Search This Blog
Powered by Blogger.

Blog Archive

Labels

About Me

Load More
Trendy Right Now

Popular Posts

Showing posts with label Data Breach. Show all posts
User Privacy
Adidas Data Breach Data Leak Third-party breach User Privacy

Adidas Confirms Data Leak After User Service Provider Hack

 

Adidas confirmed that a third-party customer service provider's vulnerability allowed a threat actor to steal company data. 

Contact details of customers who have previously dealt with the Adidas customer service help desk are among the impacted data. However, passwords, credit cards, and other financial or payment information are not included.

"Adidas is in the process of informing potentially affected consumers as well as appropriate data protection and law enforcement authorities consistent with applicable law," the company explained in a notification on its website. 

It has subsequently initiated an investigation to gather facts about a breach and is working with information security professionals. Adidas did not reveal the name of its third-party customer support provider. It also remains unknown who carried out the strike. 

"This incident underscores a critical truth: third-party breaches swiftly become your organization's breaches, which highlights the necessity of robust oversight mechanisms," noted Fletcher Davis, senior security research manager at BeyondTrust. "Mandating security assessments, multifactor authentication, and zero-trust architecture for all vendor access, while deploying real-time identity infrastructure monitoring to cut response times to minutes, as opposed to days.” 

Adidas is not the first well-known brand to have experienced data leaks or cyberattacks in recent years. Recent ransomware attacks have targeted the Co-op Group, Marks & Spencer, and the luxury shop Harrods. Marks & Spencer reported that its customers' personal information was stolen during the incident, and that retail operations had been affected.

Scattered Spider was possibly responsible for the attack, unleashing DragonForce ransomware against the UK retailer, forcing Marks & Spencer to estimate a $400 million hit on earnings.

Establishing strong defense 

Forward-thinking merchants are implementing new techniques to mitigate third-party risk. Consider the following best practices: 

Zero trust approach: Treat every provider as a potential risk and restrict data access to what is absolutely essential. 

Incident simulation: Conduct regular exercises that simulate third-party breaches and test your response procedures. 

Continuous vendor assessment: Use automated systems to track vendor security status all year, not just during annual audits. 

The Adidas breach was not an isolated incident. It is a warning to the entire retail sector. As hackers become more adept, businesses must consider third-party risk as a key priority rather than just a compliance concern.
Read more »
Ransomware
Data Breach Files links Nova Scotia Ransomware

Ransomware Attack Exposes Private Data of Over 280,000 Nova Scotia Power Customers

 


A major cybersecurity incident has affected Nova Scotia Power, the province’s electricity provider. The company recently confirmed it was hit by a ransomware attack that led to a massive data leak, although electricity services were not disrupted.

The cyberattack was first detected in late March 2025, but the company didn’t reveal full details until much later. After noticing unusual activity on April 25, Nova Scotia Power quickly activated emergency measures. They called in cybersecurity professionals and informed local authorities.

By May, investigations confirmed that customer information had been accessed by unauthorized hackers. The stolen records include names, birth dates, email addresses, phone numbers, home and service addresses, electricity usage history, payment records, and details of past service requests. Some individuals were affected more severely, as sensitive documents like Social Insurance Numbers, driver's license numbers, and bank account information were also accessed—particularly for those using automatic payments.

Despite the attack, Nova Scotia Power chose not to give in to the ransom demands. In a public statement, they explained that their decision was based on advice from cybersecurity experts and legal authorities. Unfortunately, since the ransom wasn’t paid, the attackers responded by leaking the stolen data online.

To help affected customers, the company has partnered with TransUnion, a credit monitoring agency. Those impacted are being offered a free two-year subscription to a credit monitoring program called myTrueIdentity. Letters with instructions on how to sign up and tips to stay protected are being sent out.

Nova Scotia Power has advised customers to be cautious. People are warned not to respond to suspicious emails, texts, or phone calls pretending to be from the company. If contacted unexpectedly, it’s safer to double-check the message before sharing personal information. Avoid clicking on strange links or downloading unknown files.

While customer privacy has been compromised, the company confirmed that its electricity system remains secure. The power supply across the province has not been affected in any way. All power generation, delivery, and transmission systems continue to operate as usual.

Emera Inc., the parent company of Nova Scotia Power, stated that the cyberattack has not had a serious effect on its financial results. The company continues to report earnings and operate its business normally.

This incident is one of the largest data breaches in recent Canadian history. The company is still investigating what happened and is working with professionals to strengthen its digital systems and prevent future attacks. With so many people impacted, it raises growing concerns about how easily private data can be exposed in today’s digital world.

Read more »
IT desk
Data Breach Dior Hackers harrods IT desk

Hackers Are Fooling IT Help Desks — Here’s How You Can Stay Protected

 


IT support teams, also known as service desks, are usually the first people we call when something goes wrong with our computers or accounts. They’re there to help fix issues, unlock accounts, and reset passwords. But this helpfulness is now being used against them.

Cybercriminals are targeting these service desks by pretending to be trusted employees or partners. They call in with fake stories, hoping to trick support staff into giving them access to systems. This method, called social engineering, relies on human trust — not hacking tools.


Recent Examples of These Attacks

In the past few months, several well-known companies have been hit by this kind of trickery:

1. Marks & Spencer: Attackers got the IT team to reset passwords, which gave them access to personal data. Their website and online services were down for weeks.

2. Co-Op Group: The support team was misled into giving system access. As a result, customer details and staff logins were stolen, and some store shelves went empty.

3. Harrods: Hackers tried a similar trick but were caught in time before they could cause any damage.

4. Dior: An unknown group accessed customer information like names and shopping history. Thankfully, no payment details were leaked.

5. MGM Resorts (2023): Hackers phoned the help desk, pretending to be someone from the company. They convinced the team to turn off extra security on an account, which led to a major cyberattack.


Why Hackers Target Support Desks

It’s often much easier to fool a person than to break into a computer system. Help desk workers are trained to respond quickly and kindly, especially when someone seems stressed or claims they need urgent access.

Hackers take advantage of this by pretending to be senior staff or outside vendors, using pressure and believable stories to make support agents act without asking too many questions.


How These Scams Work

• Research: Criminals gather public details about the company and employees.

• Fake Identity: They call the support team, claiming to be locked out of an account.

• Create Urgency: They insist the situation is critical, hoping the agent rushes to help.

• Avoiding Security: They make up excuses for not being able to use two-step login and ask for a reset.

• Gain Access: Once the reset is done, they log in and start their attack from the inside.


What Can Be Done to Prevent This

Companies should train their support teams to slow down, ask the right questions, and always verify who they’re talking to — no matter how urgent the request sounds. It’s also smart to use extra security tools that help confirm a person’s identity before giving access.

Adding clear rules and multi-layered checks will make it harder for attackers to slip through, even when they try their best to sound convincing.

Read more »
User Security
Data Breach Lawsuit M&S Thompsons Solicitors User Security

M&S Faces Multi-million Lawsuit Following Major Data Breach

 

Following the cyberattack that affected the retailer for a month, Marks & Spencer is reportedly facing a multimillion-pound lawsuit over the loss of customer data.

It acknowledged earlier this month that customer information, including names, email addresses, postal addresses, and dates of birth, had been stolen by hackers. Chief Executive Stuart Machin stated that the "sophisticated nature of the incident" had allowed access to the data, although he emphasised that it does not include account passwords or payment and card information, which M&S claims it does not store on its servers. 

According to The Sunday Mail, Thompsons Solicitors is now pursuing a class action lawsuit against M&S for exposing customers to the risk of scams by failing to safeguard their data. 

Senior Partner Patrick McGuire of Thompsons Solicitors stated that the firm has been "inundated by Scots M&S clients who have been caught up in this online heist and are contacting Thompsons. We have a situation here where one of the most famous retailers in the UK has allowed criminals to pillage the personal details of hundreds of thousands of Scottish customers. I think this will be the biggest data theft case we have ever been involved in.”

Investors will be expecting that Marks & Spencer will provide further information on the impact of the disastrous cyber assault that has interrupted all online orders at the retail giant. On Friday, the company will provide an update to the stock market on its financial performance over the past year. However, emphasis will be focused on how the company is dealing with weeks of interruption. It's been a month since the retailer was hit by a major "cyber incident" allegedly tied to hacking organisation Scattered Spider.

As a result, the company has suspended online orders for the past three weeks, and payments and click-and-collect orders have also been affected. M&S's store availability was also impacted by the outage, resulting in some bare shelves as it replaced elements of its IT systems, but said it was recovering swiftly in an update last Thursday.

Its stores have remained open, and availability is "now in a much more normal place, with stores well stocked this week". The retailer is yet to reveal the financial cost of the incident, although it is believed to have lost tens of millions of pounds in sales. 

Analysts at Barclays believe the cyber attack might cost £200 million in the fiscal year 2025/26, but this will be mitigated by an insurance payout of roughly £100 million. The attack struck the business following an excellent run under Stuart Machin's leadership, with shares reaching a nearly nine-year high last month before falling recently.
Read more »
UK
Data Breach Data protection Dior Fashion UK

Dior Confirms Hack: Personal Data Stolen, Here’s What to Do


Christian Dior, the well-known luxury fashion brand, recently experienced a cyberattack that may have exposed customer information. The brand, owned by the French company LVMH, announced that an outsider had managed to break into part of its customer database. This has raised concerns about the safety of personal information, especially among shoppers in the UK.

Although no bank or card information was stolen, Dior said the hackers were able to access names, email addresses, phone numbers, mailing addresses, purchase records, and marketing choices of customers. Even though financial details remain safe, experts warn that this kind of personal data could still be used for scams that trick people into giving away more information.


How and When the Breach Happened

The issue was first noticed on May 7, 2025, when Dior’s online system in South Korea detected unusual activity involving customer records. Their technical team quickly responded by shutting down the affected servers to prevent more damage.

A week later, on May 14, French news sources reported the incident, and the following day, Dior publicly confirmed the breach on its websites. The company explained that while no payment data was involved, some customer details were accessed.


What Dior Is Doing Now

Following the European data protection rules, Dior acted quickly by resetting passwords, isolating the impacted systems, and hiring cybersecurity experts to investigate the attack. They also began informing customers where necessary and reassured the public that they are working on making their systems more secure.

Dior says it plans to improve security by increasing the use of two-factor login processes and monitoring accounts more closely for unusual behavior. The company says it takes customer privacy very seriously and is sorry for any trouble this may cause.


Why Luxury Brands Are Often Targeted

High-end brands like Dior are popular targets for cybercriminals because they cater to wealthy customers and run large digital operations. Earlier this month, other UK companies like Marks & Spencer and Co-op also reported customer data issues, showing that online attacks in the retail world are becoming more common.


What Customers Can Do to Stay Safe

If you’re a Dior customer, there are simple steps you can take to protect yourself:

1. Be careful with any messages that claim to be from Dior. Don’t click on links unless you are sure the message is real. Always visit Dior’s website directly.

2. Change your Dior account password to something new and strong. Avoid using the same password on other websites.

3. Turn on two-factor login for extra protection if available.

4. Watch your bank and credit card activity regularly for any unusual charges.

Be wary of fake ads or offers claiming big discounts from Dior, especially on social media.


Taking a few minutes now to secure your account could save you from a lot of problems later.

Read more »
phishing
Coinbase credit freeze Crypto Wallet cryptocurrency Cybersecurity Data Breach Identity Theft phishing

Coinbase Confirms Data Breach Impacting Over 69,000 Users, Refuses $20M Extortion Demand

 

Coinbase, the leading cryptocurrency exchange in the United States, disclosed a recent cybersecurity breach affecting 69,461 users, according to a notification submitted to the Maine attorney general’s office. Although the hackers failed to access individual accounts or sensitive login details such as two-factor authentication codes, private keys, or crypto wallets, they were able to obtain a wide array of personal data.

The compromised information includes:
  • Full names
  • Residential addresses
  • Phone numbers
  • Email addresses
  • Partial Social Security numbers
  • Masked bank account details
  • Government-issued ID images (e.g., driver’s licenses, passports)
  • Account-related data such as transaction history and snapshots
In an SEC filing, Coinbase revealed that the attackers paid offshore contractors to gain access to internal systems. This information was weaponized to launch a social engineering scam. The perpetrators demanded $20 million in exchange for not leaking the stolen data—an offer Coinbase declined.

"Instead of funding criminal activity, we have investigated the incident, reinforced our controls, and will reimburse customers impacted by this incident," the company said in its statement.

Coinbase is currently collaborating with law enforcement and has established a $20 million reward fund to incentivize tips that could lead to the identification and capture of the individuals responsible.

Meanwhile, reports on Reddit suggest that some users received unsolicited password reset notifications as early as last week. It is still unclear whether these incidents are directly connected to the breach. CNET contacted Coinbase for a response, but no comment was issued at the time.

Steps to Protect Your Crypto and Data
Although Coinbase has confirmed that seed phrases and investor accounts remain secure, the exposure of personal data is significant. Here’s what you should do now to safeguard your information:

1. Use a Cold Wallet
security, coldwallet, hardwarewallet, cryptoassets
For regular crypto investors, shifting funds to a cold wallet—a device not connected to the internet—can provide an extra layer of security in case of future breaches

2. Freeze Your Credit Reports
creditfreeze, SSN, financialsecurity
Freeze your credit reports with all three major bureaus and consider placing a lock on your Social Security number to prevent identity misuse. Be cautious of phishing attempts that may exploit this situation.

"It's worth the hassle of setting up accounts with all three major credit bureaus. I get peace of mind at zero cost to me," said Danni Santana, CNET’s identity theft editor.

3. Notify Your Bank
banking, accountsecurity, financialfraud
Even if only partial account information was exposed, contact your bank to report the incident. You may want to open new checking or savings accounts as a precaution.

4. Enroll in Identity Monitoring Services
identitytheft, monitoring, datasecurity, insurance
Opt into a free credit and identity monitoring service. While these platforms don’t take direct action, they provide alerts if your data appears on the dark web. Paid services like Aura go further, offering identity restoration support and up to $1 million in identity theft insurance.
Read more »
validation
Automation Compliance Cybersecurity Data Breach Downtime Encryption Infrastructure PenTesting Risk validation

Pentera Report: 67% of Companies Hit by Data Breaches in Past Two Years

 

A new study by Pentera reveals that 67% of organizations have experienced a data breach in the last 24 months — with 24% affected in the past year, and 43% reporting incidents within the previous 12 months.

The most common consequence of these breaches was unplanned downtime, affecting 36% of companies. In addition, 30% faced data compromise, while 28% incurred financial losses, emphasizing the growing risk and impact of security failures.

Among the organizations that shared the breach aftermath, a startling 76% said the incidents affected the confidentiality, integrity, or availability of their data. Only 24% reported no significant consequences.

Confidence in government-led cybersecurity efforts is also alarmingly low. Just 14% of cybersecurity leaders said they trust the support provided. Although 64% of CISOs acknowledged receiving some level of help, many feel it’s not enough to safeguard the private sector.

To strengthen cyber defenses, U.S. enterprises are spending an average of $187,000 a year on penetration testing, which simulates cyberattacks to uncover system vulnerabilities. This figure makes up just over 10% of the overall IT security budget, yet over 50% of CISOs plan to increase this allocation in 2025.

Still, companies are making system changes — such as new users, configuration updates, and permission modifications — much more frequently than they validate security. The report highlights that 96% of U.S. organizations update infrastructure quarterly, but only 30% test their defenses at the same pace.

“The pace of change in enterprise environments has made traditional testing methods unsustainable,” said Jason Mar-Tang, Field CISO at Pentera.
“96% of organizations are making changes to their IT environment at least quarterly. Without automation and technology-driven validation, it's nearly impossible to keep up. The report’s findings reinforce the need for scalable security validation strategies that meet the speed and complexity of today’s environments.”
Read more »
Password
AI Privacy Credentials Stolen CyberCrime CyberThreat Data Breach Data Stolen Datasafety Password

Global Data Breach Uncovers 23 Million Stolen Credentials

 


As a consequence of the fact that a single set of login credentials can essentially unlock an individual's financial, professional, and personal life, the exposure of billions of passwords represents more than just a routine cybersecurity concern today- it signals a global crisis in the trust of digital systems and data security. 

Cybernews has recently reported a staggering number of 19 billion passwords that circulate on underground criminal forums right now, according to their findings. According to experts, this massive database of compromised credentials, which is one of the most extensive collections of credentials ever recorded, is intensifying cyberattacks around the globe in an attempt to increase their scale and sophistication. 

As opposed to isolated breaches of the past, this latest leak seems to have come from years of data breaches, reassembled and repurposed in a way that enables threat actors to launch highly automated and targeted attacks that can be used by threat actors. Not only is the leaked data being used to breach individual accounts, but it is also allowing credential stuffing campaigns to run on a large scale against banks, corporations, and government systems, involving automated login attempts using the leaked credentials. 

Due to this rapid development of the threat landscape, cybersecurity professionals are warning that attacks will become more personal, more frequent, and harder to detect in the future. Considering the sheer number of compromised passwords, it is evident that it is essential to implement more comprehensive digital hygiene practices, such as multi-factor authentication, regular password updates, and educating the public about the dangers associated with reused or weak credentials. Today's hyperconnected world is a powerful reminder that cybersecurity isn't an optional issue. This development serves as a strong reminder of the importance of maintaining strong digital hygiene.

As the threat posed by infostealer malware continues to grow, a thriving underground economy of stolen digital identities will continue to thrive as a result. Infections are silently carried out by these malicious programs that harvest sensitive information from devices. These details include login credentials, browser-stored data, and session cookies. These data are then sold or traded between cybercriminals. With billions of compromised records currently circulating within these illicit networks, it is alarming to see the scale of this ongoing data theft. 

One example of this was when a massive dataset, referred to as "ALIEN TXTBASE", was ingested into the widely trusted breach monitoring service, Have I Been Pwned, by cybersecurity expert Troy Hunt, known for being a very prominent case study. In the dataset, 1.5 terabytes of stealer logs are included, which contain approximately 23 billion individual data rows. These logs comprise 1.5 terabytes in total. According to the researchers, over 284 million distinct email accounts around the world were impacted by these breaches, which accounted for 493 million unique combinations of websites and email addresses. This trove of disclosed information underscores the magnitude of these breaches as they are becoming increasingly widespread and indiscriminate.

A malware program known as Infostealer does not target specific individuals but rather casts a wide net, infecting systems en large and stealing personal information without the knowledge of the user. As a result, there is an ever-increasing number of compromised digital identities that are constantly growing, which is a significant contributor to the global increase in the risks of account takeovers, fraud, and phishing attacks, as well as long-term privacy violations. 

It is common for individuals to believe they are unlikely targets for cybercriminals simply because they do not feel that they are "important enough." This belief is very, very false, and it is not possible to find a way to change it. In reality, modern cyberattacks are not manually orchestrated by hackers selecting a specific victim; instead, they are driven by automated tools capable of scanning and exploiting vulnerabilities at a large scale using automated tools. Regardless of whether a person has a professional or personal online presence, anyone can potentially be at risk, no matter what their profession, profile, or perceived importance is. 

The worst part is that, based on recent data, about 94% of the 19 billion leaked passwords were reused on multiple accounts in a way that makes the situation even more concerning. Cybercriminals can successfully infiltrate others using the same credentials once one account has been compromised, increasing the chances of successful attacks. It can be extremely difficult for an individual to cope with the consequences of a successful password breach. 

They may have to give up their email accounts, social media accounts, cloud storage accounts, financial applications, and more if they are hacked. When hackers have access to their accounts, they may use them to commit identity theft, open fraudulent credit lines, or conduct unauthorised financial transactions. As a result of the exposure of sensitive personal and professional information, it is also possible to face public humiliation, blackmail, or reputational damage, especially if malicious actors misuse compromised accounts for the dissemination of misinformation or for conducting illicit activities. 

As a result, cybercrime is becoming more sophisticated and sophisticated, thereby making everyone, regardless of their digital literacy, vulnerable without proper cybersecurity measures in place. Cybercrime risks are no longer theoretical—they are becoming a reality daily. Several leaked records reveal the inner workings of infostealer malware, offering a sobering insight into how these threats function in such a precise and stealthy manner. 

While traditional data breaches are focused on large corporate databases, infostealers typically infect individual devices without the user's knowledge and take a more insidious approach, often without the user being aware of it. In addition to extracting data such as saved passwords, session cookies, autofill entries, and browser history, these malicious tools can also extract a wide range of sensitive data as soon as they are embedded. 

Once the data is stolen, it is then trafficked into cybercriminal circles, leading to a vicious cycle of account takeovers, financial fraud, and identity theft. It has recently been reported that the ALIEN TXTBase dataset, which has received much attention because of its huge scope and structure, is a notable example of this trend. There is a misconception that this dataset stems from a single incident, but in fact, it is actually a compilation of stealer logs from 744 different files that were derived from a single incident. 

It was originally shared through a Telegram channel, where threat actors often spread such information in a very unregulated and open environment. Each entry in the dataset follows the same format as a password—URL, login, and password, which provides an in-depth look at the credentials compromised. Troy Hunt, a cybersecurity researcher, gathered these fragments and compiled them into one unified and analysed dataset, which was then incorporated into Have I Been Pwned, a platform that can be used to identify a user's vulnerability. 

It is important to note that only two sample files were initially reviewed; however, as it became clear that the extent of the leak was immense, the whole collection was merged and analysed to gain a clearer picture of the damage. By aggregating this data methodically, cybercriminals are demonstrating that they aren't merely exploiting isolated incidents; they're assembling vast, cumulative archives of stolen credentials that they're cultivating over time. By sharing and organising this data in such a widespread manner, the reach and effectiveness of infostealer campaigns can be accelerated, presenting a threat to both personal privacy as well as organisational security for many years to come.

Act Without Delay 


As a result of the recent security breaches of passwords, individuals can still protect themselves by taking action as soon as possible to protect themselves and their devices. Procrastination increases vulnerability as threats are rapidly evolving. 

Strengthen Passwords


Creating a strong, unique password is essential. Users should avoid using common patterns when writing their passwords and create passphrases that include uppercase, lowercase, numbers, and symbols, in addition to letters and numbers. Password managers can assist in creating and storing complex passwords securely. 

Replace Compromised Credentials


Changing passwords should be done immediately if they are reused across different websites or remain unchanged for an extended period, especially for sensitive accounts like email, banking, and social media. Tools like Have I Been Pwned can help identify breaches faster. 

Enable Multi-Factor Authentication 


A multi-factor authentication system (MFA) reduces the risk of a security breach by reducing the need to upload multiple authentication credentials. App-based authenticators such as Google Authenticator provide better security than SMS-based authenticators, which are still preferable. 

Use Privacy Tools

Several platforms like Cloaked provide disposable email addresses and masked phone numbers, which minimise the possibility of sensitive information being breached and the exposure of personal information. 

Stay Vigilant and Informed

It is critical to monitor account activity regularly, revoke untrusted entry to accounts, and enable alerts on untrusted devices. Staying informed through a trusted cybersecurity source and educating others on how to protect themselves will further enhance collective security. The growing threat of credential theft can be combated by raising awareness, taking timely action, and establishing strong security habits. 

Protecting a person's digital identity is an ongoing responsibility which requires vigilance, proactive measures, and continuous awareness. As a result of recent credential leaks of unprecedented scale and sophistication, it has become increasingly imperative for individuals as well as organisations to take additional measures to ensure their cybersecurity posture is as secure as possible. Proactive and continuous vigilance must become an integral part of all organisations' cybersecurity practices, incorporating not just robust password management and multi-factor authentication, but also regular security audits and real-time monitoring of digital assets. 

As a precautionary measure against exploitation, companies should implement comprehensive cybersecurity frameworks, which include employee training, threat intelligence sharing, and incident response planning. It is equally important that users adopt privacy-enhancing tools and remain informed about emerging threats to stay ahead of adversaries who continually change their tactics, thereby protecting themselves against the relentless attacks of cyber adversaries. 

In the end, protecting digital identities is a continuous commitment that requires both awareness and action; if you fail to perform these responsibilities, you expose your business and personal data to relentless cybercriminals. Stakeholders need to cultivate a culture of security, mindfulness,sadandeverage advanced protective measures. This will reduce their vulnerability in the increasingly interconnected digital ecosystems of today, preserving trust and resilience to overcome the challenges presented by cybersecurity threats.
Read more »
Subscribe to: Posts (Atom)