Welcome to this week's Data Breaches Digest, a catalogue of links concerning Data Breaches and Cyber Security that were published on the Internet during the period between 4th May and 10th May 2020.
10th May
ChatBooks discloses data breach after data sold on dark web
Hacker group ShinyHunters selling data of 11 enterprises on the dark web
How To Build A Business Case For Endpoint Security
Maze ransomware operators create havoc by leveraging attack on two US-based enterprises
Microsoft Github Account Reportedly Suffered A Cyberattack, Over 500 GB Data Stolen!
Protecting Privileged Identities In A Post-COVID-19 World
Sodinokibi ransomware can now encrypt open and locked files
Tax agents potentially compromised in early access to super fraud
The 4 Stages to a Successful Vulnerability Management Program
9th May
A hacker group is selling more than 73 million user records on the dark web
Cognizant: Ransomware Attack Expense at Least $50 Million
DigitalOcean suffers data breach after leaving internal document online
Entertainment Law Firm Hacked in Major Data Breach, Ransomware Attack
Hacker group floods dark web with data stolen from 11 companies
Law Firm Representing Lady Gaga, Madonna, Bruce Springsteen, Others Suffers Major Data Breach
Microsoft adds protection against Reply-All email storms in Office 365
Nefilim ransomware attacks BeyoncĂ©’s lingerie maker
Possible data breach reported at Pickering long-term care home
Possible privacy breach at Pickering long-term care home
Ransomware gang victimizes celebrities
REvil Ransomware Actors Threatening to Leak “GSMLaw” Documents
US Marshals says prisoners’ personal information taken in data breach
US Marshals Service exposed prisoner details in security breach
Virus Tracing App Raises Privacy Concerns in India
8th May
5 common mistakes that lead to ransomware
15 biggest hacks of the 2010s
86% of firms facing network security disruptions since switching to remote work
99% of enterprise users reuse passwords across accounts
Accenture says Unacademy hack has no impact on its data
Chinese APT group Naikon targeted Western Australia government
Cognizant expects to lose between $50m and $70m following ransomware attack
Covid-19 Impact: Demand for data centers surge as remote working catches up
Cyber-Attack on Stadler IT Network
Dating app MobiFriends silent on security breach impacting 3.6 million users
DigitalOcean Data Leak Incident Exposed Some of Its Customers Data
Digital Ocean says it exposed customer data after it left an internal document online
Does Your Security Awareness and Training Program Account for Changing Work Environments?
Facebook-funded Unacademy data hacked, claims cybersecurity firm
Financial disputes scheme reports data breach
Financial Services Complaints (FSCL) reports email breach
Hacker gains access to a small number of Microsoft's private GitHub repos
Hackers Breach 3.5 Million MobiFriends Dating App Credentials
Hackers Try to Sell 26 Million Breached Records
Healthcare systems remain vulnerable to cybersecurity threats during COVID-19
HEPACO, LLC Provides Notice Of Data Privacy Incident
How COVID-19 may change the cyber insurance landscape
How Law Firms Can Demonstrate Strong Cybersecurity Practices
Identity-Based Attacks Proliferate as Exposed Credentials Become More Intimate
Incident of the Week: Impact Mobile Home Communities Breached
Judgment allowed hackers to impersonate Banco Santander
LabCorp Shareholder Files Suit Over Double Data Breach
Malvertising Attackers Target 900,000 WordPress Sites
Microsoft’s GitHub Account Gets Hacked
MobiFriends data breach: 3.68 million credentials exposed online
Moving away from good old passwords in the era of artificial intelligence
'Our data is secure': Bukalapak denies reports of user data breach
REvil ransomware threatens to leak A-list celebrities' legal docs
Shiny Hunters hackers try to sell a host of user records from breaches
Stop Phishing With Employee Training
Suit filed against Lurie Children’s Hospital over data breaches
To Pay or Not to Pay: How to Deal With – and Avoid – a Ransomware Incident
Unacademy assures users' sensitive info safe after admitting to data breach
Unacademy data breach: Hacker allegedly steals data of 22 Million users, sells it on dark web
Virus tracing app raises privacy concerns in India
What is privileged access management (PAM)?
What is the Average Cost of a Data Breach?
What one cybersecurity company has learned from responding to Maze ransomware
Why Data Breaches Of Large Organizations Still Occur
7th May - World Password Day
4iQ Report: The Era of Weaponized Data Breaches
5 common password mistakes you should avoid
500GB of data allegedly stolen from Microsoft’s private GitHub
9,000 reports of sextortion and porn watching emails in April
11 billion adult site records exposed
44 Million Pakistani Mobile Users Data Leaked Online
A Fifth of Consumers Hit by Fraud Over Past Year
Adult Cam Site CAM4 Exposed 10.88 Billion Records
Advanced Computer Software leak exposes nearly 200 law firms
As we move online, we need privacy
Assessing the Value of Corporate Data
Australian Tax Office confirms government’s early access superannuation scheme has been compromised
Coronavirus fallout: Four ways to manage fraud risk
COVID-19 Uncertainties Fuel Ransomware Attacks and Phishing Schemes
Cybercriminals are 'already taking advantage' of the COVID-19 crisis
Cybersecurity and COVID: 5 Lessons
Data breach at Indian learning platform Unacademy exposes millions of user accounts
Destination Cyberlandia: 3 keys to cyber happiness amid COVID-19
Early-access super scheme hacked
Five Unexpected Ways An Unprotected Chatbot Could Affect Your Business
GoDaddy Confirms Breach Affecting 28,000 Accounts
Hacker claims to have stolen over 500GB data from Microsoft’s private GitHub repositories
Hacker freed from suit
Hackers claim to breach Microsoft’s GitHub account; steal 500GB of data
Hackers Target WHO by Posing as Think Tank, Broadcaster
Harsher penalties required for privacy breaches, says Cambridge Analytica whistleblower
How COVID-19 is evolving the data breach communication process
How your passwords can end up for sale on the dark web
If you’ve watched porn on this popular site, your personal details may have been exposed
Is Passwordless Authentication the Future?
It’s only a matter of time before your business will suffer a cyber-attack
It’s World Password Day
JavaScript Skimmers Found Hidden in 'Favicon' Icons
Jump in vulnerable RDP ports is leaving networks open to hacking and cyberattacks
LastPass Report Finds Most People Reuse Passwords Despite Knowing the Risks
MAZE Claims Ransomware Attack on US Egg Supplier
Microsoft Offers $100,000 to Anyone Who Can Hack Linux OS
Microsoft: 150 million people are using passwordless logins each month
Old Tesla hardware containing owners' private data is surfacing on eBay
Online learning platform Unacademy hacked, details of 22 million users available for sale
Online Privacy During a Pandemic: New Challenges in a New World
Password managers can be a pain but they're good for security
Phishing: 160,000 dodgy emails flagged to scam-busting service in just two weeks
Privacy concerns over online learning grow at the university
Rebooting World Password Day
Retaining Encryption Keys
Saucy camgirl site CAM4 leaks 10.8 Billion files – including sexy chats, names and private info
The difference that a decade makes
The unseen COVID-19 ripple effect: Security misconfiguration risk
Unacademy data breach: 22 million users’ account details up for sale
Unacademy Data Breach: Data of Nearly 22 Million Users Sold On Dark Web
Unacademy Data Breached, Hacker Sold Data of Nearly 22 Million Users
Unacademy hacked, data of 20 million users up for sale
Unacademy Suffers a Data Breach; 22 Million User Records for Sale on Dark Web
Weaponized Data Breaches: Fueling Identity-based Attacks Across the Globe
Website provider GoDaddy suffers from a data breach
What is your password behaviour and how does it matter?
Whisper Users Sue Over Exposure of Almost 900 Million Records
Why AI and ML are increasingly important for effective IT security
Why World ‘Password’ Day Needs a Refresh
Windows 10 update breaks critical browser security feature
World Password Day: I Hate My PA$SW*RD
World Password Day: Six pieces of advice from the cybersecurity industry
Zoom security issues: Zoom buys security company, aims for end-to-end encryption
6th May
3 ways to boost your security with role-based security compliance training
6 Security Threats E-Commerce Businesses Frequently Face
91% of People Know Password Reuse is Insecure, Yet 75% do it Anyway
Alarming number of pharma executive login credentials available on the Dark Web
Attackers Claim Identity of Financial NGO to Steal Sharepoint, Office Credentials
Australian Breach Notifications increase in the second half of 2019 but continue to lag behind other nations
Bad Actors Are Now Leveraging Google's reCaptcha Checks To Raise Phishing Attack Success Rate
Battling Payments Fraud: Know Your Enemy
Biometric Data: Increased Security and Risks
Bukalapak Denies Alleged Data Breach on Dark Web
CAM4 live-streaming adult site exposed 7TB records publicly
COVID-19 Has Shut Down Lots of Things - But Not Privacy Regulators
Cyber attacks threaten tax pros and accountants during coronavirus crisis
Detecting and Mitigating IoT Breaches Require An “Inside-out” Approach to Security
Don’t give hackers a pass. Learn how to create stronger passwords to protect your information
Eight Basics of Risk Management
GoDaddy reveals widespread data breach
Hackers breach Roblox security to access user information
Hacker sells 22 million Unacademy user records after data breach
Half of Companies Have Suffered a Cybersecurity Issue Amid COVID-19 Crisis
Half of global businesses have already encounted a cyber scare since shifting to remote working during COVID-19
Healthcare Cyber Security Market report scrutinized in the new analysis
HMRC removes nearly 300 Covid-19 phishing scam sites
How COVID-19 is impacting marketers digital security
How your passwords can end up for sale on the dark web
Hybrid Cloud Security Solution is the Most Trusted Cloud Strategy
Illusive Networks Discovers New Nation-State Cyberattack Tools Linked to COVID-19 Phishing Scam
Large scale Snake Ransomware campaign targets healthcare, more
Learn to spot the data security risks while working remotely during Covid-19
Logistics giant Toll Group hit by ransomware for the second time in three months
Lurie Children's fires worker for improperly viewing 4,800 medical records
Many businesses cut security budgets to save costs amid pandemic
MAS Holdings targeted by cyber extortionists
Maze Ransomware Hackers Post Patient Data Stolen from 2 Providers
Maze Ransomware Operators Step Up Their Game
Microsoft's GitHub account allegedly hacked, 500GB stolen
Millions of Unacademy user accounts exposed in data breach
More people seem to be watching porn on work devices - and it’s a cybersecurity problem for employers
Nintendo Wii Source Code, Internal Documents, More Allegedly Leaked
Password psychology: People aren’t protecting themselves even though they know better
Possible shopDisney Security Breach May Have Exposed Your Personal Information to Other Shoppers During Star Wars Day Merchandise Release
Protecting Your Organization From Cyber Attacks While Implementing COVID-19 Remote Working Protocols
Ransomware Hackers Threaten to Release Credit Card Data From Costa Rican Bank
SaltStack Report Finds Automation and Alignment are Critical to SecOps Success
SAP Admits to Security Lapses in Some Products, but Says There Was No Data Breach
Search provider Algolia discloses security incident due to Salt vulnerability
Security concerns intensify amid shift to remote working
Singapore scrapes fraudulent COVID-19 healthcare products from online stores
Snake ransomware attack disrupts operations at hospital chain Fresenius Group
Stop data breaches
Tesla is reportedly not erasing previous owner’s data from older media control units (MCUs)
The Economic Shutdown’s Impact on Security Budgets
The GoDaddy Data Breach: What You Need To Know
The Rise of the PrivacyTechs
The State of XOps Report Reveals IT and InfoSec Alignment Increases IT Security Confidence by Three Times
Thinking Beyond Cybersecurity Vulnerability Assessments: What’s Next?
This phishing campaign targets executives with fake emails from their phone provider
UK City Leaves Nearly Nine Million License Plate/Location Data Records Exposed On The Open Web
US Department of Homeland Security Warns of Office 365 Security Risks
Watertight record-keeping and rigorous staff training can mitigate data breaches
WordPress Hacker Attacks One Million Sites in a Month
World Password Day
5th May
3 Emerging Remote Security Use Cases Addressable with SOAR Playbooks
10 Biggest Data Breaches in History
28 health system cyberattacks, data breaches so far in 2020
Accidental Internal Data Breaches Are on the Rise. Here’s How to Protect Your Business
Adult streaming website leaks 11 million emails and private chats
Beyonce and Victoria's Secret lingerie maker targeted by extortionists
Boone Hospital Center affected by possible data breach
Critical SaltStack vulnerabilities exploited in several data breaches
Cybercrime – Time to Focus on Prevention, Not Reaction
Details of 44 million Pakistani mobile users leaked online, part of bigger 115 million cache
Dispersed employees mean dispersed data
Do You Trust Your Cloud Provider to Protect Your Data? Maybe You Shouldn’t
Energy company's website takes ransomware hit from unknown hackers
Firms perceived to fake social responsibility become targets for hackers, study shows
Former Lurie Children's employee wrongfully viewed 4,824 patient records
GoDaddy Confirms Data Breach - 28,000 Customers Affected
GoDaddy Confirms Data Breach: What 19 Million Customers Need To Know
GoDaddy data breach shows why businesses need to better secure their customer data
GoDaddy owns up to October 2019 data breach
GoDaddy Suffers Data Breach
Hack Brief: An Adult Cam Site Exposed 10.88 Billion Records
Hackers Breached Over 160,000 Nintendo Accounts and Misused Payment Information, the Company Admits
Impact Mobile Home Communities Provides Notice Of Data Privacy Incident
It’s Time to Broaden the Definition of a Vulnerability
LabCorp Hit with Shareholder Lawsuit Over 2 Separate Data Breaches
LastPass Psychology of Passwords Report Reveals 91% of People Know Password Reuse is Insecure, Yet Two Thirds Do It Anyway
Learn How to Build an Effective Security Stack for Your Team
Nintendo's Old Files Have Been Stolen; That's Why There's Super Mario 64, Says Report
SAP discloses security lapses; says there was no data breach
Tesla Makes A Huge Mistake With Sensitive Customer Data
This common online behavior puts you and your data at great risk
Tokopedia Breach Exposes Govt's Lack of Personal Data Protection
Tokopedia data breach exposes vulnerability of personal data
Tokopedia Data Breach: Hackers Leaks 15 Million User Records
Under cyber attack
What is the best identity theft protection?
Why do we still use passwords?
Why you must prioritise security and convenience
Wii, N64, and GameCube Source Codes Leak Online
Working from Home? Here’s Top 6 Security Tips for Working Remotely
Your Applications Are the Weakest Security Link
Xiaomi's Data Collection Antics Raise Serious Questions About Consumer Trust
4th May
6 Things to Do After Implementing Cybersecurity AI for Alert Management
Attack On Crowdfunding Platform Impact Guru Highlights Covid-19 Cyber Threats
CAM4 adult cam site exposes 11 million emails, private chats
Councillors accuse Glasgow City Council of breaching data protection law
Cyber basics in a connected world
Cybersecurity Is Top of Mind for Boards Amid Pandemic
Dangers of Data Sprawl Increase during the Remote Work Revolution
Data owned by 193 law firms exposed via unsecured Advanced database
Data privacy musts while working from home
Edtech company suffers from third data breach
Emerging Security Threats Facing The Credit Union Space And How Data Analytics Can Help
French Newspaper Le Figaro Exposes 7.4 Billion Users’ Records
Ghost blogging platform servers hacked to mine cryptocurrency
GoDaddy notifies users of breached hosting accounts
Government Responds to Alleged Tokopedia Data Breach
Hackers seize on software flaw to breach two victims, despite patch availability
Here’s how human-like bots perform online fraud
How Organizations can Respond to Risk in Real Time
How to approach data breaches
How to Assess and Manage Third-Party Risk
Massive Nintendo Leak Reveals Wii Code, N64 Demos, and Early Pokemon Designs
Nintendo Source Code for N64, Wii and GameCube Leaked
Protecting corporate data in popular cloud-based collaborative apps
Protecting pharmacy against data breaches
Ransomware attack on Colorado hospital highlights fears of more healthcare hostage situation
Reliance Jio’s Coronavirus Symptom Checker App Exposes User Data
Revealed: Glasgow City Council faces accusations of breaching YOUR data privacy
Roblox Hacked by Bribed Insider
Serious iPhone Vulnerability Triggered by Simply Opening Mail App May Have Been Present for Nearly Eight Years
SMB Security Catches Up to Large Companies, Data Shows
Students, experts call for explanation after York University suffers 'extremely serious' cyber attack
Tesla personal data oversight highlights autonomous vehicle data privacy issue
Timely reminder about who bears responsibility for cloud security
Tokopedia probes alleged data leak of 91 million users
Tokopedia says payment info secure following alleged data leak of 91 million users
Xiaomi accused of collecting millions of people’s browser data
Xiaomi has been accused of collecting millions of people’s browser data