Welcome to this week's Data Breaches Digest, a catalogue of links concerning Data Breaches and Cyber Security that were published on the Internet during the period between 12th April and 18th April 2021.
18th April
Discord Nitro gift codes now demanded as ransomware payments
Even now, it might take you weeks, at least, to detect a cyber intrusion
Facebook privacy breach - Lesson for Organisations to learn from this
Filipino-Korean cybercriminals, hackers busted in Angeles
Hackers are targeting Pakistani taxpayers with Federal Board of Revenue (FBR) emails containing harmful malware
India’s Cyber Agency Flags WhatsApp Risks; Recommends Updates
Ireland’s Privacy Commission begins a large-scale data breach investigation on Facebook
New modus operandi by fraudsters to withdraw money from ATMs
Over 30 Lakh Cybersecurity Jobs Vacant, Even As Hack Attacks Grow Worldwide
Phone House suffers a cyber attack: data from 3 million Spanish customers at stake
Students warned of data breach after cyberattack hits University of California system
Swinburne University's data breach hits over 5,000 individuals
The perils of suing crypto exchanges after ransomware attacks
The true cost of data breach fatigue could be detrimental to our security
Thousands of queer men’s details stolen in cyber attack on gay dating site Manhunt
TV licence alert: How to report text & email scams as Boris Johnson is urged to act
US sanctions cryptocurrency addresses linked to Russian cyberactivities
What Is Logic Bomb Malware and How Can You Prevent It?
WordPress to automatically disable Google FLoC on websites
17th April
Bank with Wells Fargo or Chase? Hackers are coming after you
Codecov Informs of a Supply Chain Hack That Goes 2.5 Months Back
Fortinet’s tips on how to keep kids safe online
How to Delete Your Facebook Account: A Step-by-Step Guide
Major BGP leak disrupts thousands of networks globally
More than 3.1 Million vacancies unfilled in Cybersecurity positions all across the world
Ryuk ransomware operation updates hacking techniques
Threat hunting for today’s enterprises
Twitter account of Philippine Statistics Authority hacked
16th April
1-click code execution vulnerabilities in popular software apps
44% of healthcare cyberattacks caused by network breaches
A hacker claims to be selling sensitive data from OTP generating firm
A 'Worst Nightmare' Cyberattack: The Untold Story Of The SolarWinds Hack
BazarLoader Malware Abuses Slack, BaseCamp Clouds
Can AI be Used to Mitigate Human Error?
Can the Aviation Community Stop a Cyber Attack from Taking Off?
Clubhouse Joins Facebook and LinkedIn as Target of Data Scraping; Cumulative One Billion User Profiles Have Been Leaked
Consumers worry about the cybersecurity of connected vehicles
Criminals Are Abandoning Bitcoin, Says Former CIA Director – Here’s Why
Crypto Lender Celsius Suffers Data Breach Through Third-Party Mailing List
Cryptojacking: How to Guard Against Cryptocurrency Criminals
Cyberattack on UK university knocks out online learning, Teams and Zoom
Data breach exposes financial support from police officers for fascist shooter Rittenhouse
Data breach of thousands of Chattanooga Library card owners revealed
Debunking Three Cyber Insurance Myths For SMEs
Digital rights group to sue Facebook over mass 2019 data breach
Dispelling the myths around passwordless authentication
Encrypted Data in the Cloud
Essential Security Guide For Your Email Marketing Campaign
Essentials to Consider When Choosing a Cloud Security Posture Management Solution
FBI cleans web shells from hacked Exchange servers in rare active defense move
Gay dating app Manhunt hacked, exposing thousands of users’ data
Genshin Impact 2FA will be introduced to help improve security for player accounts
Google faces massive fines after world-first data breach ruling
Google Project Zero testing 30-day grace period on bug details to boost user patching
Google to Delay Publishing Bug Details for 30 Days
HackBoss malware poses as hacker tools on Telegram to steal digital coins
Hillsborough Schools Recover, Plan to Reopen Monday after Cyber Attack
How (and why) cyber specialists hacked a North American utility's smart meter
How the Kremlin provides a safe harbor for ransomware
How to Secure Your Employees Against Hackers
Isolated data breaches leave student, university files vulnerable
It's not all doom and gloom in cybersecurity with remote workers
Latest on ransomware attack on 24 schools near Bristol
Maharashtra cyber's anti-phishing unit received 5,226 complaints in two years
Major data breach at cleaning and catering company Spotless
Many CISOs are drowning in ‘security debt’
MeterUp Parking App Hacked, Personal Information Accessed
Microsoft remains most imitated brand for phishing
Organizations Improve Detect, Response Capabilities, FireEye Mandiant Report Finds
ParkMobile app hacked, may affect some who park in downtown Columbia
Phishing 101: How It Works & What to Look For
Popular Codecov code coverage tool hacked to steal dev credentials
President Biden issues sanctions against Russia for cyberattacks, election interference
Protecting the human attack surface from the next ransomware attack
Ransomware Attacks in 2021: Information Meets Emotion
RCM vendor data breach affects 136,000: 5 hospitals, health systems involved
Russian foreign intelligence service exploiting five publicly known vulnerabilities to compromise U.S. and allied networks
Slack and BaseCamp used to lure users into downloading malware
Small business clients are making these cyber security errors
SolarWinds cyber strike: Russia did it, say US and UK
State institution in Slovakia became target of ransomware attacks
The basic cybersecurity controls that every company MUST have
The Many Faces of Malware: A Tour of Real-World Samples
The parallels of pandemic response and IoT security
Trickbot Actors Target Slack and BaseCamp Users
Update to REvil ransomware changes Windows passwords to automate file encryption via Safe Mode
US Indicts SecondEye Operators
US Issues Russian SVR Warning
US Sanctions Russia for Cyberattacks and Election Interference
Was Braman Motors target of hackers demanding ransom money? Employee says it’s true
Why Cyber-Attacks are the Biggest Threat to Online Businesses
Why is Cyber Security Essential in the Education Sector?
Why the pandemic has been a catalyst for ransomware attacks and what to do about it
Why You Should Worry About the Booming Dark Web Economy
15th April
6 Insider Data Loss Prevention (DLP) Risk Indicators
103,573 mobile malware detected in Malaysia last year
A guide to two-factor authentication, the two-part security test for your online accounts and devices
A Look at Digital Attacks on Gaming Resources During the Pandemic
A truly agnostic approach to key encryption removes the risks in hybrid cloud
Advice for aspiring threat hunters, investigators, and researchers from the old town folk
Are BaaS Solutions the Answer to Spike in Ransomware Attacks?
Arrest Made Over California City Data Breach
Attackers Target ProxyLogon Exploit to Install Cryptojacker
Aussie Biz Warned: Phishing Attacks Are On The Way
Australia: Government urges businesses to patch Microsoft Exchange
Behind the Great Firewall: Chinese cyber-espionage adapts to post-Covid world with stealthier attacks
Better than the best password: How to use 2FA to improve your security
Beware! There’s A New Fake Maybank Website Tricking Malaysians & Stealing Banking Information
Boost your organisation’s digital security with ‘Zero Trust’
CISOs Must Focus on People and Technologies Amid Rising Attacks
City’s IT Team Catches Alleged Data Breach in Finance Department
Consumer Alert: Why the Facebook data breach is a big deal
Council's Government cyber attack cash may have to be repaid unless conditions are met
COVID-19 attack campaigns continue to surge in 2H20
Cybercriminals get bolder as impact from SolarWinds and ransomware grows
Cyber insurance market reacts to ransomware epidemic
Cybersecurity: Ransomware – to pay or not to pay?
Digital Devices Took Over Our Lives In 2020: Here's How To Stay Secure
Dirty Tricks: The Latest in Ransomware Tactics
Europe's Data Protection Guardians Green Light EU-UK Data Flows
Fake Version of TikTok App Has Started Spreading Adware
Four out of 10 mobile phones vulnerable to cyber-attacks
Global Attacker Dwell Time Drops to Just 24 Days
Government most targeted for ransomware
Hacker Is Selling Live Server Access to an OTP-Generating Telco
Hackers flood the web with 100,000 pages offering malicious PDFs
Hackers Steal Data of 200K During CareFirst BlueCross DC Cyberattack
Heartbreak and Hacking: Dating Apps in the Pandemic
Hertfordshire University cyber-attack takes out all IT systems
Houston Rockets Hit by the “Babuk” Ransomware Gang
How Facebook’s recent data breach affect its users
IBM Uncovers More Cyber Attacks on COVID-19 Vaccine Supply Chain
Important Strategies for Aligning Security With Business Objectives
Ireland’s Data Commissioner Launches GDPR Inquiry into Facebook Data Breach
Lloyds Bank warning as Britons targeted by suspicious text
Machine learning-powered cybersecurity depends on good data and experience
Malware Variants: More Sophisticated, Prevalent and Evolving in 2021
Microsoft is most impersonated brand in phishing attempts
Ministry of Manpower's (MOM) warns public about fake e-mail seeking info
NBA's Houston Rockets probing cyber attack, working closely with FBI
NSA: Top 5 vulnerabilities actively abused by Russian government hackers
Open source security, license compliance, and maintenance issues are pervasive in every industry
Outdated VPN device led to Capcom cyberattack
Phishing attack ramps up against COVID-19 vaccine supply chain
Popular NFT marketplace Rarible targeted by scammers and malware
Ransomware: To Pay or Not to Pay?
SolarWinds: US and UK blame Russian intelligence service hackers for major cyber attack
Some cheeses have holes, but your cyber security strategy should not
'Staggering, concerning': Aon says ransomware now 'truly weaponised'
The Android app that steals your bank details
The business case for SOC-as-a-Service
The force of biometrics in post-pandemic financial services security
The Montefiore Medical Center Had Its Fourth Breach in 7 Months
The Need for a Cybersecurity Protection Agency
The Top 5 Reasons Hackers Might Target Your Small Business
Trickbot: Attackers Using Traffic Violation Scam to Spread Malware
University of Hertfordshire hit by cyber attack
University of Hertfordshire hit by major cyber attack on 'all systems' as online teaching cancelled
University of Hertfordshire Suffers Cyber-Attack That Takes Down its Entire IT Network
University of Hertfordshire's entire IT system offline after cyber attack
Unpatched MS Exchange servers hit by cryptojacking malware
US government confirms Russian SVR behind the SolarWinds hack
US Sanctions Russia and Expels 10 Diplomats Over SolarWinds Cyberattack
Users becoming more savvy with COVID phishing scams
Warning for Android users over Brazilian trojan sweeping the US and Spain: Downloading a dodgy app could leave you open to banking fraud
Wells Fargo and Chase now among most imitated brands in phishing attacks
Why is phishing so successful for scammers?
Why ransomware victims are deciding not to pay up
Why Security Awareness Training is a Top Cybersecurity Investment for Business
Why Traditional Cybersecurity Tools Cannot Defend Against Zero-Day and No Signature Attacks
14th April
14.3 million South Africa Facebook users hit by data leak – check if you are affected
14.3 Million South African Facebook Users Implicated by Data Breach
15% of Brits use their pet’s name as a password
330 million people across 10 countries were victims of cybercrime in 2020
A complete Facebook data breach & privacy leak timeline (2005 to 2021)
As ransomware rises, backup-as-a-service is worth a consideration
Aviation Industry Lacks Cohesive Cybersecurity Approach
Bad Bots Could Disrupt #COVID19 Vaccine Rollout
Bank hacks, online merchandise fraud and phishing attempts have skyrocketed during COVID-19 pandemic
Capcom Blames 'Old VPN Device' for 2020 Ransomware Attack
Capcom Reveals Ransomware Hack Came from Old VPN
Change your passwords! Dating site Manhunt reveals major data breach
Check Point Research highlights emerging threats of IcedID banking trojan
Cheesy hack: Ransomware attack on Dutch logistics company leaves supermarket shelves empty
Cyber criminals are installing cryptojacking malware on unpatched Microsoft Exchange servers
Cyber criminals are targeting the cloud - here’s how to defend against them
Cyber Threat: 5 Key Ways Your Business Computer Can Be Hacked
Cyberattack Wrecks Return to School for Massachusetts District
Cybercriminals targeting unpatched Exchange servers by installing cryptojacking malware
Cybersecurity funding hits all time high in 2020
Cybersecurity training lags, while hackers capitalize on the pandemic
DDoS attack activity: 10 million-plus attacks and 22% increase in attack frequency
DDoS attacks increased by 20% in 2020, meaning everyone should consider themselves at risk
Detection capabilities improve, but ransomware surges on
Does the Cloud Solve Your Cybersecurity Challenge?
EMEA firms experience surge in external compromise detections
Facebook: Ireland opens privacy probe into tech giant data breach
FBI accesses ProxyLogon target servers to disrupt cyber criminals
FBI accessing computers accross US to remove malicious web shells
FBI cleans up infected Exchange servers
FBI Clears ProxyLogon Web Shells from Hundreds of Orgs
FBI removes web shells from hacked Microsoft Exchange servers
FBI Removes Web Shells from Infected Exchange Servers
Free parking app popular in Charlotte, other cities confirms user data breach
Get your firm to say goodbye to password headaches
Grocery startup Mercato spilled years of data, but didn’t tell its customers
High numbers of schools hit by phishing, account compromise and ransomware attacks
Hospitals: Striking the balance of cybersecurity, interoperability and digital health
How B2B Firms Are Confronting Increased Security Threats As Work Goes Remote
How Businesses Can Survive and Thrive Amidst the New Fraud Landscape
How Fraudsters Nearly Stole $17.5 Million via PPE Fraud
Huge spike in ransomware attacks calls for adoption of backup as a service solutions by modern enterprises
IBM flags more cyber attacks on COVID vaccine infrastructure
Indian supply-chain giant Bizongo exposed 643GB of sensitive data
Industry Watch: Internet crime complaints rise
Ireland’s online privacy watchdog to investigate Facebook over data breach
Major firms disclose breaches in the wake of SolarWinds attack
Majority of Mobile App Vulnerabilities From Open Source Code
Maybank Warns Against Fake Maybank2u Websites Phishing For Customer Details
McAfee Sees COVID-19 Themed Threats and Powershell Malware Surge
Meet the Ransomware Gang Behind One of the Biggest Supply Chain Hacks Ever
Microsoft Patches Four More Critical Exchange Server Bugs
Most imitated brands in phishing emails in Q1 2021
Municipal Parking App Reports Cybersecurity Breach
Nasty Windows 10 ransomware is capable of changing YOUR login password
NBA Attacked with Alleged Ransomware 500 GB of Houston Rockets Data Stolen Including Contracts and More
New Jersey School Districts Investigate Cyber-Attacks
North American Electric Reliability Corporation (NERC) Says 375 Electricity Providers Installed the Laced SolarWinds Update
Over 3.5 Million Websites Vulnerable to Multiple ‘Elementor’ Flaws
Over 14 million South Africans included in Facebook data leak
Phishing Campaign Targeting COVID Vaccine 'Cold Chain' Expands
Police warn of phishing scam involving texts and e-mails impersonating DHL and SingPost
Practical advice to stop you from losing your data
Ransomware Actors Hit ‘ASBIS CZ’ and Paralyzed All Selling Activities
Ransomware Attack Creates Cheese Shortages in Netherlands
Ransomware attacks a kids school – raising threat on America
Remember GDPR? Expect another set of cyber regulations around vulnerabilities
Research finds sharp increase in Initial Access Brokers listings
Rise of Double-Extortion Shines Spotlight on Ransomware Prevention
SAP fixes critical bugs in Business Client, Commerce, and NetWeaver
Scammers using more sophisticated tactics
Securing Remote Health Care Post-COVID-19
Security crucial as 5G connects more industries, devices
Singapore: Ministry of Manpower (MOM) warns of phishing scam seeking contact details from recipients for Covid-19 vaccination roll-out
Six Key Guidelines To Protect Critical Infrastructure From Cyber Threats
Sweden: Russians Behind Sports Confederation Hack
Tasmania casinos hit by Windows ransomware, owner claims they are open
Tax Season is in Full Swing and so is Unemployment Fraud
Two Somerset County school districts report cyber attacks
Understanding cloud-era Shadow IT and how to stop it
University of California-Wide Data Hack Outrages Students
University Of Colorado Refuses To Pay $17 Million Ransom Following Accellion Data Breach
Use of PDF files in phishing scams unpacked
Users are getting better at recognising phishing attacks
Victim of data breach shares how Facebook tracks him in viral video
Victims scammed out of £26,000 by fraudsters pretending to be from Santander
Vital Signs: Why Service Monitoring is a Key Step in Effective IoT Cybersecurity
Vivaldi, Brave, DuckDuckGo reject Google's FLoC ad tracking tech
Warning over Hermes text scam circulating in the UK
What is cybersecurity and why is it important?
Which? warns of new DVLA text scam targeting drivers
Zero Days and Patch Lag: Stemming the Software Pandemic
13th April
Acknowledging Data Breach, Upstox Upgrades Security Systems
Adobe fixes critical vulnerabilities in Photoshop and Digital Editions
Attacks against cloud users surged in 2020
Better Business Bureau Warns of Rise In Tax Scams
Capcom: Ransomware gang used old VPN device to breach the network
Capcom ransomware attack: Hackers gained access via vulnerable VPN
Capcom says last year's ransomware attack exploited an 'old VPN' that had been kept online due to Covid-19
CISA gives federal agencies until Friday to patch Exchange servers
Clubhouse Denies Data Breach but API Does Mean User Information is Public
Clubhouse API allows everyone to scrape public user data
COVID-Related Threats, PowerShell Attacks Lead Malware Surge
Cring ransomware targets industrial and business systems through vulnerability in VPN servers
Cyber Criminals Targeting Municipal Computer Systems
Cybersecurity: Victims are spotting cyber attacks much more quickly - but there's a catch
Cybersecurity guide for the hospitality industry
Destructive Attacks Surged in 2020 for Financial Institutions
Educational organizations are hit by phishing attacks targeting cloud data more than any other vertical
Fake websites used in phishing attacks, impersonating brands like Pfizer and BioNTech
FBI nuked web shells from hacked Exchange Servers without telling owners
Food Shortages at Dutch Supermarkets After Ransomware Outage
Global Dwell Time Drops as Ransomware Attacks Accelerate
Government most hit by ransomware attacks in 2020 followed by Banking, says Atlas VPN
Hackers Leak Hacker Data in Swarmshop Breach
How do you solve a problem like customer data protection?
How open source security flaws pose a threat to organizations
McAfee: COVID-19 Themed Attacks Continue to Surge
Name:Wreck Bugs Could Impact 100 Million IoT Devices
New DNS vulnerabilities have the potential to impact millions of devices
New Linux, macOS malware hidden in fake Browserify NPM package
NSA discovers critical Exchange Server vulnerabilities, patch now
Parking app used across metro says data breach accessed info including license plates, addresses
Poker machines in Tasmania shut down after ransomware attack
Promoting a Cultural Shift for Cybersecurity
QBot malware is back replacing IcedID in malspam campaigns
Ransomware: Looking beyond endpoint protection
Ransomware on the Rise, Organizations Doing Better at Detecting Intrusions
Researcher releases PoC exploit for 0-day in Chrome, Edge, Brave, Opera
Risk startup LogicGate confirms data breach
Scammers Tricking Rapacious Crypto-Investors With the Help of Lightshot
Set of 9 Vulnerabilities Called “Name:Wreck” Affects Over 100 Million Devices
The Evolution of Ransomware: Four Predictions to Shape Your Security Strategy
These new vulnerabilities put millions of IoT devices at risk, so patch now
TV Licence warning: Phishing scams 'rise dramatically'
University of Portsmouth closes campus due to 'ransomware attack' on IT services causing 'ongoing disruption'
Users more alert to pandemic phishing
Wake Me Up Before You Know Know...About the Latest Third-Party Data Breach
Watch out for this W-2 phishing scam targeting the 2021 tax season
What techniques hackers use to spoof your identity and how to protect yourself
Why MSPs Need to Shift from Cyber Security to Cyber Resilience
Why You Need a Clear Phishing Prevention Plan for Your Business
Worldwide IT spending to total $4.1 trillion in 2021
12th April
5 Ways Cyberattacks Happen
6-year-old Moodle flaw exposed millions to account takeover attack
500 million LinkedIn accounts leaked
Accident in Iran’s Natanz Nuclear Facility Was the Result of a Cyberattack
'AI-powered' cyberattacks are on the rise
AIG Canada to foot part of city’s $2.9 million cyberattack bill
Are You Prepared to Prevent Data Loss?
Breach of trust: Cybersecurity can make or break a brand
Brits Still Confused by Multi-Factor Authentication
Clubhouse Data Appears on Hacker Forum but Not as a Product of a Breach
Clubhouse data breach: 1.3 million users have info leaked online
Combating the Rise of Ransomware-as-a-service (RaaS)
Could social media networks pave the way towards stronger authentication?
Credential phishing attacks – what are the latest themes and tactics?
Criminals spread malware using website contact forms with Google URLs
Critical security alert: If you haven't patched this old VPN vulnerability, assume your network is compromised
Cyber-criminals Increasingly Leveraging Debates About Travel During #COVID19 to Launch Attacks
Cyberattack at Haverhill Schools Keeps Seniors from Returning Monday; Educators Tentatively Reach Return Pact
Data transparency increasingly important, Kaspersky study states
Domain Typosquatting – Online Trademarks protection in the name of typing errors
Europol: “Virtually All” Crime Now Has a Digital Element
Facebook leaked data shows it tracks users across internet, knows when you ordered pizza
Facebook was running ads of malicious apps pretending to be Clubhouse for PC
Fake ads of a PC version of Clubhouse has been spreading malware
Has Clubhouse been hacked? CEO says claims are ‘false’
Haverhill High School goes fully remote as issues from ransomware attack linger
Here’s Where Phishing Emails Are Likely To Emerge From
How Merchants Fight Fire With Fire When Facing AI-Equipped Fraudsters
How To Stop Hackers Targeting Your Home
IT security professionals demonstrate excessive trust despite concerns with remote work security programs
It’s Time to Captivate the Next Generation of Cybersecurity Professionals
Lazarus Group uses Vyveva backdoor to target South African freight company
Malware laden fake Clubhouse app for PC is something you need to watch out for
Man Arrested After Failed AWS Bomb Plot
Moneycontrol Resets Passwords En Masse After Alleged Data Breach Impacting 7 Lakh Users
New Malware Downloader Spotted in Targeted Campaigns
Over 33% ICS computers faced cyberattacks in H2 2020
Over 90% of Organizations Hit by a Mobile Malware Attack in 2020
Parents were at the end of their chain — then ransomware hit their kids' schools
Paycheck Protection Program (PPP) Remains A Favorite Target Of Fraudsters
Ransomware’s evolving tools and technical tactics confuse forensic analysis
Royal Mail-related phishing scams surge by 645%
Scam alert: Fraudsters are getting sneakier
Scammers phishing for data through ANZ bank text messages
Scraped data of 1.3 million Clubhouse users published online
Securing SMEs Post-Pandemic: Four Ways To Improve Security For Remote And Hybrid Workforces
Stock Brokerage Firm ‘Upstox’ Suffers Data Breach, Company Says Users’ Data Safe
Supermarkets cheesed off after dairy supplier is hacked
The benefits of cyber threat intelligence
The Most Common Types Of Cyber Crime
The SOC is blind to the attackable surface
TriHealth reports patient and employee data breach through law firm
U.S. Regulator’s Crypto Conundrum Hurts Ransomware Victims
Upstox suffers hack, data of 25 lakh users up for sale on dark web
Upstox Tiptoes Around Data Breach Impacting 2.5 Million Users, But Upgrades Security System
What Does It Take To Be a Cybersecurity Researcher?
What fallout can we expect from the 2019 Facebook leak?
What to Do After a Data Breach
Where are phishing emails more likely to originate from?
Whistleblower Says Ubiquiti Lied About the Source and Extent of Its Data Breach To Protect Stocks
Will Ransomware Cause the End of the Internet as We Know It?
Windows 10 warning: New ransomware changes all your passwords