Search This Blog
Powered by Blogger.

Blog Archive

Labels

About Me

Load More
Trendy Right Now

Popular Posts

Showing posts with label Personal Information. Show all posts
protecting sensitive data
Chinese Data Breach Data Leak data security Data Surveillance database Database Breach Personal Information protecting sensitive data

Massive Data Leak Exposes Billions of Records in Suspected Chinese Surveillance Database

 

Cybersecurity experts have uncovered a massive trove of sensitive information left exposed online, potentially placing millions of individuals at significant risk. The discovery, made by researchers from Cybernews in collaboration with SecurityDiscovery.com, revealed an unsecured database totaling 631 gigabytes—containing an estimated four billion individual records. 

The open instance, which lacked any form of password protection, was quickly taken offline once the exposure was reported, but experts remain unsure about how long it had remained publicly accessible. The data, according to the investigation, appears to primarily concern Chinese citizens and users, with entries collected from various platforms and sources. 

Cybernews researchers believe this is not a random collection, but rather a systematically curated database. They described it as a tool capable of constructing detailed behavioral, social, and financial profiles of nearly any individual included in the records. The structured and diverse nature of the data has led analysts to suspect that the repository may have been created as part of a broader surveillance or profiling initiative. 

Among the most alarming elements of the database is the presence of extensive personally identifiable information (PII). The exposed details include full names, birth dates, phone numbers, financial records, bank card data, savings balances, debt figures, and personal spending patterns. Such information opens the door to a wide range of malicious activities—ranging from identity theft and financial fraud to blackmail and sophisticated social engineering attacks. 

A large portion of the exposed records is believed to originate from WeChat, the popular Chinese messaging app, which accounts for over 805 million entries. Another 780 million records relate to residential data tied to specific geographic locations. Meanwhile, a third major portion of the database labeled “bank” contains around 630 million records of financial and sensitive personal data. 

If confirmed, the scale of this leak could surpass even the National Public Data breach, one of the most significant data security incidents in recent memory. Experts are particularly troubled by the implications of a centralized data cache of this magnitude—especially one that may have been used for state-level surveillance or unauthorized commercial data enrichment. 

While the server hosting the information has been taken offline, the potential damage from such an exposure may already be done. Investigators continue to analyze the breach to determine its full impact and whether any malicious actors accessed the data while it was left unsecured.
Read more »
Ransomwares
Customer Data Cyberattack Data Breach Data Leak data security Personal Information personal information exposure Qilin Qilin Ransomware Ransomware attack Ransomware group Ransomwares

Lee Enterprises Ransomware Attack Exposes Data of 40,000 Individuals

 

Lee Enterprises, a major U.S. news publisher, is alerting nearly 40,000 individuals about a data breach following a ransomware attack that took place in early February 2025. The company, which owns and operates 77 daily newspapers and hundreds of weekly and special-interest publications across 26 states, reported that the cyberattack resulted in the theft of personal information belonging to thousands of people. 

Details of the breach were revealed in a recent disclosure to the Maine Attorney General’s office. According to the company, the attackers gained unauthorized access to internal documents on February 3, 2025. These files contained combinations of personal identifiers such as names, Social Security numbers, driver’s license details, bank account information, medical data, and health insurance policy numbers. The security incident caused widespread operational disruptions. 

Following the attack, Lee Enterprises was forced to shut down multiple parts of its IT infrastructure, impacting both the printing and delivery of its newspapers. Several internal tools and systems became inaccessible, including virtual private networks and cloud storage services, complicating daily workflows across its local newsrooms. In a filing with the U.S. Securities and Exchange Commission shortly after the breach, the company confirmed that critical systems had been encrypted and that a portion of its data had been copied by the attackers. 

The source of the attack is yet to be identified, a group known as Qilin has allegedly claimed responsibility near the end of February. The group alleged it had stolen over 120,000 internal files, totaling 350 gigabytes, and threatened to publish the material unless their demands were met. Soon after, Qilin posted a sample of the stolen data to a dark web leak site, which included scans of government-issued IDs, financial spreadsheets, contracts, and other confidential records. The group also listed Lee Enterprises as a victim on its public-facing extortion portal. 

When asked about the authenticity of the leaked data, a spokesperson for Lee Enterprises stated the company was aware of the claims and was actively investigating. This is not the first cybersecurity issue Lee Enterprises has faced. The company’s network was previously targeted by foreign actors during the lead-up to the 2020 U.S. presidential election, where hackers from Iran allegedly attempted to use compromised media outlets to spread disinformation. 

The ransomware attack highlights ongoing threats facing media companies, especially those handling high volumes of personal and financial data. As Lee Enterprises continues its recovery and legal steps, the incident serves as a reminder of the need for robust digital defenses in today’s information-driven landscape.
Read more »
Ransomware
Data Breach Personal Information PowerSchool breach Ransomware

Hackers Resurface with PowerSchool Data, Target Schools Again with New Threats

 


Hackers behind the 2024 cyberattack on PowerSchool have returned, this time going after individual schools. They're now threatening to leak private data unless schools pay them ransom.

PowerSchool is a major digital platform used in the education sector. It provides services to over 17,000 schools in more than 90 countries, helping around 50 million students. In December 2024, the platform suffered a major data breach where hackers managed to steal large amounts of sensitive information. Reports confirmed that the attackers accessed personal data of about 62 million students and 9 million staff members across more than 6,500 school districts in the US and Canada.

At that time, PowerSchool made the controversial decision to pay the attackers in hopes that the stolen data would be deleted. According to the company, it was not a decision taken lightly. They believed that paying the ransom was the best way to keep the private information from being made public. They were told by the hackers—and shown evidence — that the stolen data would be destroyed. However, it now appears that those promises were not kept.

Recently, schools have reported receiving direct messages from cybercriminals, warning them that the stolen data could be released if more ransom is not paid. These threats are based on the same data from the December breach, suggesting that the attackers never deleted it in the first place.

The stolen information includes highly personal details such as names, Social Security Numbers, home addresses, and even health-related information. This kind of data can be used to commit fraud or identity theft, which puts both students and staff at serious risk.

To reduce the chances of identity misuse, PowerSchool is offering two years of free credit and identity monitoring services to those affected. They also expressed regret for the situation and said they are working closely with law enforcement to handle the latest round of threats and prevent further damage.

This situation stresses upon the danger of trusting cybercriminals, even after a ransom is paid. It also shows how long the effects of a data breach can last, especially when sensitive personal information is involved.

Read more »
Scams
Data Breach express VPN Google Online Personal Information Scams

This Free Tool Helps You Find Out if Your Personal Information Is Exposed Online

 


Many people don't realize how much of their personal data is floating around the internet. Even if you're careful and don’t use the internet much, your information like name, address, phone number, or email could still be listed on various websites. This can lead to annoying spam or, in serious cases, scams and fraud.

To help people become aware of this, ExpressVPN has created a free tool that lets you check where your personal information might be available online.


How the Tool Works

Using the tool is easy. You just enter your first and last name, age, city, and state. Once done, the tool scans 68 websites that collect and sell user data. These are called data broker sites.

It then shows whether your details, such as phone number, email address, location, or names of your relatives, appear on those sites. For example, one person searched their legal name and only one result came up. But when they searched the name they usually use online, many results appeared. This shows that the more you interact online, the more your data might be exposed.


Ways to Remove Your Data

The scan is free, but if you want the tool to remove your data, it offers a paid option. However, there are free ways to remove your information by yourself.

Most data broker sites have a page where you can ask them to delete your data. These pages are not always easy to find and often have names like “Opt-Out” or “Do Not Sell My Info.” But they are available and do work if you take the time to fill them out.

You can also use a feature from Google that allows you to request the removal of your personal data from its search results. This won’t delete the information from the original site, but it will make it harder for others to find it through a search engine. You can search for your name along with the site’s name and then ask Google to remove the result.


Other Tools That Can Help

If you don’t want to do this manually, there are paid services that handle the removal for you. These tools usually cost around $8 per month and can send deletion requests to hundreds of data broker sites.

It’s important to know what personal information of yours is available online. With this free tool from ExpressVPN, you can quickly check and take steps to protect your privacy. Whether you choose to handle removals yourself or use a service, taking action is a smart step toward keeping your data safe.

Read more »
Workplace
Amazon Employee Personal Information Privacy Workplace

Over 21 Million Employee Screenshots Leaked from WorkComposer Surveillance App

Over 21 Million Employee Screenshots Leaked from WorkComposer Surveillance App

An app designed to track employee productivity by logging keystrokes and taking screenshots has suffered a significant privacy breach as more than 21 million images of employee activity were left in an unsecured Amazon S3 bucket.

An app for tracking employee productivity by logging keystrokes and capturing screenshots was hit by a major privacy breach resulting in more than 21 million images of employee activity left in an unsafe Amazon S3 bucket. 

Experts at Cybernews discovered the breach at WorkComposer, a workplace surveillance software that monitors employee activity by tracking their digital presence. Although the company did secure access after being informed by Cybernews, the data was already leaked in real time to anyone with an internet connection, exposing the sensitive work information online of thousands of employees and companies. 

WorkComposer is an application used by more than 200,000 users in various organizations. It is aimed to help those organizations surveil employee productivity by logging keystrokes, monitoring how much time employees spend on each app, and capturing desktop screenshots every few minutes. 

With millions of these screenshots leaked to the open web raises threats of vast sensitive data exposed: email captures, confidential business documents, internal chats, usernames and passwords, and API keys. These things could be misused to target companies and launch identity theft scams, hack employee accounts, and commit more breaches. 

Also, the businesses that have been using WorkCompose could now be accountable to E.U GDPR (General Data Protection Regulation) or U.S CCPA  (California Consumer Privacy Act) violations besides other legal actions. 

As employees have no agency over what tracking tools may record in their workday, information such as private chats, medical info, or confidential projects; the surveillance raises ethical concerns around tracking tools and a severe privacy violation if these screenshots are exposed. 

Since workers have no control over what tracking tools may capture in their workday, be it private chats, confidential projects, or even medical info, there’s already an iffy ethical territory around tracking tools and a serious privacy violation if the screenshots are leaked.

The WorkComposer incident is not the first. Cybernews have reported previous leaks from WebWork, another workplace tracking tool that experienced a breach of 13 million screenshots. 

Read more »
Personal Information
data security device protection Device Security Information Security Mobile Security Password Privacy Personal Information

How to Protect Your Smartphone During US Border Crossings

 

Crossing into the United States has become riskier since the start of Trump’s second administration. Foreign visitors and US visa holders are increasingly being detained, questioned, or deported. As uncertainty grows, travel demand from Canada and Europe has dropped sharply. Regardless of why you are traveling, US Customs and Border Protection (CBP) has the authority to search phones and other electronic devices at the border. 

While other countries also inspect devices, the volatile US policies have led travelers and companies to reconsider what they carry. Canada has issued travel warnings, and journalists are advised to prepare for device searches. At the border, CBP can demand PINs or biometrics to unlock devices. US citizens and green card holders can refuse without being denied entry, although this may trigger additional questioning or device seizure. Visa holders and visitors, however, face detention or deportation if they refuse a search. Travelers must assess their own risk based on legal status, nationality, profession, and online activity. 

To minimize risk, disable facial recognition or fingerprint unlock before traveling and use only a PIN. Update your phone’s software to make it harder to crack. Carry a paper boarding pass and keep your phone off or out of sight when approaching agents. One strategy is to travel with a separate device, either by wiping an old phone or buying a new one. Build a limited digital footprint on the travel phone—use separate emails, social media accounts, and encrypted messaging apps like Signal. 

However, the device should not appear suspiciously clean; normal usage should be simulated to avoid drawing attention. Another option is to clean your primary phone before traveling by backing up and deleting sensitive data and unnecessary apps. After returning, you can restore your phone from backup. However, mistakes in this process can leave traces of personal information vulnerable during inspection. Even if you don’t make major changes, basic steps like deleting old apps, updating software, limiting social media use, and keeping important documents printed can protect your privacy. 

Experts warn that travelers should assume border agents may scrutinize online presence and past posts. As device searches become more common at US borders, preparing ahead of travel has become critical for safeguarding personal information.
Read more »
Stolen Data
Cyberattack Cybersecurity Data Breach health data medical records Personal Information Ransomware Social Security Stolen Data

Sunflower and CCA Suffer Data Breaches, Exposing Hundreds of Thousands of Records

 

Sunflower recently disclosed a cyberattack on its systems, revealing that hackers gained access on December 15 but remained undetected until January 7. 

During this time, sensitive personal and medical data — including names, addresses, dates of birth, Social Security numbers, driver’s license details, medical records, and health insurance information—were compromised. According to its filing with the Maine Attorney General’s Office, the breach impacted 220,968 individuals.

Meanwhile, CCA experienced a similar data breach in July last year. The organization reported that cybercriminals stole extensive patient information, including names, addresses, dates of birth, driver's license numbers, Social Security numbers, diagnoses, lab results, prescriptions, patient ID numbers, and provider details. The breach affected 114,945 individuals, as per its filing with Maine’s Attorney General’s Office.

The Rhysida ransomware group has claimed possession of 7.6TB of Sunflower’s data, including a 3TB SQL database, according to The Register. With the data still listed online, it suggests that either negotiations are ongoing or have collapsed. However, as of now, there is no confirmed evidence of the stolen data being misused on the dark web.

Following these incidents, both organizations have taken steps to strengthen cybersecurity measures to prevent future breaches.
Read more »
Scamming
Cyber Crime Personal Information Psychology Scamming

Scammers Still Use the Same Tricks, Just in New Ways

 



As technology furthers, scams are becoming more advanced, but the way scammers manipulate people hasn't changed. Despite using modern tools, they still rely on the same psychological tactics to deceive their victims.  

Clinical psychologist Dr. Khosi Jiyane explains that scammers understand how human behavior works and use it to their advantage. Even though scams look different today, the methods of tricking people remain similar.  


Thinking You're Safe Can Make You a Target  

One major reason people fall for scams is the belief that it can't happen to them. This mindset, known as optimism bias, makes people think they're less likely to be scammed compared to others.  

Because of this, people often ignore clear warning signs in suspicious emails, messages, or offers. They assume they’re too smart to get fooled, which lowers their guard and makes it easier for scammers to succeed.  


Scammers Play on Trust  

Another trick scammers use is truth bias, where people naturally believe what they are told unless there's a clear reason to doubt it. Scammers pretend to be trustworthy figures like bank officials or family members to gain trust.  

By appearing credible, they can convince people to share personal information, make payments, or click harmful links without hesitation. This works even on cautious people because trust often overrides suspicion.  


Creating Urgency to Trick You  

Scammers often create a sense of urgency to rush people into making quick decisions. Messages like "Act now to protect your account!" or "Claim your prize before time runs out!" are designed to trigger panic and fast responses.  

Dr. Jiyane explains that when people feel rushed, they think less critically, making them easier targets. Scammers use this tactic, especially during busy times, to pressure people into acting without verifying facts.  


How to Protect Yourself  

The best way to avoid scams is to always pause and verify before taking action. Whether you receive a call, email, or message asking for personal information or urgent action, always confirm with the source directly.  

It’s also important to stay aware of your vulnerability. No one is completely immune to scams, and understanding this can help you stay cautious. Avoid making quick decisions under pressure and take time to think before responding.  

By staying alert and verifying information, you can reduce the risk of falling for scams, no matter how convincing they appear.

Read more »
Personal Information
aviation BreachForums Data Breach Data Hackers data security Data Theft Hacker attack Personal Information

ICAO Investigates Potential Data Breach Amid Cybersecurity Concerns

 

The International Civil Aviation Organization (ICAO), a United Nations agency tasked with creating global aviation standards, has disclosed an investigation into a potential cybersecurity incident. Established in 1944, ICAO works with 193 member states to develop and implement aviation-related technical guidelines. The agency announced its inquiry on Monday, following reports of unauthorized access linked to a well-known cybercriminal group targeting international organizations.  

In its statement, ICAO confirmed it is examining allegations of a security breach and has already implemented precautionary measures to address the issue. While the organization did not provide specific details, it assured the public that a comprehensive investigation is underway. Additional updates will be shared once the preliminary analysis is complete. The investigation coincides with claims by a hacker using the alias “natohub,” who posted on BreachForums, a well-known hacking forum, alleging they had accessed and leaked ICAO’s data. 

According to the claims, the leak comprises 42,000 documents containing sensitive personal information, including names, dates of birth, addresses, phone numbers, email addresses, and employment records. Another source suggested the leaked archive is approximately 2GB and contains data linked to 57,240 unique email accounts. ICAO has not verified the authenticity of these claims but has emphasized the seriousness with which it is handling the situation. 

This development follows a pattern of cyberattacks on United Nations agencies in recent years. In April 2024, the United Nations Development Programme (UNDP) launched an investigation into a ransomware attack reportedly orchestrated by the 8Base group. Similarly, in January 2021, the United Nations Environment Programme (UNEP) experienced a breach that exposed over 100,000 records containing personally identifiable information. Earlier, in July 2019, UN networks in Vienna and Geneva suffered a significant breach through a SharePoint exploit. 

That attack compromised sensitive data, including staff records, health insurance details, and commercial contracts. A senior UN official later described the incident as a “major meltdown.” These recurring incidents highlight the increasing vulnerability of global organizations to cyber threats. Despite their critical roles in international operations, such institutions remain frequent targets for cybercriminals. 

This underscores the urgent need for robust cybersecurity measures to protect sensitive data from exploitation. As ICAO continues its investigation, it serves as a reminder of the evolving threats facing international organizations in a rapidly digitizing world. Enhanced vigilance and collaboration are essential to safeguarding global systems against future cyberattacks.
Read more »
Personal Information
Data Breach Data Services database Internet Personal Information

Database Service Provider Leak Results in Exposing Over 600,000 Records on Web

Database Service Provider Leak Results in Exposing Over 600,000 Records on Web


SL Data Services, a U.S.-based data broker, experienced a massive data breach, exposing 644,869 personal PDF files on the web. The leaked records included sensitive information such as personal details, vehicle records, property ownership documents, background checks, and court records. Alarmingly, the exposed files were not encrypted or password-protected.

Cybersecurity expert Jeremiah Fowler discovered the breach, identifying sample records in the 713.1 GB database. Remarkably, 95% of the documents were labeled as “background checks.”

"This information provides a full profile of these individuals and raises potentially concerning privacy considerations," Fowler stated.

Details of the Leaked Data

The breached documents contained the following sensitive information:

  • Residential addresses
  • Contact details and emails
  • Employment data
  • Full names
  • Social media accounts
  • Family members
  • Criminal record history

Fowler confirmed the accuracy of the residential addresses associated with named individuals in the leaked files.

How the Leak Happened

According to Fowler, property reports ordered from SL Data Services were stored in a database accessible via a web portal for customers. The vulnerability arose when a threat actor, knowing the file path, could locate and access these documents.

SL Data Services used a single database for multiple domains without proper segmentation. The only separation was through folders named after the respective websites. After Fowler reported the breach, database access was blocked for a week, but during that time, over 150,000 additional records were exposed. It remains unclear how long the data was publicly accessible or what information was accessed by unauthorized parties.

When Fowler contacted SL Data Services, he was only able to reach call center agents who denied the breach, claiming their systems used SSL and 128-bit encryption. Despite these assurances, the exposed records suggest serious lapses in data security practices.

The Risks of Exposed Data

Fowler warned about the dangers posed by the leaked information:

"The criminals could potentially leverage information about family members, employment, or criminal cases to obtain additional sensitive personal information, financial data, or other privacy threats."

Publicly exposed data allows threat actors to:

  • Launch phishing campaigns or social engineering attacks
  • Fake identities using stolen information
  • Target victims whose data appeared in background check documents

Staying Safe

To protect personal data when working with data brokers, Fowler recommends the following:

  1. Research Data Storage Practices
    Understand how the company stores and secures sensitive data.
  2. Conduct Vulnerability Scans
    Ensure the broker performs regular scans to detect potential security issues.
  3. Request Penetration Testing
    Verify whether the company tests its systems to prevent unauthorized access.

Conclusion

This breach underscores the importance of robust data security practices for companies handling sensitive information. By adopting proactive measures and holding data brokers accountable, both organizations and consumers can mitigate the risks of future breaches.

Read more »
Personal Information
comcast Data Breach FBCS Identity Theft Personal Information

Comcast Data Breach Impacts Thousands, Sensitive Information Compromised

 



Comcast Cable Communications LLC reports that it is a victim of a data breach compromising personal information of more than 237,000 individuals, including 22 residents of Maine. According to an investigation, the breach is traced back to Financial Business and Consumer Solutions, Inc., a third-party with which Comcast has associated in the past.

The data breach began on February 14, 2024, when an unauthorised third party gained access to FBCS's computer network. Access to this unauthorised party had led to a ransomware attack where cybercriminals downloaded and encrypted sensitive data. Initially, on March 13, 2024, FBCS had communicated to Comcast that customer information did not appear to have been compromised. However, months later, on July 17, 2024, it came to be known that sensitive customer data had indeed been affected.


New Comcast Hacking Findings

As soon as the breach was discovered, FBCS reached out to the FBI and hired some private cybersecurity firms to comprehend the full dimension of the breach. The investigation revealed names, addresses, Social Security numbers, birth dates, and Comcast account numbers accessed. The acquired information is of a very sensitive nature that encompasses substantial risk factors for identity theft and even financial frauds.

Still, FBCS has maintained that, to date, there is nothing known to be ill-gotten from the stolen data. Only the records starting 2021 are affected, as in 2020, FBCS terminated its contract with Comcast.


Support for Victims

Comcast began notifying the victims on 16 August 2024 and is providing them with free identity theft protection for 12 months. Comcast is partnering with CyEx Identity Defense Complete for credit monitoring and additional support services.

The notification stated that the breach had occurred only in FBCS systems and was unrelated to Comcast's networks themselves. To reach out to the affected customers, the company, Comcast, geared efforts towards helping them manage the fallout of the breach. It provided direct communication and access to a support service. Outside legal counsel for Comcast, Michael Borgia noted, "We are committed to helping our customers navigate the aftermath of this incident and ensuring they have the resources necessary to protect themselves."

Watching Your Back: Protection of Consumer Data End

The Comcast breach highlights the kinds of current risks facing consumers whose data is managed by third-party vendors. In response to this, Comcast is counselling its consumers to be on their guard. Protecting measures include: reviewing account statements for suspicious transactions, reviewing credit reports, and registering for the identity protection services Comcast is offering. Moreover, Comcast is suggesting the enabling of two-step verification for Xfinity accounts in order to increase security to its fullest potential.

This incident underlines the critical need to protect information while ensuring greater caution with regard to personal information in light of more prudent cyber attacks.



Read more »
Personal Information
Customer Data Customer Data Exposed Cybersecurity Breach Data Breach Data Leak Data protection Personal Information

Avis Data Breach Exposes Over 400,000 Customers’ Personal Information

 

Over 400,000 customers of Avis, a prominent car rental company known for its presence at U.S. airports, have had their personal data compromised in a recent cybersecurity breach. The company revealed the incident to the public on Monday, stating that the breach occurred between August 3 and August 6. Avis, which is part of the Avis Budget Group, sent notifications to affected customers last week, advising them on how to protect themselves from potential identity theft or fraud. 

The Avis Budget Group, which owns both Avis and Budget, operates over 10,000 rental locations across 180 countries, generating $12 billion in revenue in 2023, according to its most recent financial report. However, the recent data breach has cast a shadow over its operations, highlighting vulnerabilities in its data security measures. In a data breach notice filed with the Iowa Attorney General’s office, Avis disclosed that the compromised information includes customer names, dates of birth, mailing addresses, email addresses, phone numbers, credit card details, and driver’s license numbers. 

A separate filing with the Maine Attorney General revealed that the data breach has impacted a total of 299,006 individuals so far. Texas has the highest number of affected residents, with 34,592 impacted, according to a report filed with the Texas Attorney General. The fact that sensitive personal information was stored in a manner that allowed it to be accessed by cybercriminals has raised serious questions about the company’s data protection practices. Avis first became aware of the data breach on August 5 and took immediate steps to stop the unauthorized access to its systems.

The company stated that it had launched a comprehensive investigation into the incident and enlisted third-party security consultants to help identify the breach’s origins and scope. Avis has not yet disclosed specific details about the nature of the attack, the vulnerabilities exploited, or the identity of the perpetrators, leaving many questions unanswered. This breach underscores the growing challenges faced by companies in protecting customer data in an increasingly digital world. While Avis acted quickly to contain the breach, the company’s reputation could suffer due to the extent of the data compromised and the sensitive nature of the information accessed. 

The breach also serves as a reminder of the importance of robust cybersecurity measures, especially for businesses that handle large volumes of personal and financial data. The incident has also prompted scrutiny from regulators and data privacy advocates. Many are questioning how sensitive customer information was stored and protected and why it was vulnerable to such an attack. Companies like Avis must ensure they are equipped with advanced security systems, encryption protocols, and regular audits to prevent such breaches from occurring in the future. As the investigation continues, Avis customers are advised to monitor their financial accounts closely, watch for signs of identity theft, and take appropriate measures.
Read more »
Slack
Data Breach Data Hacking data security Disney Disney data leak Disney Slack breach Hacking Group Personal Information Sensitive data Slack

Disney Data Breach Exposes Sensitive Corporate and Personal Information

 

In July, Disney experienced a significant data breach that exposed far more than initially reported, compromising a wide array of sensitive information. While early reports focused on stolen Slack messages, it has since been revealed that the breach extended deep into the company’s critical corporate files. According to sources, hackers gained access to sensitive information, including financial projections, strategic plans, sales data, and streaming forecasts. 

The breach did not stop at corporate data. Hackers also accessed personal information of Disney Cruise Line members, including passport numbers, visa statuses, contact details, and birthplaces. In addition, data related to theme park pass sales was compromised, potentially impacting thousands of visitors. This breach has raised serious concerns about the security of personal data at Disney, one of the world’s most recognized entertainment companies. 

Initially, Disney reported that over a terabyte of data was leaked, but the full extent of the breach is still under investigation. In an August address to investors, the company acknowledged the severity of the attack, prompting questions about the cybersecurity measures in place not only at Disney but also at other major corporations. The incident has highlighted the growing need for robust and effective cybersecurity strategies to protect against increasingly sophisticated cyber threats. The hacking group Nullbulge has claimed responsibility for the attack. 

In a blog post, the group boasted of gaining access to internal data on upcoming projects as well as employee details stored in Disney’s Slack system. This claim has raised further alarms about the potential exposure of sensitive company plans and employee information. When asked to comment on the specifics of the breach, Disney declined to provide details. A spokesperson stated, “We decline to comment on unverified information that has purportedly been obtained as a result of illegal activity.” 

This response underscores the complexity and evolving challenges that companies face in safeguarding sensitive information from cyber threats. As cyber threats become more sophisticated, this breach serves as a stark reminder of the vulnerabilities even within prominent organizations. It emphasizes the urgent need for businesses to strengthen their cybersecurity measures to protect both corporate and personal data from being compromised in an increasingly digital world.
Read more »
Personal Information
Credit Card Credit Card Theft Cyber Security DBS Bank Hacker attack PDPC Personal Information

Esso Corporate Fleet Programme Hit by Ransomware Attack on Abecha Servers

 

A ransomware attack on Abecha, the company managing Singapore’s Esso Corporate Fleet Discount Programme, may have compromised sensitive credit card information of its customers. Abecha discovered the breach on August 13 and notified affected customers on August 28. According to the company, the hackers may have accessed customers’ credit card numbers and expiration dates, but other personal information, such as names, addresses, and contact details, appears to have remained secure. 

In light of the breach, Abecha advised customers to review their credit card statements for any unauthorized or suspicious transactions. They also encouraged prompt reporting of any unusual activity to prevent potential misuse. An Abecha representative stated that there was no indication that any data had been taken by unauthorized parties. The company assured customers that their transactions were secure, and normal business operations were continuing. The Esso Corporate Fleet Discount Programme, a collaboration with ExxonMobil, has been in operation since 2003 and currently serves more than 18,000 corporate clients. 

The programme provides fuel discounts to corporate employees and is one of Abecha’s key offerings, alongside other corporate programmes with Citibank and DBS Bank. Following the attack, Abecha quickly shut down the affected servers and hired data protection and cybersecurity specialists to investigate the breach and recommend additional security protocols. The company also filed a police report and informed the Personal Data Protection Commission Singapore (PDPC), which is now investigating the incident. Despite assurances from Abecha, some customers have expressed concern. 

Alson Tang, a public relations professional, voiced his anxiety since he had provided his bank account number when signing up for the discount programme. “Fuel prices are high, and the discount is appealing, but my trust in the organization has been somewhat shaken,” Tang said. Davidson Chua, co-founder of the car-selling aggregator platform Telequotes, called the news “alarming.” While he had not detected any suspicious activity on his credit card, he noted that he might not have checked had he not learned of the breach. “If I hadn’t heard about this, I wouldn’t have checked my credit card transactions, and something could have happened, especially since I don’t use the Abecha Esso fleet card regularly,” Chua said, indicating he would likely cancel his card. 

This incident highlights the importance of stringent cybersecurity measures for companies handling sensitive financial data. The PDPC’s investigation may provide further insights into the breach and any potential regulatory consequences for Abecha.
Read more »
Personal Information
ADT data breach Customer Data Cyberattack Data Breach impact data privacy. Home Security Personal Information

ADT Data Breach: Millions of Customers Potentially Exposed

Home security behemoth ADT has confirmed a substantial data breach affecting an undisclosed number of its six million customers. The incident, which remains shrouded in mystery due to the company's reluctance to provide specifics, involved unauthorized access to sensitive customer information stored within ADT's databases.

Hackers successfully infiltrated the company's systems, exfiltrating data that included customers' home addresses, email addresses, and phone numbers. While ADT has categorically denied any compromise of home security systems, the company has been notably reticent about disclosing the methods used to reach this conclusion. The lack of transparency has raised concerns among customers and cybersecurity experts alike.

The breach came to light following allegations from an anonymous online figure who claimed to have acquired over 30,000 ADT customer records. Although the authenticity of these claims has yet to be independently verified, ADT's admission of a data breach lends credence to the hacker's assertions.

The incident underscores the growing vulnerability of even the most established companies to cyberattacks. As a major player in the home security industry, ADT's breach has far-reaching implications for the broader cybersecurity landscape. Customers are now left grappling with the potential misuse of their personal information, while the company faces mounting pressure to provide a comprehensive and transparent account of the incident.

The breach also highlights the complex web of corporate ownership in today's digital age. ADT's parent company, Apollo Global Management, is a significant player in the financial industry and also owns TechCrunch, a leading technology news outlet. This interconnectedness raises questions about potential conflicts of interest and the extent to which such relationships might influence the handling of cybersecurity incidents.

As the investigation unfolds, industry experts and consumers will be watching closely to see how ADT responds to the crisis. The company's ability to regain customer trust and strengthen its security posture will be crucial in determining the long-term impact of this breach.
Read more »
phone surveillance
customer support tickets Data Breach mSpy spyware Personal Information phone surveillance

Data Breach Exposes Millions of mSpy Spyware Customers

 

A data breach at the phone surveillance operation mSpy has compromised the personal information of millions of customers who purchased access to the phone spyware app over the past decade, as well as the Ukrainian company behind it.

In May 2024, unknown attackers stole millions of customer support tickets, which included personal information, support emails, and attachments containing personal documents from mSpy. While hacks of spyware vendors are becoming increasingly common, they remain significant due to the highly sensitive personal data involved, including that of the service's customers.

The breach affected customer service records dating back to 2014, stolen from the spyware maker’s Zendesk-powered customer support system.

mSpy is a phone surveillance app marketed as a tool to track children or monitor employees. However, like most spyware, it is frequently used to monitor people without their consent. These apps are also known as "stalkerware" because they are often used by individuals in romantic relationships to surveil their partners without permission.

The mSpy app allows the person who installed the spyware, typically someone with prior physical access to the victim’s phone, to remotely view the phone’s contents in real-time.

As is common with phone spyware, mSpy’s customer records include emails from individuals seeking assistance to secretly track the phones of their partners, relatives, or children. TechCrunch’s review of the data, which was independently obtained, revealed that some emails and messages came from high-ranking U.S. military personnel, a serving U.S. federal appeals court judge, a U.S. government department’s watchdog, and an Arkansas county sheriff’s office requesting a free license to trial the app.

Despite the vast number of customer service tickets leaked, the data is believed to represent only a fraction of mSpy’s total customer base who contacted customer support. The actual number of mSpy customers is likely much higher.
Read more »
phishing
Data Breach database Dell Hacking Personal Information phishing

Dell Data Breach Exposes Personal Information Of 49 Million

 




Dell, the renowned computer manufacturer, has issued a cautionary notice to its customers regarding a disconcerting data breach. The breach, which affects an estimated 49 million customers, involves unauthorised access to an online portal containing sensitive customer information. Dell has disclosed that the breached data includes customers' names, physical addresses, and detailed information regarding Dell hardware purchases such as service tags, item descriptions, order dates, and related warranty details. Notably, the compromised information excludes financial details, email addresses, and telephone numbers. Dell accentuated its collaboration with law enforcement and a third-party forensics firm to thoroughly investigate the breach. While Dell declined to specify the number of affected individuals, it assures ongoing efforts to address the incident.

Data for Sale on the Dark Web

Disturbingly, reports have surfaced indicating that a threat actor, operating under the pseudonym Menelik, endeavoured to sell a database containing Dell customer information on a prominent hacking forum. The compromised data encompasses purchases spanning from 2017 to 2024, affecting a staggering 49 million customers. While Dell's initial notification primarily encompasses personal purchases, the breadth of the breach extends its tendrils to affect consumers, enterprises, partners, and educational institutions alike.

In the wake of such an imminent breach, customers are vehemently advised to exercise utmost caution against potential phishing attacks. Armed with comprehensive customer information, malicious actors may orchestrate targeted scams through various mediums, ranging from deceptive emails to physical mail. The criticality of vigilance cannot be overstated, as hackers may employ sophisticated tactics, such as tech support or invoice scams, to extract sensitive information from unsuspecting victims. Furthermore, there exists a palpable risk of malware dissemination through malicious flash drives, underscoring the imperative for users to exercise discretion when interacting with external storage devices.

In response to the breach, Dell has initiated a rigorous investigation, leveraging the expertise of law enforcement agencies and third-party forensic specialists. While the company reassures customers that no financial or payment data, email addresses, or telephone numbers were compromised, it acknowledges the severity of the breach and the pressing need for proactive measures to secure customer data security.

As investigations progress, affected customers are implored to remain informed and enact robust security measures to mitigate the inherent risks associated with potential phishing and malware attacks, thereby safeguarding their sensitive personal information from malicious exploitation.





Read more »
SSNs
birth dates Cybersecurity Data Breach debt collector Personal Information SSNs

Massive Data Breach Exposes Full Names, Birth Dates, and SSNs of 2 Million Individuals Held by Debt Collector

 

One of the largest debt collection agencies in the United States, Financial Business and Consumer Solutions (FBCS), recently disclosed a data breach. Approximately 1,955,385 individuals were affected as hackers gained unauthorized access to sensitive borrower information.

FBCS, a nationally licensed debt collection agency, retrieves outstanding debts from various sources including credit card companies, healthcare providers, and student loans. Once a debt lands in FBCS's possession, it becomes difficult for borrowers to disengage. The breach raises concerns about the security of personal and financial data handled by the agency.

The breach occurred between February 14 and February 26, during which hackers infiltrated FBCS's network and accessed a trove of personal information. This included full names, Social Security numbers, dates of birth, account details, and driver’s license or ID card numbers.

The compromised data presents a significant risk for targeted phishing attacks, fraudulent activities, and identity theft. While FBCS has taken steps to mitigate the damage, affected individuals are provided with 12 months of credit monitoring through Cyex.

In response to the breach, FBCS has bolstered its security measures to prevent similar incidents in the future. However, impacted individuals are urged to remain vigilant as hackers may exploit the stolen data for nefarious purposes.

If you receive a notification about the breach, it is crucial to take advantage of the offered credit monitoring service. Additionally, monitor your financial transactions closely and exercise caution when handling emails, as hackers may attempt to use the stolen information for phishing scams.

To further protect yourself, ensure that your devices are equipped with robust antivirus software. While FBCS may provide updates on the incident, affected individuals should remain cautious in the face of potential cyber threats.
Read more »
ransomware attacks
911 service Cyber Security DHS Pennsylvania Personal Information ransomware attacks

Are Emergency Services Vulnerable to Cyber Threats?




In recent warnings issued by the Department of Homeland Security (DHS), a concerning trend has emerged: emergency services are increasingly vulnerable to cyber-attacks, particularly ransomware incidents. These attacks pose significant risks not only to operational efficiency but also to public safety and the security of personal information.

Ransomware attacks, for those unfamiliar, involve hackers infiltrating computer systems and encrypting data, demanding payment for its release. Emergency services, including police departments and 911 call centres, have become prime targets for these attacks, leading to severe disruptions in critical operations. Picture a scenario where accessing emergency services during a crisis becomes impossible due to system outages—it's a frightening reality that stresses upon the urgency of addressing cybersecurity vulnerabilities.

The repercussions extend beyond mere operational disruptions. Cybercriminals gain access to highly sensitive personal information and police records, which can be exploited for various illicit activities, including identity theft and extortion. Such breaches not only compromise individuals' privacy but also undermine law enforcement's ability to effectively respond to emergencies, posing a significant threat to public safety.

One of the primary challenges in combating these cyber threats lies in the lack of resources and expertise at the local level. Many state and local governments, responsible for managing emergency service networks, struggle to keep pace with the rapidly expanding aspects of cybersecurity. Outdated technology systems and a shortage of cybersecurity personnel exacerbate the problem, leaving critical infrastructure vulnerable to exploitation by malicious actors.

Recent incidents in Bucks County, Pennsylvania, and Fulton County, Georgia, serve as stark reminders of the vulnerabilities within emergency services. In Bucks County, dispatchers were compelled to resort to manual processes after a cyberattack paralysed the 911 system, while Fulton County endured widespread disruption to government services following a cyber intrusion.

To address these challenges effectively, collaboration and preparedness are the key. Communities must prioritise cybersecurity measures, investing in modern technology systems, and providing comprehensive training for personnel to identify and respond to cyber threats promptly.

As society continues to rely increasingly on digital foundation, safeguarding critical services, particularly emergency response systems, becomes imperative. By remaining vigilant and proactive, we can fortify our communities against cyber threats, ensuring that emergency assistance remains readily accessible, even in the face of malicious cyber activity.


Read more »
sensitive files
confidential documents Data Breach Data protection data security European Union Europol Investigation Law Enforcement Personal Information Security Breach sensitive files

Sensitive Documents Vanish Under Mysterious Circumstances from Europol Headquarters

 

A significant security breach has impacted the European Union's law enforcement agency, Europol, according to a report by Politico. Last summer, a collection of highly confidential documents containing personal information about prominent Europol figures vanished under mysterious circumstances.

The missing files, which included sensitive data concerning top law enforcement officials such as Europol Executive Director Catherine De Bolle, were stored securely at Europol's headquarters in The Hague. An ongoing investigation was launched by European authorities following the discovery of the breach.

An internal communication dated September 18, revealed that Europol's management was alerted to the disappearance of personal paper files belonging to several staff members on September 6, 2023. Subsequent checks uncovered additional missing files, prompting serious concerns regarding data security and privacy.

Europol took immediate steps to notify the individuals affected by the breach, as well as the European Data Protection Supervisor (EDPS). The incident poses significant risks not only to the individuals whose information was compromised but also to the agency's operations and ongoing investigations.

Adding to the gravity of the situation, Politico's report highlighted the unsettling discovery of some of the missing files by a member of the public in a public location in The Hague. However, key details surrounding the duration of the files' absence and the cause of the breach remain unclear.

Among the missing files were those belonging to Europol's top executives, including Catherine De Bolle and three deputy directors. These files contained a wealth of sensitive information, including human resources data.

In response to the breach, Europol took action against the agency's head of Human Resources, Massimiliano Bettin, placing him on administrative leave. Politico suggests that internal conflicts within the agency may have motivated the breach, speculating on potential motives for targeting Bettin specifically.

The security breach at Europol raises serious concerns about data protection and organizational security measures within the agency, prompting an urgent need for further investigation and safeguards to prevent future incidents.
Read more »
Subscribe to: Posts (Atom)