Search This Blog
Powered by Blogger.

Blog Archive

Labels

About Me

Load More
Trendy Right Now

Popular Posts

Showing posts with label Personal Information. Show all posts
Personal Information
customer data compromise customer data leak customer data privacy Data Breach Data Leak Data Privacy data security Database Leaked Fashion Retailer Personal Information

SABO Fashion Brand Exposes 3.5 Million Customer Records in Major Data Leak

 

Australian fashion retailer SABO recently faced a significant data breach that exposed sensitive personal information of millions of customers. The incident came to light when cybersecurity researcher Jeremiah Fowler discovered an unsecured database containing over 3.5 million PDF documents, totaling 292 GB in size. The database, which had no password protection or encryption, was publicly accessible online to anyone who knew where to look. 

The leaked records included a vast amount of personally identifiable information (PII), such as names, physical addresses, phone numbers, email addresses, and other order-related data of both retail and business clients. According to Fowler, the actual number of affected individuals could be substantially higher than the number of files. He observed that a single PDF file sometimes contained details from up to 50 separate orders, suggesting that the total number of exposed customer profiles might exceed 3.5 million. 

The information was derived from SABO’s internal document management system used for handling sales, returns, and shipping data—both within Australia and internationally. The files dated back to 2015 and stretched through to 2025, indicating a mix of outdated and still-relevant information that could pose risks if misused. Upon discovering the open database, Fowler immediately notified the company. SABO responded by securing the exposed data within a few hours. 

However, the brand did not reply to the researcher’s inquiries, leaving critical questions unanswered—such as how long the data remained vulnerable, who was responsible for managing the server, and whether malicious actors accessed the database before it was locked. SABO, known for its stylish collections of clothing, swimwear, footwear, and formalwear, operates three physical stores in Australia and also ships products globally through its online platform. 

In 2024, the brand reported annual revenue of approximately $18 million, underscoring its scale and reach in the retail space. While SABO has taken action to secure the exposed data, the breach underscores ongoing challenges in cybersecurity, especially among mid-sized e-commerce businesses. Data left unprotected on the internet can be quickly exploited, and even short windows of exposure can have lasting consequences for customers. 

The lack of transparency following the discovery only adds to growing concerns about how companies handle consumer data and whether they are adequately prepared to respond to digital threats.
Read more »
protecting sensitive data
Data Breach Data Sale data security Data Stolen Data Theft Database Leaked Database Security Infostealer Personal Data Personal Information protecting sensitive data

Startup Sells Stolen Personal Data Online for $50, Raising Alarms Over Privacy and Ethics

 

A new controversy is brewing over a U.S.-based startup accused of making stolen personal data widely accessible—for as little as $50. Farnsworth Intelligence, founded by 23-year-old Aidan Raney, is openly marketing a product called “Infostealers,” which allows customers to search a massive database of sensitive information, including passwords, browser autofill data, and private account credentials. 

According to investigative reporting by 404 Media, this information isn’t simply scraped from public directories or legally collected sources. Instead, it appears to come directly from major data breaches—information illegally obtained from hacked websites and platforms. Users can buy access through the company’s online portal, Infostealers.info, raising serious questions about the legality and ethics of such transactions. 

While services like people-search websites have long existed, Farnsworth’s platform seems to go far beyond what’s commonly available. Some of the information for sale includes usernames, passwords, browser history, addresses saved in auto-fill fields, and more—data types typically leaked only after breaches. Their advanced offering, the Infostealer Data Platform, promises even deeper access. Although not available to everyone, it can be granted upon request for uses like journalism, cybersecurity, private investigations, or law enforcement. The company doesn’t appear to require a court order or warrant for access. 

Farnsworth Intelligence makes bold claims about its reach and capabilities. Its website boasts about human intelligence operations and even claims to have infiltrated a North Korean laptop farm via social engineering. It promotes use cases like “corporate due diligence,” “background checks,” and “asset searches,” without clearly explaining how it acquires its “trillions” of data points. The lack of transparency, coupled with the open sale of sensitive data, is alarming. 

Experts argue that while security researchers and cybersecurity firms often monitor breach data to help protect users, monetizing it so brazenly is a different matter entirely. As Cooper Quintin from the Electronic Frontier Foundation notes, “It would be illegal and unethical to sell stolen cell phones even if you didn’t steal them yourself, and I don’t see how this is any different.”  

Even more concerning is the potential for abuse. With no real verification or oversight, bad actors—including stalkers or authoritarian agencies—could exploit this platform to target individuals, especially those already at risk. The implications for personal safety, privacy rights, and digital ethics are profound. 

This development underscores how data breaches don’t just disappear—they become weapons for profit in the wrong hands.
Read more »
Ransomwares
Data Breach Data Privacy data security Data Theft Healthcare Data healthcare data breach Healthcare Industry Personal Information Ransomware attack Ransomwares

Horizon Healthcare RCM Reports Ransomware Breach Impacting Patient Data

 

Horizon Healthcare RCM has confirmed it was the target of a ransomware attack involving the theft of sensitive health information, making it the latest revenue cycle management (RCM) vendor to report such a breach. Based on the company’s breach disclosure, it appears a ransom may have been paid to prevent the public release of stolen data. 

In a report filed with Maine’s Attorney General on June 27, Horizon disclosed that six state residents were impacted but did not provide a total number of affected individuals. As of Monday, the U.S. Department of Health and Human Services’ Office for Civil Rights had not yet listed the incident on its breach portal, which logs healthcare data breaches affecting 500 or more people.  

However, the scope of the incident may be broader. It remains unclear whether Horizon is notifying patients directly on behalf of these clients or whether each will report the breach independently. 

In a public notice, Horizon explained that the breach was first detected on December 27, 2024, when ransomware locked access to some files. While systems were later restored, the company determined that certain data had also been copied without permission. 

Horizon noted that it “arranged for the responsible party to delete the copied data,” indicating a likely ransom negotiation. Notices are being sent to affected individuals where possible. The compromised data varies, but most records included a Horizon internal number, patient ID, or insurance claims data. 

In some cases, more sensitive details were exposed, such as Social Security numbers, driver’s license or passport numbers, payment card details, or financial account information. Despite the breach, Horizon stated that there have been no confirmed cases of identity theft linked to the incident. 

The matter has been reported to federal law enforcement. Multiple law firms have since announced investigations into the breach, raising the possibility of class-action litigation. This incident follows several high-profile breaches involving other RCM firms in recent months. 

In May, Nebraska-based ALN Medical Management updated a previously filed breach report, raising the number of affected individuals from 501 to over 1.3 million. Similarly, Gryphon Healthcare disclosed in October 2024 that nearly 400,000 people were impacted by a separate attack. 

Most recently, California-based Episource LLC revealed in June that a ransomware incident in February exposed the health information of roughly 5.42 million individuals. That event now ranks as the second-largest healthcare breach in the U.S. so far in 2025. Experts say that RCM vendors continue to be lucrative targets for cybercriminals due to their access to vast stores of healthcare data and their central role in financial operations. 

Bob Maley, Chief Security Officer at Black Kite, noted that targeting these firms offers hackers outsized rewards. “Hitting one RCM provider can affect dozens of healthcare facilities, exposing massive amounts of data and disrupting financial workflows all at once,” he said.  
Maley warned that many of these firms are still operating under outdated cybersecurity models. “They’re stuck in a compliance mindset, treating risk in vague terms. But boards want to know the real-world financial impact,” he said. 

He also emphasized the importance of supply chain transparency. “These vendors play a crucial role for hospitals, but how well do they know their own vendors? Relying on outdated assessments leaves them blind to emerging threats.” 

Maley concluded that until RCM providers prioritize cybersecurity as a business imperative—not just an IT issue—the industry will remain vulnerable to repeating breaches.
Read more »
protecting sensitive data
Chinese Data Breach Data Leak data security Data Surveillance database Database Breach Personal Information protecting sensitive data

Massive Data Leak Exposes Billions of Records in Suspected Chinese Surveillance Database

 

Cybersecurity experts have uncovered a massive trove of sensitive information left exposed online, potentially placing millions of individuals at significant risk. The discovery, made by researchers from Cybernews in collaboration with SecurityDiscovery.com, revealed an unsecured database totaling 631 gigabytes—containing an estimated four billion individual records. 

The open instance, which lacked any form of password protection, was quickly taken offline once the exposure was reported, but experts remain unsure about how long it had remained publicly accessible. The data, according to the investigation, appears to primarily concern Chinese citizens and users, with entries collected from various platforms and sources. 

Cybernews researchers believe this is not a random collection, but rather a systematically curated database. They described it as a tool capable of constructing detailed behavioral, social, and financial profiles of nearly any individual included in the records. The structured and diverse nature of the data has led analysts to suspect that the repository may have been created as part of a broader surveillance or profiling initiative. 

Among the most alarming elements of the database is the presence of extensive personally identifiable information (PII). The exposed details include full names, birth dates, phone numbers, financial records, bank card data, savings balances, debt figures, and personal spending patterns. Such information opens the door to a wide range of malicious activities—ranging from identity theft and financial fraud to blackmail and sophisticated social engineering attacks. 

A large portion of the exposed records is believed to originate from WeChat, the popular Chinese messaging app, which accounts for over 805 million entries. Another 780 million records relate to residential data tied to specific geographic locations. Meanwhile, a third major portion of the database labeled “bank” contains around 630 million records of financial and sensitive personal data. 

If confirmed, the scale of this leak could surpass even the National Public Data breach, one of the most significant data security incidents in recent memory. Experts are particularly troubled by the implications of a centralized data cache of this magnitude—especially one that may have been used for state-level surveillance or unauthorized commercial data enrichment. 

While the server hosting the information has been taken offline, the potential damage from such an exposure may already be done. Investigators continue to analyze the breach to determine its full impact and whether any malicious actors accessed the data while it was left unsecured.
Read more »
Ransomwares
Customer Data Cyberattack Data Breach Data Leak data security Personal Information personal information exposure Qilin Qilin Ransomware Ransomware attack Ransomware group Ransomwares

Lee Enterprises Ransomware Attack Exposes Data of 40,000 Individuals

 

Lee Enterprises, a major U.S. news publisher, is alerting nearly 40,000 individuals about a data breach following a ransomware attack that took place in early February 2025. The company, which owns and operates 77 daily newspapers and hundreds of weekly and special-interest publications across 26 states, reported that the cyberattack resulted in the theft of personal information belonging to thousands of people. 

Details of the breach were revealed in a recent disclosure to the Maine Attorney General’s office. According to the company, the attackers gained unauthorized access to internal documents on February 3, 2025. These files contained combinations of personal identifiers such as names, Social Security numbers, driver’s license details, bank account information, medical data, and health insurance policy numbers. The security incident caused widespread operational disruptions. 

Following the attack, Lee Enterprises was forced to shut down multiple parts of its IT infrastructure, impacting both the printing and delivery of its newspapers. Several internal tools and systems became inaccessible, including virtual private networks and cloud storage services, complicating daily workflows across its local newsrooms. In a filing with the U.S. Securities and Exchange Commission shortly after the breach, the company confirmed that critical systems had been encrypted and that a portion of its data had been copied by the attackers. 

The source of the attack is yet to be identified, a group known as Qilin has allegedly claimed responsibility near the end of February. The group alleged it had stolen over 120,000 internal files, totaling 350 gigabytes, and threatened to publish the material unless their demands were met. Soon after, Qilin posted a sample of the stolen data to a dark web leak site, which included scans of government-issued IDs, financial spreadsheets, contracts, and other confidential records. The group also listed Lee Enterprises as a victim on its public-facing extortion portal. 

When asked about the authenticity of the leaked data, a spokesperson for Lee Enterprises stated the company was aware of the claims and was actively investigating. This is not the first cybersecurity issue Lee Enterprises has faced. The company’s network was previously targeted by foreign actors during the lead-up to the 2020 U.S. presidential election, where hackers from Iran allegedly attempted to use compromised media outlets to spread disinformation. 

The ransomware attack highlights ongoing threats facing media companies, especially those handling high volumes of personal and financial data. As Lee Enterprises continues its recovery and legal steps, the incident serves as a reminder of the need for robust digital defenses in today’s information-driven landscape.
Read more »
Ransomware
Data Breach Personal Information PowerSchool breach Ransomware

Hackers Resurface with PowerSchool Data, Target Schools Again with New Threats

 


Hackers behind the 2024 cyberattack on PowerSchool have returned, this time going after individual schools. They're now threatening to leak private data unless schools pay them ransom.

PowerSchool is a major digital platform used in the education sector. It provides services to over 17,000 schools in more than 90 countries, helping around 50 million students. In December 2024, the platform suffered a major data breach where hackers managed to steal large amounts of sensitive information. Reports confirmed that the attackers accessed personal data of about 62 million students and 9 million staff members across more than 6,500 school districts in the US and Canada.

At that time, PowerSchool made the controversial decision to pay the attackers in hopes that the stolen data would be deleted. According to the company, it was not a decision taken lightly. They believed that paying the ransom was the best way to keep the private information from being made public. They were told by the hackers—and shown evidence — that the stolen data would be destroyed. However, it now appears that those promises were not kept.

Recently, schools have reported receiving direct messages from cybercriminals, warning them that the stolen data could be released if more ransom is not paid. These threats are based on the same data from the December breach, suggesting that the attackers never deleted it in the first place.

The stolen information includes highly personal details such as names, Social Security Numbers, home addresses, and even health-related information. This kind of data can be used to commit fraud or identity theft, which puts both students and staff at serious risk.

To reduce the chances of identity misuse, PowerSchool is offering two years of free credit and identity monitoring services to those affected. They also expressed regret for the situation and said they are working closely with law enforcement to handle the latest round of threats and prevent further damage.

This situation stresses upon the danger of trusting cybercriminals, even after a ransom is paid. It also shows how long the effects of a data breach can last, especially when sensitive personal information is involved.

Read more »
Scams
Data Breach express VPN Google Online Personal Information Scams

This Free Tool Helps You Find Out if Your Personal Information Is Exposed Online

 


Many people don't realize how much of their personal data is floating around the internet. Even if you're careful and don’t use the internet much, your information like name, address, phone number, or email could still be listed on various websites. This can lead to annoying spam or, in serious cases, scams and fraud.

To help people become aware of this, ExpressVPN has created a free tool that lets you check where your personal information might be available online.


How the Tool Works

Using the tool is easy. You just enter your first and last name, age, city, and state. Once done, the tool scans 68 websites that collect and sell user data. These are called data broker sites.

It then shows whether your details, such as phone number, email address, location, or names of your relatives, appear on those sites. For example, one person searched their legal name and only one result came up. But when they searched the name they usually use online, many results appeared. This shows that the more you interact online, the more your data might be exposed.


Ways to Remove Your Data

The scan is free, but if you want the tool to remove your data, it offers a paid option. However, there are free ways to remove your information by yourself.

Most data broker sites have a page where you can ask them to delete your data. These pages are not always easy to find and often have names like “Opt-Out” or “Do Not Sell My Info.” But they are available and do work if you take the time to fill them out.

You can also use a feature from Google that allows you to request the removal of your personal data from its search results. This won’t delete the information from the original site, but it will make it harder for others to find it through a search engine. You can search for your name along with the site’s name and then ask Google to remove the result.


Other Tools That Can Help

If you don’t want to do this manually, there are paid services that handle the removal for you. These tools usually cost around $8 per month and can send deletion requests to hundreds of data broker sites.

It’s important to know what personal information of yours is available online. With this free tool from ExpressVPN, you can quickly check and take steps to protect your privacy. Whether you choose to handle removals yourself or use a service, taking action is a smart step toward keeping your data safe.

Read more »
Workplace
Amazon Employee Personal Information Privacy Workplace

Over 21 Million Employee Screenshots Leaked from WorkComposer Surveillance App

Over 21 Million Employee Screenshots Leaked from WorkComposer Surveillance App

An app designed to track employee productivity by logging keystrokes and taking screenshots has suffered a significant privacy breach as more than 21 million images of employee activity were left in an unsecured Amazon S3 bucket.

An app for tracking employee productivity by logging keystrokes and capturing screenshots was hit by a major privacy breach resulting in more than 21 million images of employee activity left in an unsafe Amazon S3 bucket. 

Experts at Cybernews discovered the breach at WorkComposer, a workplace surveillance software that monitors employee activity by tracking their digital presence. Although the company did secure access after being informed by Cybernews, the data was already leaked in real time to anyone with an internet connection, exposing the sensitive work information online of thousands of employees and companies. 

WorkComposer is an application used by more than 200,000 users in various organizations. It is aimed to help those organizations surveil employee productivity by logging keystrokes, monitoring how much time employees spend on each app, and capturing desktop screenshots every few minutes. 

With millions of these screenshots leaked to the open web raises threats of vast sensitive data exposed: email captures, confidential business documents, internal chats, usernames and passwords, and API keys. These things could be misused to target companies and launch identity theft scams, hack employee accounts, and commit more breaches. 

Also, the businesses that have been using WorkCompose could now be accountable to E.U GDPR (General Data Protection Regulation) or U.S CCPA  (California Consumer Privacy Act) violations besides other legal actions. 

As employees have no agency over what tracking tools may record in their workday, information such as private chats, medical info, or confidential projects; the surveillance raises ethical concerns around tracking tools and a severe privacy violation if these screenshots are exposed. 

Since workers have no control over what tracking tools may capture in their workday, be it private chats, confidential projects, or even medical info, there’s already an iffy ethical territory around tracking tools and a serious privacy violation if the screenshots are leaked.

The WorkComposer incident is not the first. Cybernews have reported previous leaks from WebWork, another workplace tracking tool that experienced a breach of 13 million screenshots. 

Read more »
Subscribe to: Posts (Atom)