Welcome to this week's Data Breaches Digest, a catalogue of links concerning Data Breaches and Cyber Security that were published on the Internet during the period between 16th September and 22nd September 2024.
22nd September
Alleged Data Breach Hits EasyMPS, Exposing Sensitive Information of Millions
Data resilience and protection in the ransomware age
Hackers Claim Second Dell Data Breach in One Week
Hong Kong Journalists: Hong Kong-based journalism professionals suffer cyber attack in Britain
Mega breach hits Star Health; medical reports, PAN, more sensitive info leaked
Shezmu Recovers Stolen Crypto Funds After Bold Negotiation with Hacker
Snowflake Hacker Remains Active As Of This Week
Uber Eats Data Breach Allegedly Exposes Over 280,000 Records
21st September
Chinese National Charged in Major “Spear-Phishing” Espionage Campaign: What You Need to Know
Crypto lender Shezmu recovers hacked funds through negotiation
Crypto scam: hacker attack on Indian Supreme Court YouTube channel to promote cryptocurrency
Cybercriminal Takes Over Decentraland’s X Account, Phishing Scam Ensues
Dell Investigates Employee Data Leak Claims Made By Hackers
Global infostealer malware operation targets crypto users, gamers
Hacker behind Snowflake customer data breaches remains active
Hacker Uses Telegram Chatbots to Leak Data of Star Health Insurance
Hacktivist Group Twelve Targets Russian Entities with Destructive Cyber Attacks
India: Supreme Court’s YouTube Channel Taken Down After Hack, XRP Scam Videos Appear
LinkedIn Halts AI Data Processing in UK Amid Privacy Concerns Raised by Information Commissioner's Office (ICO)
OP KAERB: Europol dismantled phishing scheme targeting mobile users
Philippines concerned over data breach risk at passport printer
Ransomware threats more than doubling every year
Shezmu recovers hacked crypto funds by negotiating with the hacker
Sneaky scammers drain bank account in sinister phone phishing scheme
Star Health Data Breach Exposes Millions of Customers’ Info
The dark side of AI democratization: You no longer need to be a hacker to hack
Threat Actor Claims to Leak SpaceX Data Containing Emails, Hashes, and IPs
Ukraine Bans Telegram Use for Government and Military Personnel
Ukraine bans Telegram use on state-issued devices
20th September
11 Common Cyberattacks You Should Be Aware Of
75% of Organisations Hit by Ransomware More Than Once
A Threat Actor Claims to Sell Data of Star Health Insurance, Compromising data of 31 Million Customers
Airline executive settles hack-for-hire case against law firm, pledging to ‘vigorously’ prosecute other alleged conspirators
Ascension Ransomware Attack Hurts Financial Recovery
Ascension’s Financial Comeback Stalled by Costly Cyberattack, Resulting in $1.8 Billion Loss
Asia Pacific Tops the Charts for Phishing Threats Against Financial Institutions
At least S$616,000 lost in 2024 amid spike in Singapore's parcel delivery phishing scams
AT&T To Pay $13 Million After Data Breach Hits 9 Million Customers
Australian Compass Group confirms second hack
BingX Confirms Attack on Its Hot Wallets, Initiates Emergency Plan
BingX Hack: Hackers Drain $43 Million, Exchange Commits to Full Refund
BingX Pledges User Compensation After a $43M Hack on Its Hot Wallet
Californian school district says December cyber attack compromised students’ data
Companies Often Pay Ransomware Attackers Multiple Times
Configuration flaw puts ServiceNow Knowledge Base articles at risk
Content creation platforms leveraged for phishing attacks
Critical Ivanti Cloud Appliance Vulnerability Exploited in Active Cyberattacks
Crypto Exchange BingX loses over $43m to fresh Hacker exploit
Crypto exchange BingX suffers hacker attack, losses surpass $40m
Cybercrooks strut away with haute couture Harvey Nichols data
Cybersecurity issues put 28 million passports at risk of data breach
Cybersecurity Skills Gap Leaves Cloud Environments Vulnerable
Data Breach Fallout: Disney Severs Ties after Slack Hack?
DDoS overtakes ransomware as most active cyber threat in Europe
Dell Allegedly Breached +10K Employee Information Exposed
Dell hit by “minor” data breach, over 10,000 employee records exposed
Dell investigates data breach claims after hacker leaks employee info
Department of Justice (DOJ) charges hackers for stealing $230 million in crypto from individual
Disney ditching Slack after massive July data breach
Disney ends Slack use over 1 TB data breach
Disney To Stop Using Salesforce's Slack After Data Breach
Disney To Stop Using Slack Following July Data Breach
ENISA Threat Landscape 2024 identifies availability, ransomware, data attacks as key cybersecurity threats
Europol busts massive criminal phishing network, over 480K affected
Europol Shuts Down Major Phishing Scheme Targeting Mobile Phone Credentials
Fake shelter alerts and death threats: phishing attack targets Israelis
Federal Trade Commission (FTC) investigates video streaming and social media for data collection
Fylde Coast Academy Trust: Schools threatened by hackers in cyber attack
Genetic Testing Company 23andMe Settles Data Breach Lawsuit for $30 Million
Germany Shuts Down 47 Cryptocurrency Exchange Services Linked to Cybercrime
Germany shuts down 47 cryptocurrency exchange services used by cybercriminals
Hacker exploits Telegram chatbots to leak data from leading Indian insurer Star Health
Hacker selling 7 TB of Star Health Insurance’s customer data using Telegram
Hacker uses Telegram chatbots to leak data of Star Health Insurance
Hacker uses Telegram chatbots to leak data of top Indian insurer Star Health
Hackers exploit content creation platforms for phishing attacks, warn experts
Hardware chain Total Tools suffers major data breach after cyber attack
How Ransomhub Ransomware Uses EDRKillShifter to Disable EDR and Antivirus Protections
How to Address Shortcomings in API Security
How to detect and stop bot activity
Huge phishing network which claimed 480K victims broken by Europol
In a major cyber attack, hackers target WHO and British parliamentarians on X
INC ransomware hits US healthcare, linked to Vanilla Tempest
Indian Supreme Court under Cyber Attack as Hackers Hijack YouTube Channel to Promote XRP
Iranian APT UNC1860 Linked to MOIS Facilitates Cyber Intrusions in Middle East
Joint EU, Americas Effort Dismantles iServer Phishing Network
Law Enforcement Dismantles Phishing Platform Used for Unlocking Stolen Phones
LinkedIn Halts AI Model Training in the UK Amid Privacy Concerns
Major retail banks in Singapore to introduce Singpass Face Verification (SFV) to mitigate phishing
Maryland Police Warn Gmail Users of Phishing Scam Demanding Bitcoin
More than $44 million in cryptocurrency stolen from Singaporean platform BingX
More Than Two Million Stolen VPN Passwords Discovered
Mr Hamza Launches Campaign Against Turkey
Nearly 8,000 claimants file high court case against Capita over 2023 cyber attack
New SambaSpy malware spread in phishing campaign
One-third of the US population’s background info is now public
Operation Kaerb, Masterminds Behind iServer Phishing-As-A-Service Platform Arrested
Passwordless AND Keyless: The Future of (Privileged) Access Management
Philippines concerned over data breach risk at passport printer
Police bust Vietnam-based phishing ring in 10 Billion Won scam
Providence Public School District yet to recover from debilitating ransomware attack
Providence school officials are quiet on data breach details
Republicans demand FBI hearing on Iran theft of Trump documents
Rising identity security risks: Why organizations must act now
Several organisations purportedly attacked by novel Valencia Ransomware gang
Seventeen Arrested in International Phishing Takedown Targeting Nearly Half a Million Victims
Singapore: Victims lose $616k amid spike in parcel delivery scams in 2024
Star Health Data Breach Exposes Millions of Medical Records on Telegram
Star Health Hit By Massive Data Breach, Millions Of Customers' Data Leaked On Telegram
Star Health Insurance Faces Allegations of Data Breach Affecting Over 3.1 Crore Customers
Star Health Suffers Mega Data Breach, Medical Records Of Over 31 Million Customers Up For Sale On Telegram
Stolen Star Health customer data exposed via Telegram chatbots, raising security concerns in India
Striking the balance between cybersecurity and operational efficiency
Text message phishing scammers extradited to Korea from Vietnam
The Vanilla Tempest cybercrime gang used INC ransomware for the first time in attacks on the healthcare sector
This Phishing Service Helped Criminals Break Into 1 Million+ Stolen Phones
Threat Actor Claims Repeated Breach of Port of Seattle Website
Threat Actor Selling Access to Saudi Arabia’s Neom Project and MiSK Foundation Systems
Transport for London (TfL) sends letters to 5,000 cyber attack customers whose details were hacked
Transport for London (TfL) writes to 5,000 cyber attack customers
U.S. elections: Four cyber threats organizations can expect
UK regulator stops LinkedIn from training AI models with British users’ content
Ukraine bans Telegram on military, government devices over security risks
Ukraine bans Telegram on state and military devices
Ukraine Bans Telegram on State-Issued Devices
US Cyberspace Solarium Commission Outlines Ten New Cyber Policy Priorities
Vanilla Tempest (Vice Society) Threat Group Using INC Ransomware to Attack Healthcare Orgs
WazirX Cyber Attack: Binance Distances Itself from Ownership and Responsibility
Why Disney may have decided to stop using Salesforce’s Slack communication platform
19th September
5 New Vulnerabilities Added to CISA’s Known Exploited List: Urgent Action Required
6 Million Taxpayer IDs, Including President's, Allegedly Leaked and Sold for $10,000
10 Critical Indicators Your Company is Vulnerable to Cyberattacks
17 arrested in takedown targeting phishing service with nearly 500,000 victims
23andMe $30M Data Breach Settlement: How Valuable Is Genetic Data?
23andMe Agrees to $30M Settlement That Could Pay $10,000 to Data Breach Victims
52% of consumers have an increased fear of becoming a fraud victim
8000 Claimants Sue Outsourcing Giant Capita Over 2023 Data Breach
A smartphone exploded at a Muscovite on Arbat Street during an Israeli cyber attack on Hezbollah
A Threat Actor Claims to Sell Police Complaints from 52 Police Stations in Rawalpindi
Alleged Data Breach Hits Egyptian Restaurant Chain Bazooka
Altman Plants Notifies Thousands of Data Breach Involving Their SSNs and Medical Information
APAC receives highest median threat score for phishing attacks against financial institutions
AT&T to Pay Federal Communications Commission (FCC) $13M for Vendor Data Breach
Attention Travelers! Beware of Booking.com Themed Phishing Attacks
Behind a data breach: the cost of cybersecurity incidents for Australian businesses
Beneath the surface - exploring the hidden costs of a cyber attack
Better Department of Justice (DOJ), FBI anti-ransomware efforts sought
Binance detaches itself from any liabilities days after WazirX cyber attack
British Authorities Arrest 17-Year-Old In Connection With Transport for London (TfL) Cyber Attack
Can the US safeguard user data from Meta’s AI training?
Canada: Watch out for 2FA phishing texts pretending to be from Rogers
Cashless toll payments end with massive data leak
Cencora Faces Criticism After Paying Rp1.15 Trillion Ransom In Bitcoin Due To Cyber Attack
Chinese marketplace Temu denies breach after hacker claims major customer data heist
CISA warns of actively exploited Apache HugeGraph-Server bug
City increasing security after thousands of Wichita Police records are compromised in cyber attack
Clever 'GitHub Scanner' campaign abusing repos to push malware
Combined Hardware-Cyber Attack Annihilate Hezbollah Command Network
Criminal phishing network resulting in over 480 000 victims worldwide busted in Spain and Latin America
Cryptojacking Gang TeamTNT Makes a Comeback
Cyber Attack on Security Firm Dr.Web Forces Servers Disconnection
Cyber Essentials: The 5 Cost-Effective Security Controls Everyone Needs
Cyberattacks Plague the Health Industry. Critics Call Feds’ Response Feeble and Fractured
Cybercriminals Exploit Content Platforms For Phishing Attacks And Data Breaches
CyberVolk Threatens Universities with Deleting Their Data
Data Breach Surge: A Wake-Up Call for Privacy
Data disposal and cyber hygiene: Building a culture of security within your organization
Data from Major Chinese Oil Company Allegedly Leaked on Dark Web
Decentraland X account hacked, phishing scam targets MANA airdrop
Decentraland’s X Account Hacked: Scammers Use Phishing Links to Target 607,000 Followers
Department of Justice (DOJ) and FBI Urged to Improve Ransomware Tracking, Says New Audit
Differential privacy in AI: A solution creating more problems for developers?
Disney Cuts Ties With Slack After Data Heist
Disney to ditch Slack following July data breach
Earth Baxia Uses Spear-Phishing and GeoServer Exploit to Target APAC
Essential metrics for effective security program assessment
European, Latin American authorities arrest 17 in crackdown on phishing network with 483,000 victims
Exploding pagers - should we be worried?
Failed crypto scammers nominated for 'most incompetent hacker' award
Fake CAPTCHA Verification Pages Spreading Lumma Stealer Malware
FBI Dismantles Chinese-Linked Botnet of 260,000 IoT Devices
FBI forced Flax Typhoon to abandon its botnet
FBI Shuts Down Chinese-Backed Hacker Group Targeting U.S. Universities and Agencies
FBI Takes Down China-Backed Botnet, Facilitates Ransomware Negotiations
Fedbank Financial Services clarifies on ransomware attack rumors: No breach of IT infrastructure
Federal civil rights watchdog sounds alarm over DOJ, DHS and HUD use of facial recognition technology
Federal Communications Commission (FCC) fines AT&T $13 million over cloud data breach
Federal Communications Commission (FCC) Fines AT&T $13 Million Over Massive Data Breach and Lax Security
Federal Trade Commission (FTC) exposes massive surveillance of kids, teens by social media giants
Federal Trade Commission (FTC) report on predatory social media data hoarding hints at future regulations
Fireworks Software Notifies 27k Individuals of Recent Data Breach
Fortinet Confirms “Limited” Data Breach That Leaked 440 GB
Germany seizes 47 crypto exchanges used by ransomware gangs
GitLab Patches Critical SAML Authentication Bypass Flaw in Community Edition (CE) and Enterprise Edition (EE) Editions
Global Phishing Network Busted in Major Cross-Continent Operation
Global Police Operation Dismantles 'Ghost' Encrypted Communication Platform
Group-IB contributes to international “Operation Kaerb” that led to the arrest of the masterminds behind the iServer phishing-as-a-service platform which claimed more than 483,000 victims globally
Hacker Claims “Minor” Data Breach at DELL; Leaks Over 10,000 Employee Details
Hackers are seeking $6 million for files stolen in a cyberattack on Seattle airport operator
Hackers deliver popular crypto-miner through malicious email auto replies, researchers say
Hackers Exploit Default Credentials in FOUNDATION Software to Breach Construction Firms
Hackers need your credentials so they can have spicy chats with AI models
Handala Hacktivist Group Claims Breach of Two Israeli Defense-Related Companies
Healthcare's Diagnosis is Critical: The Cure is Cybersecurity Hygiene
How hackers are using legitimate tools to distribute phishing links
How the National Crime Agency (NCA) Controlled a Ransomware Operation
Indonesia: Finance Minister Sri Mulyani Orders Investigation into Taxpayer Data Breach
Indonesia’s tax agency probes alleged data breach affecting President Jokowi, 6 million taxpayers
Indonesia's tax agency probes alleged personal data breach
Infostealers Cause Surge in Ransomware Attacks, Just One in Three Recover Data
Initial Conference Takes Place for Consolidated Change Healthcare Data Breach Lawsuit
Insecure APIs and Bot Attacks Cost Global Firms $186 Billion
International Raids Shut Down Ghost Encrypted Messaging App
Iran backdoors planted across Middle East telecoms, government agencies
Iran tried to hand stolen Trump campaign data to Biden's campaign, agencies say
Iran’s Passive Backdoors Lurk in Middle Eastern Networks
Is Tor really safe? Law enforcement surveilling and unmasking users on the dark web
Ivanti warns of another critical CSA flaw exploited in attacks
Justice Department Crushes Chinese-Hacker Controlled 'Raptor Train' Botnet in Cybercrime Crackdown
Lockbit says it has hit eFile.com, again
Lumma Stealer Malware: New Threat Targeting Windows Users
Malicious actors target UK motorists with QR code scams
‘Marko Polo’ hackers found to be running dozens of scams
Microsoft Warns of New INC Ransomware Targeting U.S. Healthcare Sector
Microsoft warns of ransomware attacks on US healthcare
Microsoft Warns Of Vanilla Tempest Hackers Attacking Healthcare Sectors
Mt. Carmel Behavioral Healthcare suffers data breach, exposing sensitive patient information
New Brazilian-Linked SambaSpy Malware Targets Italian Users via Phishing Emails
New TeamTNT Cryptojacking Campaign Targets CentOS Servers with Rootkit
Novel backdoor leveraged in North Korean hackers’ global aerospace, energy attacks
Pagers used in Hezbollah attacks: who still uses them and why?
Patch this critical Safeguard for Privileged Passwords auth bypass flaw (CVE-2024-45488)
Pennsylvania Launches Online Portal for Mandatory Data Breach Reporting
Phishing Espionage Attack Targets US-Taiwan Defense Conference
Police dismantles phone unlocking ring linked to 483,000 victims
Port of Seattle Won’t Pay Ransomware Demand
RansomHub Ransomware Targets 210 Victims Since February 2024
Ransomware is Most Significant Threat to UK and Most Overwhelming Issue
Ransomware payments: Ever present or on the decline?
Repsol suffers a cyber attack on its customer database
Richland County says 2023 data breach impacted more than 75,000 county residents
Risky Recovery: Ransomware “Decryption” Scams Remain in 2024
Russian cybersecurity firm Dr.Web suffers cyberattack, temporarily suspends virus database updates
SambaSpy Attacking Windows Users With Weaponized PDF Files
Seattle Airport Hack: Hackers Demand $6M Bitcoin Ransom For Stolen Files
Second cyber-attack leaves Hezbollah reeling; citizens fear war
Security Firm's North Korean Hacker Hire Not an Isolated Incident
Security leaders consider banning AI coding due to security risks
Selling ransomware breaches: Four trends spotted on the RAMP forum
Social media and video streaming companies violate user privacy on 'vast' scale
Spanish Police Arrest Hacker Wanted by Morocco for Cyber Fraud
Suspects behind $230 million cryptocurrency theft arrested in Miami
Suspicious teaser: Kaspersky warns that scammers hide phishing links behind images
Temu denies 87m record data breach claims
Temu Fights Back Against Massive Data Breach Allegations - Is It Enough To Rebuild Trust?
Temu threatened by hacker claiming data breach that company denies
Tewkesbury Borough Council IT systems deemed 'safe' after cyber attack
Tor says it’s "still safe" amid reports of police deanonymizing users
Total Tools customers warned of major data leak that impacts more than 38,000 tradies
U.S. Taxpayer Data at Risk? LockBit Ransomware Claims Attack on IRS-Authorized eFile
UK spyware victims file criminal complaint against NSO Group
United States says thwarted Chinese 'state-sponsored' cyber attack
US agencies say Iran offered hacked Trump documents to Democrats but was ignored
US Disrupts Alleged Chinese ‘State-Sponsored’ Cyber Attack Network
US healthcare sector subjected to attacks with INC ransomware
US Indicts Chinese Aerospace Employee for Spear Phishing Attack on Government, Private Sector
US Sanctions Intellexa Spyware Network Over Threat to National Security
Valencia Ransomware explodes on the scene, claims California city, fashion giant, more as victims
Vanilla Tempest leverages INC ransomValencia Ransomware explodes on the scene, claims California city, fashion giant, more as victimsware to target healthcare sector
Vanir Group ransomware gang’s leak site seized by German authorities
Vanir ransomware site sequestered by Germany
Vice Society Pivots to Inc Ransomware in Healthcare Attack
Virgin Islanders Grow Frustrated With Lack of Access to Medical Records Following Schneider Regional Medical Center (SRMC) Ransomware Attack
WazirX Funds on the Move as Hacker Shifts $33 Million to Tornado Cash
WazirX Hacker Launders $12M in Ethereum Via Tornado Cash
WazirX Hacker Moves $32M in ETH to Tornado Cash in 4 Days, Binance Refutes Founder’s Claims
WazirX Hacker Moves $32M Stolen Ether in Four Days to Tornado Cash as Binance Denies Founder’s Claims
Western Agencies Warn Risk from Chinese-Controlled Botnet
What more can be done to stop ransomware attacks?
Why the National Cyber Security Centre (NCSC) Cyber Assessment Framework is Important to the UK Public Sector
Windows users targeted with fake human verification pages delivering malware
18th September
23andMe agrees to $30m settlement over data breach targeting Jewish and Chinese users
23andMe agrees to $30M settlement over data breach that targeted Jewish and Chinese users
23andMe to pay $30 million to settle class action lawsuit over October data breach
75 percent of organizations affected more than once by ransomware
A Threat Actor Alleged Data Breach of Relevvo
Ally Bank May Have Compromised Your Personal Data in an April Data Breach
Alleged DATASUS and DETRAN Database Breach Exposes Millions of Records
Almost 500GB of data allegedly leaked in RansomHub attack on Kawasaki
Analysis Identifies Web Servers as Weakest Cybersecurity Link
AT&T Agrees $13m Federal Communications Commission (FCC) Settlement Over Cloud Data Breach
AT&T ordered to pay $13M settlement in latest setback for company
AT&T Reaches $13 Million Federal Communications Commission (FCC) Settlement Over Massive 2023 Data Breach
AT&T to Pay $13 Million in Settlement Over 2023 Data Breach
AT&T to Pay Federal Communications Commission (FCC) $13 Million for Vendor Data Breach
Atrium Health data breach: Phishing attack exposes sensitive consumer information
Australia Arrests Mastermind Behind Global Crime App, Ghost
Bharat Petroleum Database Allegedly Breached 148M Records for Sale on Dark Web
CafePress data breach victims are getting money, Federal Trade Commission (FTC) says
Censys Uncovers Hidden Infrastructure of Iranian Fox Kitten Group
Chinese botnet infects 260,000 SOHO routers, IP cameras with malware
Chinese Engineer Charged in U.S. for Years-Long Cyber Espionage Targeting NASA and Military
Chrome extension hides malware to steal crypto: new operation uncovered
Chrome Introduces One-Time Permissions and Enhanced Safety Check for Safer Browsing
CISA Issues Advice to Help Eliminate XSS Bugs
City of Wichita reveals whose information is compromised from cyber attack
Claims of hacked voter data aims to cause distrust in elections
Cohesity reveals ransomware costs in cyber resilience report
Columbus says no IT Department employees have been fired since July ransomware attack
Company listed on Shanghai stock exchange accused of aiding Chinese cyberattacks
Critical Infrastructure at Risk From Email Security Breaches
Critical VMware vCenter Server bugs fixed (CVE-2024-38812)
Cyber attack on city of Wichita limited to police records, internal investigation finds
Deadly cyber attack in Lebanon reveals the new face of warfare
Deja blues...LockBit boasts once again of ransoming IRS-authorized eFile.com
Department of Justice (DOJ), FBI need better metrics for tracking ransomware disruption efforts, audit finds
Detecting vulnerable code in software dependencies is more complex than it seems
Europol takes down "Ghost" encrypted messaging platform used for crime
Europol Taskforce Disrupts Global Criminal Network Through Supply Chain Attack
Everything you need to know about VPN tracking
Exploding Hezbollah pagers have bitcoiners worried, too
Fair Ball or Foul Play? EU’s Digital Markets Act Puts App Security on Shaky Ground
FBI boss says China 'burned down' 260,000-device botnet when confronted by Feds
FBI Disrupts Another Massive Chinese-Linked Botnet
FBI disrupts major Chinese hacking group, director says
FBI says it recently dismantled a second major China-linked botnet
FBI warns about China-controlled botnet affecting thousands of Americans
Federal Communications Commission (FCC) Fines AT&T $13 Million for Data Breach Last Year
Federal Communications Commission (FCC) imposes $13m penalty on AT&T over 2023 vendor data breach
Federal Communications Commission (FCC) reaches $13 million settlement with AT&T over 2023 data breach involving third-party vendor
Federal Communications Commission (FCC) reaches settlement with AT&T for data breach
Germany seizes leak site of ‘Vanir’ ransomware operation
Ghost: Criminal communication platform compromised, dismantled by international law enforcement
GitLab releases fix for critical SAML authentication bypass flaw
Global Crime Hit as Europol Shuts Down Encrypted Chat App Ghost
Google Street View Images Used For Extortion Scams
GSM Association (GSMA) Plans End-to-End Encryption for Cross-Platform Rich Communications Services (RCS) Messaging
Hacker claims to have stolen 20GB data hoard from Capgemini, and is threatening to leak it all
Hacker targets NASA, faces 300+ years behind bars
Hackers breaching construction firms via specialized accounting software
Hackers demand $6 million for files stolen from Seattle airport operator in cyberattack
Hackers hold Blackpool academies and primary schools to ransom after cyber attack
Hacking group Dark Angels received $75 million in bitcoin, marking the largest known ransomware attack to date
Hezbollah walkie-talkies targeted by Israel in new round of coordinated fatal blasts
Hezbollah’s Pager Explosions Trigger Questions of Similar Threat to Smartphones
How did Israel’s Mossad plan the Hezbollah pager cyberattack? Here's what we know so far
Infostealers: An Early Warning for Ransomware Attacks
Japanese automaker Kawasaki says ransomware attack impacted European operations
LinkedIn scraped user data for training before updating its terms of service
Median payments for ransomware attacks by schools exceed $4m
Microsoft Azure tools increasingly leveraged in ransomware attacks
Most Educational Organizations Paid More Than the Original Ransom Demand, Says Sophos Survey
New Akamai State of the Internet Report reveals Asia Pacific received highest median threat score for phishing attacks against financial institutions
New Data Breach Notification Obligations for Pennsylvania – and a New Reporting Portal
New "Raptor Train" IoT Botnet Compromises Over 200,000 Devices Worldwide
New research finds rise of infostealer malware and digital identity exposure creates the perfect storm for ransomware attacks
North Korea-linked hackers target energy and aerospace companies in new espionage campaign
North Korean Group Uses Fake Job Offers to Target Energy, Aerospace Sectors
North Korean Hackers Target Energy and Aerospace Industries with New MISTPEN Malware
Novel phishing attack uses "no-escape" kiosk mode in Chrome to extract passwords
Organizations overwhelmed by numerous and insecure remote access tools
Pagers Explode in Lebanon Killing 9 In Likely Israeli Cyber Attack
Pakistan: Government organisations are being attacked with phishing emails
Patch Issued for Critical VMware vCenter Flaw Allowing Remote Code Execution
Police announce takedown and arrest mastermind behind criminal comms platform 'Ghost'
Preventing ransomware by fully remediating infostealer attacks
Providence public schools still struggling with internet outages after ‘irregular activity’
RAMBO Attack: Electromagnetic Waves Steal Data from Air-Gapped Systems
Russian cyber firm Dr.Web says services are restored after ‘targeted cyberattack’
Russian security firm Dr.Web disconnects all servers after breach
Seattle-Tacoma Airport Says Criminal Hacker Group Attacked Computer Systems
Sensitive Data of Indonesian Government Officials Allegedly Leaked on Dark Web
Server Misconfiguration at Fuel Industry Software Provider Exposes SSNs, PII Data
ServiceNow warned customers of Knowledge Base (KB) article data breach
Seven Ways Hackers Can Access Company Information
Singapore: Major Retail Banks to Introduce Singpass Face Verification, Further Strengthening Resilience Against Phishing Scams
Singapore mandates face authentication for 'higher risk' bank transactions
Spain arrests Moroccan hacker sought by Morocco
SpyCloud Unveils Massive Scale of Identity Exposure Due to Infostealers, Highlighting Need for Advanced Cybersecurity Measures
Sydney-based Compass Group confirms Medusa ransomware attack
The clock is running on ransomware attack against Providence schools
The proliferation of non-human identities
Think twice before you click: this captcha might steal your money
Threat Actor Claims to Sell 600GB of Chunghwa Telecom Data
Two-Thirds of Security Leaders Consider Banning AI-Generated Code
U.S. Intelligence Agencies Say Chinese Botnet Compromised 260,000 Devices
U.S. says Iran sent Biden camp stolen Trump info in election interference bid
UK and allies issue cyber attack warning over China-backed 'botnet' of 260,000 compromised devices
Ukraine: Hacker who sold databases of thousands of users detained in Dnipropetrovsk region
US charges Chinese national over spear-phishing attacks against agencies
US FBI disrupts second Chinese hacking group, director says
US government ‘took control’ of a botnet run by Chinese government hackers, says FBI director
US Imposes Fresh Sanctions on Intellexa Spyware Maker
Vanilla Tempest hackers hit healthcare with INC ransomware
X hacking spree fuels "$HACKED" crypto token pump-and-dump
17th September
6% of media websites have robust bot protection
23andMe agrees to $30 million settlement after data breach affected nearly 7 million users
23andMe agrees to $30 million settlement after major data breach
23andMe settles data breach lawsuit for US$30 million
80% of critical infrastructure entities affected by email breaches
80% of Critical National Infrastructure Companies Experienced an Email Security Breach in Last Year
100s of injuries following pagers exploding in Lebanon
280K Customer Records from Alshaya Group Allegedly Leaked on Dark Web
A Threat Actor Alleged Data Breach of Didi Chuxing
A Threat Actor Claims Admin Access to Corporate Analytics Software Used by Major Companies
Access Sports Data Cyber Attack, 88,000+ Users Data Impacted
AI to supercharge deepfakes, ransomware and phishing attacks
All Smoke, no Fire: The Bizarre Trend of Fake Data Breaches and How to Protect Against Them
Apple Urges Users to Install iOS 18 to Fix 33 iPhone Vulnerabilities
AppOmni Surfaces Configuration Flaw in ServiceNow SaaS Platform
Aramark Provides Notice of myPay Data Breach Affecting an Unknown Number of Employees
AT&T pays $13 million Federal Communications Commission (FCC) settlement over 2023 data breach
AT&T to Pay $13 Million and Add Safeguards After 2023 Data Breach
AT&T to pay $13 million Federal Communications Commission (FCC) settlement for 2023 data breach
AT&T to pay $13 million over 2023 customer data breach
AT&T to pay $13 million to settle FCC probe over cloud data breach
AT&T to pay out $13m over hack that affected millions - here's how you can claim
Australia: Local medical centre the victim of phishing attack
Bank Rakyat assures its system remains secure after attempted data breach on September 3rd
Binance Warns of Rising Clipper Malware Attacks Targeting Cryptocurrency Users
Blasts in Beirut: Hezbollah communication equipment explodes, over 3,000 injured, 8 dead
Broadcom fixes critical RCE bug in VMware vCenter Server
Charles Darwin School forced to cancel classes following a BlackSuit ransomware attack
Chinese Citizen Allegedly Spent Years Trying to Hack NASA, US Research
Chinese Hacker Targeted NASA, U.S. Military to Steal Critical Software
Chinese man charged for spear-phishing against NASA and US Government
Chinese man stole NASA source code using spear phishing
Chinese national accused by Feds of spear-phishing for NASA, military source code
Chinese national accused by US of NASA and military spear-phishing campaign
CISA urges software developers to weed out XSS vulnerabilities
CISA’s FOCAL Plan: Federal Agencies Unite Against Cyber Threats
‘Click Here’: Investigators Struggle to Shed Light on Balkan-Wide Phishing Scam
Columbus data breach: 21% of city systems still down, IT chief says
Construction firms breached in brute force attacks on accounting software
Construction companies potentially vulnerable through accounting software, report says
Content platforms exploited for phishing attacks
Cyber Attack: Hezbollah blames Israel as pager explosions kill nine, over 2750 injured across Lebanon
Cyber Attack: Many killed, 2,750 wounded as pagers explode in Lebanon
Cyberattacks plague health care. Critics call the federal response 'inadequate'
David’s Bridal Data Breach Leaks an Unknown Number of Social Security Numbers
Death toll rises after Israeli cyber-attack on Lebanese communication network
Department of Justice (DOJ) indicts Chinese national for spear phishing campaign against NASA, FAA, Air Force
Email Security Breaches Rampant Among Critical Infrastructure Organizations
Express Services suffers data breach; unauthorized access confirmed
Financial Services sector tops charts for Phishing and DDoS in EMEA
Fines and lawsuits for businesses after a data breach might be worse than the attack itself
Gateways to havoc: Overprivileged dormant service accounts
Gen reveals 24% rise in ransomware attacks on consumers
GitLab releases security updates to fix 17 vulnerabilities
Google Chrome Switches to ML-KEM for Post-Quantum Cryptography Defense
Hacker Drains $6M from Delta Prime in Token Minting Exploit
Hacker Gains Access to T-Mobile’s Internal Files Via Third-Party Firm
Harmonizing Security and Usability to Tackle Account Takeover
Hezbollah pager devices remotely exploded in Israeli operation, thousands of members severely injured
Hezbollah vows "fair punishment" for major Israeli aggression
Hospitals need “tribal approach” to protect against hackers, says expert
Information Commissioner’s Office (ICO) Acts Against Sky Betting and Gaming Over Cookies
Instagram Introduces ‘Teen Accounts’ with Enhanced Protections for Young Users
Instagram to bolster privacy and safety features for millions of teen users
Iranian ambassador reportedly injured in Israeli cyber-attack targeting Lebanon and Syria
Iranian envoy injured in Beirut cyber attack
Is a $13 million fine enough to resolve AT&T’s data breach?
Israel Will Be Punished - Hezbollah Issues Statement on Cyber Attack in Lebanon
Lebanon: 'We condemn Israeli cyber attack and will submit complaint to UN Security Council'
Lebanon's Foreign Ministry condemns Israeli cyber attack, prepares complaint to UN Security Council
Little girl among martyred in Israeli regime cyber attack
Major Exchange Loses Billions of Shiba Inu (SHIB) to Hackers
Marko Polo cybercrime gang targets cryptocurrency users, influencers with scams
Mass Pager Explosions in Lebanon: Hezbollah Suspects Israeli Cyber Attack
Meta to Train AI Models Using Public U.K. Facebook and Instagram Posts
Misconfigured ServiceNow Knowledge Bases Expose Confidential Information
Most Cyber Leaders Fear AI-Generated Code Will Increase Security Risks
Over 1,000 ServiceNow instances found leaking corporate Knowledge Base (KB) data
Over Half of Breached UK Firms Pay Ransom
Over Half of Hacked UK Firms Pay Ransom
Over half of UK companies hit by ransomware opt to pay
Phishing Attacks Exploit Content Creation Platforms
Phishing Campaigns Surge with New Header Refresh Technique, Targeting Financial and Government Sectors
PKfail Secure Boot bypass remains a significant risk two months later
Port of Seattle blames the Rhysida ransomware group for August cyber attack
Port of Seattle Identifies Hacker Group Behind August Cyberattack
Pro-Ukraine hackers claim attack on agency that certifies digital signatures in Russia
Proof-of-Concept (PoC) exploit for exploited Ivanti Cloud Services Appliance flaw released (CVE-2024-8190)
Providence Schools Facing $1M Ransomware Demand, Says Cyber Threat Monitoring Company
Qilin ransomware attack on Synnovis impacted over 900,000 patients
RansomHub Ransomware Group Leaks Alleged Kawasaki Motors Stolen Data
RansomHub releases 487GB of data allegedly stolen from Kawasaki
Ransomware gangs now abuse Microsoft Azure tool for data theft
Ransomware whistleblower: Columbus could have avoided its mistakes
Recent WhatsUp Gold Vulnerabilities Possibly Exploited in Ransomware Attacks
Rhysida ransomware gang demands US$5.8m ransom for Seattle-Tacoma data
Rhysida ransomware gang ships off Port of Seattle data for $6M
Scam victims in Singapore lose SGD 28,000 in OneMotoring e-mail phishing; police issue alert
Seattle Port and Airport Cyberattack Takes Ransomware to Another Level
Seattle-Tacoma International Airport taunted by Rhysida ransomware gang over 100 bitcoin
Sibanye-Stillwater Mining Company Confirms Data Breach Exposing Information of 7,258 Employees
Singapore: At least $28k lost through phishing scam involving fake OneMotoring website
Singapore: Police warn of phishing scams impersonating OneMotoring site
Singapore: Victims lose $28K due to phishing scams impersonating OneMotoring
SolarWinds Issues Patch for Critical ARM Vulnerability Enabling RCE Attacks
Sophos report reveals education sector's ransomware battle
T-Mobile virtual machine logs allegedly exposed in Capgemini data breach
Temu Allegedly Breached 87M Records for Sale on Dark Web
Temu denies breach after hacker claims theft of 87 million data records
Temu refutes data breach allegations by unknown threat actor trying to profit
The cybersecurity workforce of the future requires diverse hiring practices
The growing danger of visual hacking and how to protect against it
The Maids International reports a data breach affecting sensitive consumer information
Thousands of Hezbollah Fighters, Iranian Ambassador Injured by Exploding Pagers Across Lebanon
Threat Actor Offers Access to US Cosmetics Company for $12K
U.S. Treasury Sanctions Executives Linked to Intellexa Predator Spyware Operation
UK Data Regulator Cracks Down on Sky Betting and Gaming’s Unlawful Cookie Practices
UK Organisations Tout Government Help in Ransomware Incidents
US Department of Justice (USDOJ) Charges Chinese AVIC Engineer With Phishing To Hack NASA, FAA & US Military
US Looks to Align Security Across Government
US Ramps Up Sanctions on Spyware-Maker Intellexa
Widespread phishing exfiltrates credentials via HTTP header abuse
16th September
23andMe Agrees to $30m Data Breach Settlement
23andMe agrees to $30 million settlement over data breach that affected 6.9 million users
23andMe agrees to pay $30M to settle lawsuit over 2023 data breach
23andMe is ready to pay $30 million to settle a data breach lawsuit in 2023
23andMe set to pay millions to settle data breach lawsuit
23andMe Settles $30 Million in 2023 Data Breach Lawsuit Impacting 6.4 Million Customers
23andMe Settles Data Breach Lawsuit for $30 Million
23andMe settles data breach lawsuit for US$30 million
23andMe Settles Data Breach Lawsuit for $30 Million Amid Ongoing Cybersecurity Concerns
23andMe to Pay $30 Million Following Major Data Breach Impacting 6.4 Million Users
23andMe to Settle Data Breach Lawsuit with $30 Million Payout
23andMe Will Pay $30 Million To Settle Lawsuit Over 2023 Data Breach
$30 Million Compensation for 23andMe Data Breach Victims
86% of organizations allow data compliance exemptions in non-production
A Threat Actor Claims to Breach of SAP Database, 2,600 Employees Information Exposed
A Threat Actor Claims VPN Access to a Major Spanish University Network
A Wake-Up Call for AI Safety: ChatGPT’s Vulnerability Exposed
Advanced Phishing Attacks Put X Accounts at Risk
Apple Drops Spyware Case Against NSO Group, Citing Risk of Threat Intelligence Exposure
Apple Seeks to Drop Its Lawsuit Against Spyware Maker NSO
Apple to Drop Spyware Lawsuit Over Security Concerns
Australia Faces Surge in Data Breaches to Highest Level in 3.5 Years
Australian government one of leading victims of data breaches, report finds
Australian Law Firms Failing to Protect Against Cyber Threats, Report Reveals
Azure API Management Vulnerability Let Users Escalate Privileges
Bad actors already have your data, but there’s something you can do about it
Bank Rakyat assures its system remains secure after attempted data breach on September 3rd
Brunswick Hospital Center attack claimed by 3AM ransomware gang
Cameroon's pension fund refutes cyber-attack claims
Caterpillar Inc. Allegedly Breached 80GB of Sensitive Data Exposed
CBI-FBI Join Hands to Bust Global Cybercrime Network, 57 Gold Bars Seized
China suspected of hacking diplomatic body for Pacific islands region
Circle Under Fire for Not Blacklisting North Korean Hacker-Linked Funds
CISA warns of Windows flaw used in infostealer malware attacks
‘Clipper’ malware is being used to steal crypto, Binance warns
Crypto Broker DeltaPrime Drained of Over $6M Amid Apparent Private Key Leak
Cyberattacks against manufacturing sector increased 105% in H1 of 2024
Cybercriminals Exploit HTTP Headers for Credential Theft via Large-Scale Phishing Attacks
Cybercriminals exploit popular content creation platforms for phishing attacks
D-Link fixes critical RCE, hardcoded password flaws in WiFi 6 routers
Data on nearly 1 million NHS patients leaked online following ransomware attack on London hospitals
Delta Prime DeFi hacker exploited token minting bug, managed to drain $6M
DeltaPrime Suffers $5.98M Loss as Hacker Exploits Admin Key on Arbitrum
Don Laughlin’s Riverside Resort Casino data breach affects over 55,000 customers
Dubai Municipality Allegedly Breached +60GB Data is For Sale
DuckDuckGo ranks Etherscan phishing websites in top results
Everything old is new again? MCNA Dental allegedly suffers second big data breach of PHI
Exploit code released for critical Ivanti RCE flaw, patch now
Express Services Provides Notice of Data Breach Leaking Consumers’ Social Security Numbers and Financial Information
Feds: US voter registration data breach claims false
Feds sentence 12 crypto thieves behind SIM swaps, home invasions
Fortinet confirms data breach
Forum secretary-general confirms cyber attack against Fiji offices
Genealogy Website to Pay $30 Million Over 2023 Data Breach
German radio station forced to broadcast 'emergency tape' following cyberattack
Google Fixes GCP Composer Flaw That Could've Led to Remote Code Execution
Hacker Claims Breach of UK’s Experience Engine, Data Sold Online
Hacker Group Loses $5 Million in Frozen Stablecoins
Hackers from North Korea use Python test tasks to spread malware
Half of UK Firms Lack Basic Cybersecurity Skills
Hunters International Claims Breach of ICBC London
Internal T-Mobile files and other confidential info allegedly stolen by hacker and put up on a forum
Kawasaki says cyber attack unsuccessful despite RansomHub publication
Konni, the alleged Kimsuky-linked hacker, increases its activity
Massive Data Breach Hits 3.1 Million Medicare Users in MOVEit Cyberattack
Medusa Ransomware Exploiting Fortinet Flaw For Sophisticated Attacks
Meta Goes Ahead With Controversial AI Training in UK
Microsoft confirms second 0-day exploited by Void Banshee APT (CVE-2024-43461)
North Korea's Lazarus Group has $5M frozen in stablecoins
North Korean hacker group using false coding tests to spread malware
North Korean Hackers Target Cryptocurrency Users on LinkedIn with RustDoor Malware
Northern Ireland: Police Ombudsman launches independent investigation over data breach
Office of the Australian Information Commissioner (OAIC) received data breach reports nearly daily in first half of 2024
Office of the Australian Information Commissioner (OAIC) Says Data Breach Notifications at Three-Year Highs
Owner of only US platinum mine confirms data breach after ransomware claims
Pacific Islands Forum's General Secretary Baron Waqa confirms cyber attack on PIF’s office in Fiji
Payment processor’s data breach affects 1.7M consumers
Pennsylvania Launches Online Portal for Data Breach Reporting
Port of Seattle attack attributed to Rhysida ransomware group
Port of Seattle Confirms Ransomware Attack Disrupted Operations, Raises Data Breach Concerns
Port of Seattle confirms recent cyberattack was ransomware assault
Port of Seattle Hit by Rhysida Ransomware in August Attack
Port of Seattle officials pin attack, data theft to Rhysida ransomware group
Port of Seattle says August cyberattack was Rhysida ransomware
RansomHub Ransomware Gang Leaks 487GB of Alleged Kawasaki Europe Data
Ransomware attack on Access Sports impacted over 88,000 patients
Ransomware attacks against educational organisations drop, but victims are paying more
Ransomware group releases screenshots in attempted extortion of Port of Seattle
Ransomware groups weaponise stolen data
Rhysida Hackers Blamed for Ransomware Attack on Seattle Airport
Riverside Resort & Casino Notifies Customers of Data Breach
Security giant Fortinet suffers data breach
Settlement reached in genetic-data-breach class action
Sky Betting and Gaming gets wrist slap for “unlawfully processing people’s data”
T-Mobile’s VM logs allegedly leaked in 20GB Capgemini data breach
The cybersecurity paradigm shift: AI is necessitating the need to fight fire with fire
The Maids International Notifies Consumers of the January 2024 Data Breach
Thousands of Vastaamo leak victims seek higher compensation amid ongoing legal battle
Top 10 ransomware groups to watch
Toyota customer data leak: 240GB of sensitive information exposed by hacker group ZeroSevenGroup
Transport for London says cyber attack resulted in a customer data breach
Transport for London (TfL) cyber attack delays contactless Watford train stations
Transport for London (TfL) directs 30,000 employees to verify identities and reset passwords after data breach
Transport for London (TfL) requires in-person password resets for all staff after cyber attack
Trends and dangers in open-source software dependencies
U.S. Deepens Crackdown on Predator Spyware Maker Intellexa Consortium
U.S. government expands sanctions against spyware maker Intellexa
UK’s privacy watchdog takes credit for rise of ‘consent or pay’
US cracks down on spyware vendor Intellexa with more sanctions
US hits Intellexa spyware maker with more sanctions
US Indicts Chinese National for Phishing for NASA Tech
Walsall teenager arrested over ‘hugely disruptive’ Transport for London (TfL) cyber attack
What Is Phishing-Resistant MFA?
What Is Quishing? A new way scammers are phishing
ZeroSevenGroup Allegedly Breached Israeli Systems, Price of Stolen Data is 200K XMR