and other confidential records. The group also listed Lee Enterprises as a victim on its public-facing extortion portal. 

When asked about the authenticity of the leaked data, a spokesperson for Lee Enterprises stated the company was aware of the claims and was actively investigating. This is not the first cybersecurity issue Lee Enterprises has faced. The company’s network was previously targeted by foreign actors during the lead-up to the 2020 U.S. presidential election, where hackers from Iran allegedly attempted to use compromised media outlets to spread disinformation. 

The ransomware attack highlights ongoing threats facing media companies, especially those handling high volumes of personal and financial data. As Lee Enterprises continues its recovery and legal steps, the incident serves as a reminder of the need for robust digital defenses in today’s information-driven landscape.
Read more »
GitHub Advanced Security
AWS Cloud Security Critical Infrastructure Customer Data Cyberattack Data Breach Data Safety User Data data security GitHub GitHub Advanced Security

Massive Cyberattack Disrupts KiranaPro’s Operations, Erases Servers and User Data


KiranaPro, a voice-powered quick commerce startup connected with India’s Open Network for Digital Commerce (ONDC), has been hit by a devastating cyberattack that completely crippled its backend infrastructure. The breach, which occurred over the span of May 24–25, led to the deletion of key servers and customer data, effectively halting all order processing on the platform. Despite the app still being live, it is currently non-functional, unable to serve users or fulfill orders. 


Company CEO Deepak Ravindran confirmed the attack, revealing that both their Amazon Web Services (AWS) and GitHub systems had been compromised. As a result, all cloud-based virtual machines were erased, along with personally identifiable information such as customer names, payment details, and delivery addresses. The breach was only discovered on May 26, when the team found themselves locked out of AWS’s root account. Chief Technology Officer Saurav Kumar explained that while they retained access through IAM (Identity and Access Management), the primary cloud environment had already been dismantled. 

Investigations suggest that the initial access may have been gained through an account associated with a former team member, although the company has yet to confirm the source of the breach. To complicate matters, the team’s multi-factor authentication (MFA), powered by Google Authenticator, failed during recovery attempts—raising questions about whether the attackers had also tampered with MFA settings. 

Founded in late 2024, KiranaPro operates across 50 Indian cities and allows customers to order groceries from local kirana shops using voice commands in multiple languages including Hindi, Tamil, Malayalam, and English. Before the cyberattack, the platform served approximately 2,000 orders daily from a user base of over 55,000 and was preparing for a major rollout to double its footprint across 100 cities. 

Following the breach, KiranaPro has contacted GitHub for assistance in identifying IP addresses linked to the intrusion and has initiated legal action against ex-employees accused of withholding account credentials. However, no final evidence has been released to the public about the precise origin or nature of the attack. 

The startup, backed by notable investors such as Blume Ventures, Snow Leopard Ventures, and TurboStart, had recently made headlines for acquiring AR startup Likeo in a $1 million stock-based deal. High-profile individual investors include Olympic medalist P.V. Sindhu and Boston Consulting Group’s Vikas Taneja. 

Speaking recently to The Indian Dream Magazine, Ravindran had laid out ambitious plans to turn India’s millions of kirana stores into a tech-enabled delivery network powered by voice AI and ONDC. International expansion, starting with Dubai, was also on the horizon—plans now put on hold due to this security incident. 

This breach underscores how even tech-forward startups are vulnerable when cybersecurity governance doesn’t keep pace with scale. As KiranaPro works to recover, the incident serves as a wake-up call for cloud-native businesses managing sensitive data.
Read more »
Sensitive Information
Customer Data Cyber Attacks Data Leak Data protection data security Data Theft Employee Data Identity Theft Prevention Radio Station Sensitive Information

iHeartMedia Cyberattack Exposes Sensitive Data Across Multiple Radio Stations

 

iHeartMedia, the largest audio media company in the United States, has confirmed a significant data breach following a cyberattack on several of its local radio stations. In official breach notifications sent to affected individuals and state attorney general offices in Maine, Massachusetts, and California, the company disclosed that cybercriminals accessed sensitive customer information between December 24 and December 27, 2024. Although iHeartMedia did not specify how many individuals were affected, the breach appears to have involved data stored on systems at a “small number” of stations. 

The exact number of compromised stations remains undisclosed. With a network of 870 radio stations and a reported monthly audience of 250 million listeners, the potential scope of this breach is concerning. According to the breach notification letters, the attackers “viewed and obtained” various types of personal information. The compromised data includes full names, passport numbers, other government-issued identification numbers, dates of birth, financial account information, payment card data, and even health and health insurance records. 

Such a comprehensive data set makes the victims vulnerable to a wide array of cybercrimes, from identity theft to financial fraud. The combination of personal identifiers and health or insurance details increases the likelihood of victims being targeted by tailored phishing campaigns. With access to passport numbers and financial records, cybercriminals can attempt identity theft or engage in unauthorized transactions and wire fraud. As of now, the stolen data has not surfaced on dark web marketplaces, but the risk remains high. 

No cybercrime group has claimed responsibility for the breach as of yet. However, the level of detail and sensitivity in the data accessed suggests the attackers had a specific objective and targeted the breach with precision. 

In response, iHeartMedia is offering one year of complimentary identity theft protection services to impacted individuals. The company has also established a dedicated hotline for those seeking assistance or more information. While these actions are intended to mitigate potential fallout, they may offer limited relief given the nature of the exposed information. 

This incident underscores the increasing frequency and severity of cyberattacks on media organizations and the urgent need for enhanced cybersecurity protocols. For iHeartMedia, transparency and timely support for affected customers will be key in managing the aftermath of this breach. 

As investigations continue, more details may emerge regarding the extent of the compromise and the identity of those behind the attack.
Read more »
secure VPN
Customer Data customer data privacy Cyber Security Identity Fraud Identity Theft identity theft protection NordVPN secure VPN

NordVPN Introduces £5,000 ID Theft Recovery Coverage for UK Users on Ultimate Plan

 

NordVPN has launched a new identity theft recovery benefit for its UK subscribers, offering up to £5,000 in reimbursement to help users recover from the financial and emotional toll of identity fraud. This latest addition to its cybersecurity toolkit is exclusively available to customers subscribed to the NordVPN Ultimate plan, priced at £5.09 per month, paid annually at £137.43. 

This move comes amid growing concerns over online threats, especially following recent data breaches involving major UK retailers like Marks & Spencer, Harrods, and Co-op. In these incidents, attackers managed to access sensitive customer data, highlighting the increasing risk faced by consumers today. NordVPN’s ID theft recovery feature complements its existing scam loss protection and is designed to ease the burden of recovering one’s identity after it has been compromised. 

Covered expenses include restoring credit ratings, resolving issues with bank accounts or loans, and even reclaiming lost wages if a victim had to take time off work to deal with the aftermath of identity theft. Additionally, this protection can help victims clear their names in cases where their identities are used for malicious purposes. For those who fall prey to scams—whether through phishing, AI-driven deepfake schemes, or romance fraud—NordVPN offers up to 12 months to file a claim if their bank or financial institution cannot provide assistance. 

These benefits are not limited to the UK alone. NordVPN’s coverage also extends to users in countries like France, Germany, Italy, Sweden, and the Netherlands, with 24/7 access to support services. While NordVPN Basic remains the more affordable option at £2.39 per month, the Ultimate plan’s added layer of financial security could be a worthwhile upgrade for users seeking peace of mind. In comparison, NordVPN users in the United States receive broader coverage through the NordProtect service, which includes cyber extortion and fraud protection with coverage up to $1 million—either through NordVPN Prime or as a standalone service.  

Although the UK plan doesn’t offer the same level of compensation as its U.S. counterpart, the £5,000 coverage still represents a meaningful step toward consumer protection. In an age where cyberattacks are common and even large companies struggle to safeguard data, investing in robust protection is becoming increasingly important. Whether or not users choose to upgrade, staying informed about digital security best practices remains the first line of defence.
Read more »
Sensitive data
Co-op Customer Data Customer Data Exposed cyber attack Data Breach Data Leak data security IT Infrastructure Sensitive data

Co-op Cyberattack Exposes Member Data in Major Security Breach

 

Millions of Co-op members are being urged to remain vigilant following a significant cyberattack that led to a temporary shutdown of the retailer’s IT infrastructure. The company confirmed that the breach resulted in unauthorized access to sensitive customer data, although it emphasized that no financial or account login information was compromised. 

Shirine Khoury-Haq, Chief Executive Officer of Co-op, addressed members directly, expressing regret and concern over the breach. She assured customers that the company’s core operations were largely unaffected by the attack and that members could continue to use their accounts and services as normal. However, she acknowledged the seriousness of the data exposure, which has affected both current and past members of the Co-op Group. 

“We deeply regret that personal member information was accessed during this incident. While we’ve been able to prevent disruption to our services, we understand how unsettling this news can be,” Khoury-Haq stated. “I encourage all members to take standard security precautions, including updating their passwords and ensuring they are not reused across platforms.” 

According to an official statement from Co-op, the malicious activity targeted one of their internal systems and successfully extracted customer data such as names, contact information, and dates of birth. Importantly, the company clarified that no passwords, payment details, or transactional records were included in the breach. They also emphasized that their teams are actively investigating the incident in coordination with the National Cyber Security Centre (NCSC) and the National Crime Agency (NCA). 

The company said that it has implemented enhanced security measures to prevent further unauthorized access, while minimizing disruption to business operations and customer services. Forensic specialists are currently assessing the full scope of the breach, and affected individuals may be contacted as more information becomes available. In response to the incident, Stephen Bonner, Deputy Commissioner of the UK Information Commissioner’s Office (ICO), offered guidance to concerned members. “Cyberattacks like this can be very unsettling for the public. 

If you’re concerned about your data, we recommend using strong, unique passwords for each of your online accounts and enabling two-factor authentication wherever possible,” he advised. “Customers should also stay alert to updates from Co-op and follow any specific instructions they provide.” The Co-op has apologized to its customers and pledged to continue prioritizing data protection as it works to resolve the issue. While the investigation continues, members are encouraged to remain cautious and take proactive steps to safeguard their personal information online.
Read more »
Personal Data
Bank CyberSecurity Bank Data Leak Cleo Server CLOP Customer Data Data Breach Data Leak Data Theft Identity Theft Personal Data

Western Alliance Bank Data Breach Exposes Nearly 22,000 Customers’ Personal Information

 

Western Alliance Bank has alerted nearly 22,000 customers that their personal information was compromised following a cyberattack in October. The breach stemmed from a vulnerability in a third-party vendor’s secure file transfer software, which allowed attackers to gain unauthorized access to the bank’s systems and extract sensitive customer data. 

Western Alliance, a subsidiary of Western Alliance Bancorporation with over $80 billion in assets, first disclosed the incident in a February SEC filing. The bank revealed that hackers exploited a zero-day vulnerability in the software, which was officially disclosed on October 27, 2024. However, unauthorized access to the bank’s systems had already occurred between October 12 and October 24. The breach was only confirmed after the attackers leaked stolen files online. 

According to breach notification letters sent to 21,899 affected customers and filed with the Office of Maine’s Attorney General, the stolen data includes names, Social Security numbers, birth dates, financial account details, driver’s license numbers, tax identification numbers, and passport information if previously provided to the bank. Despite the exposure, Western Alliance stated there is no evidence of fraud or identity theft resulting from the breach. 

To support affected customers, the bank is offering one year of free identity protection services through Experian IdentityWorks Credit 3B. Although Western Alliance did not disclose the name of the compromised software in its SEC filing or customer notifications, the Clop ransomware gang has claimed responsibility for the attack. In January, Clop listed the bank among 58 companies targeted in a campaign that exploited a critical zero-day vulnerability (CVE-2024-50623) in Cleo LexiCom, VLTransfer, and Harmony software. 

The ransomware group had previously leveraged similar security flaws in MOVEit Transfer, GoAnywhere MFT, and Accellion FTA to conduct large-scale data theft operations. Further investigations revealed that Clop exploited an additional zero-day vulnerability (CVE-2024-55956) in Cleo software in December. This allowed them to deploy a Java-based backdoor, dubbed “Malichus,” enabling deeper infiltration into victims’ networks. Cleo, which serves over 4,000 organizations worldwide, confirmed the vulnerability had been used to install malicious backdoor code in affected instances of its Harmony, VLTrader, and LexiCom software. 

The full extent of the breach remains unclear, but it highlights the growing risks posed by vulnerabilities in third-party software. Organizations relying on such solutions must remain vigilant, promptly apply security patches, and implement robust defenses to prevent similar incidents.
Read more »
Privacy
Customer Data Federal Trade Commission General Motors Privacy

GM Faces FTC Ban on Selling Customer Driving Data for Five Years

 



General Motors (GM) and its OnStar division have been barred from selling customer-driving data for the next five years. This decision follows an investigation that revealed GM was sharing sensitive customer information without proper consent.  

How Did This Happen?

This became public after it was discovered that GM had been gathering detailed information about how customers drove their vehicles. This included how fast they accelerated, how hard they braked, and how far they travelled. Rather than keeping this data private, GM sold it to third parties, including insurance companies and data brokers.

Many customers did not know about this practice and complained when their insurance premiums suddenly increased. According to reports, one customer complained that they had enrolled in OnStar to enjoy its tracking capabilities, not to have their data sold to third parties.

FTC's Allegations

The Federal Trade Commission (FTC) accused GM of misleading customers during the enrollment process for OnStar’s connected vehicle services and Smart Driver program. According to the FTC, GM failed to inform users that their driving data would be collected and sold.

FTCP Chair Lina Khan said GM tracked and commercially sold the extremely granular geolocation data of consumers and drove behaviour as frequently as every couple of seconds, and the settlement action is taking to protect privacy and prevent people from being subjected to unauthorized surveillance, according to officials.

Terms of Settlement

 Terms of the agreement require GM to:
1. Explain clearly data collection practices.
2. Obtain consent before collecting or sharing any driving data.  
3. Allow customers to delete their data upon request.  
Additionally, GM has ended its OnStar Smart Driver program, which was central to the controversy.

In a brief response, GM stated that it is committed to safeguarding customer privacy but did not address the allegations in detail.

Why This Matters  

This case highlights the growing importance of privacy in the digital age. It serves as a warning to companies about the consequences of using customer data without transparency. For consumers, it’s a reminder to carefully review the terms of services they sign up for and demand accountability from businesses handling personal information.

The action the FTC takes in this move is to make sure that companies give ethical practice priority and respect customers' privacy.







Read more »
Sensitive customer information
Chrome Extension Customer Data Cyber Attacks Cybersecurity measures Data Loss data security Phishing email Sensitive customer information

Cyberattack on Cyberhaven Chrome Extension Exposes Sensitive Data

 


On Christmas Eve, Cyberhaven, a data loss prevention company, experienced a cyberattack targeting its Google Chrome extension. The breach exposed sensitive customer data, including passwords and session tokens. The company has since taken swift measures to address the issue and prevent future incidents.

The attack occurred after a Cyberhaven employee fell victim to a phishing email, inadvertently sharing their credentials. This gave the attacker access to Cyberhaven’s systems, specifically the credentials for the Google Chrome Web Store. Leveraging this access, the attacker uploaded a malicious version (24.10.4) of the Cyberhaven Chrome extension. The compromised version was automatically updated on Chrome-based browsers and remained active from 1:32 AM UTC on December 25 to 2:50 AM UTC on December 26.

Swift Response by Cyberhaven

Cyberhaven’s security team discovered the breach at 11:54 PM UTC on Christmas Day. Within an hour, they removed the malicious extension from the Web Store. CEO Howard Ting praised the team’s dedication, stating, “Our team acted swiftly and with remarkable dedication, interrupting their holiday plans to safeguard our customers and maintain our commitment to transparency.”

While no other Cyberhaven systems, such as CI/CD processes or code signing keys, were affected, the compromised extension potentially enabled the exfiltration of user cookies and authenticated sessions for specific targeted websites. This incident underscores the persistent risks posed by phishing attacks and the critical need for robust security measures.

Mitigation Measures for Users

To mitigate the impact of the breach, Cyberhaven has advised users to take the following steps:

  • Update the extension to version 24.10.5 or newer.
  • Monitor logs for unusual activity.
  • Revoke or reset passwords not protected by FIDOv2.

These proactive measures are essential to prevent further exploitation of compromised credentials.

Enhanced Security Measures

In response to the attack, Cyberhaven has implemented additional security protocols to strengthen its defenses. The company is also working with law enforcement to investigate the breach and identify the attackers, who reportedly targeted other companies as well.

This attack highlights the increasing sophistication of cyber threats, particularly those exploiting human error. Phishing remains one of the most effective tactics for gaining unauthorized access to sensitive systems. Companies must prioritize employee training on recognizing phishing attempts and establish multi-layered security frameworks to mitigate vulnerabilities.

Cyberhaven’s swift response and transparent communication reflect its commitment to customer security and trust. As the investigation continues, this incident serves as a stark reminder of the importance of vigilance in the ever-evolving landscape of cybersecurity threats.

Read more »
Subscribe to: Posts (Atom)