Welcome to this week's Data Breaches Digest, a catalogue of links concerning Data Breaches and Cyber Security that were published on the Internet during the period between 27th April and 3rd May 2020.
3rd May
A security lapse in Reliance Jio’s coronavirus symptoms checker exposed user data
Data breach jeopardizes more than 15 million Tokopedia users, report finds
Ghost blogging platform servers hacked and infected with crypto-miner
GGhost blogging platform suffers security breach
Hackers breach LineageOS servers via unpatched vulnerability
Nintendo 64, GameCube, & Wii Source Codes Stolen & Put Online
Security lapse at India’s Jio exposed coronavirus symptom checker results
Tesla Data Leak: Old Components With Personal Info Find Their Way On eBay
Tesla has been getting rid of computers without wiping them — compromising customer accounts
Tokopedia Investigates Data Breach Compromising 15m User Accounts
What Are Cookies And How Do I Get Rid of Them?
2nd May
Beware Compromised Business Email...and the Litigation that Follows
COVID-19 News: FBI Reports 300% Increase in Reported Cybercrimes
Data Protection Laws And Their Importance
French daily Le Figaro leaks 7.4 Billion records
Hacker leaks 15 million records from Tokopedia, Indonesia's largest online store
Home affairs data breach may have exposed personal details of 700,000 migrants
Le Figaro caught out in database exposure
Supersonic fixes leak in data usage website
Xiaomi Found Collecting Browser Data Even in Incognito Mode
1st May
4 security threats retailers should watch out for during the rest of 2020
Account Takeover Attacks Found to be Evolving at a Rapid Pace
Automatic Number-Plate Recognition System Exposes 9 Million Records
Do you trust your cloud provider to protect your data? Well...maybe you shouldn’t
Dreambot malware operation goes silent
GDPR ‘in danger of failing’ due to lack of resources
Hackers deploying new types of malware, phishing, scams
How Organizations Can Ramp Up Their Cybersecurity Efforts Right Now
How ransomware attacks are making the most of the COVID-19 crisis
Keeping Your Customer Data Secure When Working Remotely
LabCorp faces shareholder lawsuit after 2 cyberattacks in 12 months
LockBit, the new ransomware for hire: a sad and cautionary tale
Maze Ransomware Attack on Cognizant May Impact Customers
Maze Ransomware group steals 11m card data from Banco de Costa Rica
New phishing campaign packs an info-stealer, ransomware punch
Ninja Forms WordPress bug exposed over a million users to XSS attacks, website hijacking
Office 365 May Be a Popular Target for Bad Actors, But Difficult to Hit
Oracle warns of attacks against recently patched WebLogic security bug
Phishing attacks spoof Microsoft Teams to steal user credentials
Phishing Campaigns Target Senior Executives via Office 365
Quibi leaked users' emails to Google, Facebook, and Twitter
Ransomware Payments Surge 33% as Attacks Target Remote Access
Researchers Uncover “Agent Tesla” Malware Abusing MS Office Vulnerabilities
SaltStack Salt critical bugs allow data center, cloud server hijacking as root
Tax2efile Releases Statement about Data Breach
The new cybersecurity resilience
The Week in Ransomware - May 1st 2020 - Banishing the Shade
We Don’t Need More Cybersecurity, We Need Better Cybersecurity
Why Most Modern Online Fraud Prevention Methods Are Falling Short
Why Traditional Identity Verification Methods Are On Their Way Out
Xiaomi Users, Beware: Your Data is Being Read by Chinese Servers
30th April
As companies rely on digital revenue, the need for web and mobile app security skyrockets
Bad Actors Have Adapted Well to the Pandemic Crisis
Brute force attacks against remote desktop apps skyrocket during pandemic lockdown
Chegg Confirmed Data Breach of Employee Records
Chegg suffers its third data breach in as many years
Clop ransomware leaks ExecuPharm's files after failed ransom
Cyber-Criminals Increasingly Using Official reCAPTCHA Walls in Phishing Attacks
Data Privacy and Data Security: Outsourcing to Third Parties and the Effect on Consumers, Companies, and the Cybersecurity Industry as a Whole
Ed-Tech Company Chegg Suffers Third Breach Since 2018
EventBot: A New Mobile Banking Trojan is Born
EXPOSED! 8.6 Million Car Licenses Open Publicly After Breach Seen on England's Traffic Database
FBI: Cyber actors taking advantage of Covid-19 pandemic
Hackers exploited SQL injection flaw to compromise Sophos XG firewall devices
Half of remote workers feel vulnerable to growing cyberattacks
How to Prevent Zoom Credential Theft
How to protect your business from cyberattacks
Investors sue LabCorp over security failures in light of data breach, ransomware attack
LabCorp slapped with shareholder suit over data breaches
List of data breaches and cyber attacks in April 2020: 216 million records breached
Nintendo data breach reportedly caused by credential stuffing
Nintendo Switch, PayPal Hack: 160,000 Users Fall Into Huge Breach of Players’ Details
Quibi’s email verification process reportedly sent data to multiple ad firms
Ransomware mentioned in 1,000+ SEC filings over the past year
Sextortion scammers still shilling with stolen passwords
SQL Injection Attack: What It Is & How to Protect Your Business
Stolen device containing personal info among four data breaches at City Hall in 2019 and 2020
Surge in Scammers Using reCaptcha Walls to Increase Phishing Attacks
What Is The State of Data Security in the Cloud in 2020
Whoops, Quibi was "improperly" sharing your data with other companies
29th April
4 Telltale Signs Your Business Is Ripe for a Cybersecurity Attack (and How to Respond)
10 Ransomware Strains Being Used in Advanced Attacks
Banner Health settlement approval brings years-long data breach saga to a close
Breach of Clearview AI Source Code Renews Concerns About Law Enforcement Facial Recognition Programs
California tops states with highest number of data breaches and records lost
Chatbots Security Risks and How to Overcome Them
Companies should protect more than their firms in cybersecurity
Coronavirus: Half of remote workers 'victims of cybercrime'
Council apologises after data on 1,000 businesses shared due to ‘isolated human error’
COVID-19 Scams Raise Security Concerns for Businesses
Cyber Criminals Ramping Up Phishing Attacks amid COVID-19 Crisis
Cybersecurity Threat Actors Target Data of Businesses Seeking Economic Relief
Data Breach Settlement Calls for Enhanced Security Measures
Data protection blunder sees millions of Sheffield drivers' activities posted online
Employee data stolen in latest hack of edtech company Chegg
Every industry is now hunting ground for cyber criminals
GDPR ignored by Warwick University? - failure to alert staff & students over data breach
Hackers Broke Into Zaha Hadid Architects’ Servers and Demanded Ransom for the Return of Stolen Data
Hackers hit Chegg for the third time since 2018
How 160,000 Nintendo Accounts Were Hacked and Sold
How can cybersecurity impact physical security (and vice versa)?
Lessons Learned from Clearview AI’s Web Scraping Actions
Losing a password can be as stressful as facing illness
Mitigating ransomware and phishing attacks during a pandemic
MSP Security: It’s Not a Luxury
Oxford University Conservative Association email leaks mailing list
PayPal ‘Critical’ Login Hack: New Report Warns You Are Now At Risk From Thieves
Pharma Giant ExecuPharm Suffers Data Breach/Ransomware Combo
Phishers Start to Exploit Oil Industry Amid COVID-19 Woes
PrimoHoagies Sued Over Data Breach
Quibi, JetBlue and Others Gave Away Email Addresses, Report Says
Ransomware Attack on Portuguese Energy Company EDP Shows Increasing Trend Toward Public Leaking of Sensitive Information
SaltStack users warned – Patch by Friday or compromised by Monday
Security breach in a traffic camera database exposes information about 8.6 MILLION car trips tied to individual license plates
Sheffield Council exposes details of 8.6 million road journeys to the internet
Sheffield data breach: Drivers' details 'leaked' online
Think insider data breaches don’t happen at your organisation? Think again…
“Threat Detection has Evolved from Static to Dynamic Behavioral Analysis to Detect-Threatening Behavior”
Two European Usenet Providers Announce Data Breach and Blame Anonymous Third-Party Company
Two Usenet providers blame data breaches on partner company
U.S. Conspiracy Theorist Probably Behind Leak of WHO, Gates Foundation Data
US Cybersecurity: 64% Americans Don’t Have Data Breach Response Plan
Usenet providers reveal major security breaches
With everyone forced indoors and online by the lockdown, cases of cybercrime are increasing
WHO, Bill Gates Foundation and CDC may have been hacked
Who is responsible for our data and how do we get it back?
Why Data Centers Need Formal Data End-of-Life Processes
Why payroll security is even more essential now remote work is the norm
York council admits data breach after sharing account details of city businesses
Zaha Hadid Architects' Servers Hit by Hackers, Confidential Data Stolen
28th April
7 Steps to Deal with a Data Breach
Adapt to survive: what the IT industry is STILL doing wrong
Addressing the Cyber Resilience of Healthcare Systems During the Coronavirus Pandemic
Attackers on the Hunt for Exposed RDP Servers
Authorities scratch heads over data breach
Closing the security gap in the supply chain
Data breaches require preventative measures, not just reactive
East Suburban clinic reports data breach affecting 500 patients
FBI Urges Vigilance Around Social Media Info Sharing
Five Tips On Training Staff to Avoid Coronavirus Scams
Five ways our approach to cybersecurity could change post COVID-19
Hackers threaten to leak data from high-end architecture firm Zaha Hadid
Half of Americans Refuse to Make Purchases Due to Privacy Concerns
How can HR can support cybersecurity for remote workers?
How Small Businesses Can Protect Customer Data
How to Future-proof Your Child's Credit From Fraud
Intel report warns Zoom could be vulnerable to foreign surveillance
Is Your Favorite Video Chat App Secure?
Kavaliro IT Solutions Announced a Breach Which Exposed Customer Data
Massive & Unprecedented Security Breach Takes Usenet Providers Offline
Microsoft Office 365 heist highlights sophistication of cultural engineering cyber attacks
Optus hit with $40 million class action after alleged data breach of 50,000 customers details
PhantomLance spying campaign breaches Google Play security
SBA data breach released tons of new applicants’ data
Social Engineering Scams Are On the Rise – Do I Have Insurance Coverage for That?
The Biggest Data Leaks of the Decade and the Financial Devastation They Caused
Usenet Providers Went Offline Following Massive Security Breach
Warwick University suffered multiple breaches due to poor security protocols
Warwick University Under Fire After Reported Breach Cover-Up
Why You Need Both SIEM and SOAR Solutions in your Cybersecurity
Zaha Hadid Architects says it will not pay ransom after cyber attack
Zaha Hadid Architects suffers cyber attack during coronavirus lockdown
Zaha Hadid warns architects to be vigilant after falling prey to cyber attack
27th April
5 common mistakes that lead to ransomware
5 Security Tips for Your Business while Homeworking
Aimed at Moving Targets: Five Cyber-Threats That Put Mobile Devices at Risk
Best practices to ensure data security while working remotely
Beware of the GIF: Account Takeover Vulnerability in Microsoft Teams
Biopharmaceutical Firm Suffers Ransomware Attack, Data Dump
Brave accuses European governments of GDPR resourcing failure
Chinese Firm Researching Coronavirus Detection Got Hacked and the Data Is on the Dark Web
Credential stuffing: the annual $6 million challenge
Customer Confidentiality - How To Protect Confidential Customer Data?
Cyber distancing – The new norm in secure distance learning
Data governance and COVID-19 data security challenges
DoppelPaymer Ransomware Attacks California City; Hackers Steal Data
Gamer's beware: 160K Nintendo accounts breached
Group-IB detects US and South Korea card data dump on dark web
Hackers Access Etana Custody Clients’ Details, Funds are Safe
Hackers publish ExecuPharm internal data after ransomware attack
Hackers spoof SBA to try to compromise companies' computers
Half a Million Zoom Accounts Compromised by Credential Stuffing, Sold on Dark Web
How to build a secure remote working organisation
How to Write a Disaster Recovery Plan for Your Business
Insider Breaches Remain a Major Concern, but New Email Protections Can Help
Lessening data privacy risks in the work-from-home era according to an expert
Microsoft Teams fixes funny GIFs cyber-attack flaw
Microsoft Teams flaw could let attackers hijack accounts
Most IT leaders believe remote workers are a security risk
NPC to probe unauthorized disclosure of COVID patients’ information
Optus facing class action over alleged customer privacy breaches
Petrol stations need to protect data
Ransomware gangs are changing targets again. That could make them even more of a threat
Shade (Troldesh) ransomware shuts down and releases decryption keys
'Smart' parking meter vendor had data stolen in ransomware attack
Solving the Case of the Missing Data
South Korean and US Payment Card Records Valued at $2 Million up for Sale on Dark Web
Third-party compliance risk could become a bigger problem
Three firmware blind spots impacting security
Top 10 Cyber Incident Response Mistakes and How to Avoid Them
Trustwave report highlights biggest cybersecurity trends of today
U.S. Universities Hit With ‘Adult Dating’ Spear-Phishing Attack
University of Warwick kept data breach secret from students and staff
Users’ Funds Are Safe Following Reported Etana Custody Breach
Warwick University kept data hack secret from students and staff
Warwick University was hacked and kept breach secret from students and staff
What Every Business Needs to Know About Consumer Data Privacy in 2020
Why effective data protection in healthcare matters
Your workforce is your front line defence against data breaches
Zaha Hadid Architects held to ransom by cyberhacker