Data Breach - Page 2 of 9

T-Mobile security incident exposed customer phone numbers and call records

Data Breach, Data Privacy / By Frank Crast / January 2, 2021 January 2, 2021 / CPNI, Data Breach, phone, Privacy, T-Mobile

T-Mobile has disclosed a security incident that customer phone numbers and certain account information were breached.

DHS issues new emergency guidance on SolarWinds Orion Code compromise

Cybersecurity Articles, Cybersecurity Attacks, Data Breach, Security Updates & Patches, Third-Party Security / By Frank Crast / December 30, 2020 December 30, 2020 / CISA, CVE-2020-10148, DHS, malware, SolarWinds, Sunburst, Supernova, Zero-day

The Department of Homeland Security (DHS) has issued new emergency guidance on the SolarWinds Orion Code compromise and supply chain vulnerability.

Whirlpool victim of Nefilim ransomware attack

Cybersecurity Attacks, Data Breach, Malware / By Frank Crast / December 28, 2020 December 28, 2020 / Cyberattack, Cybercrime, cybercriminal, KitchenAid, malware, Maytag, Nefilim, Ransomware, Whirlpool

Home appliance maker Whirlpool has fallen victim to a Nefilim ransomware attack.

DHS warns businesses of risks using Chinese tech and data services

Cybersecurity Articles, Data Breach, Data Privacy, Insider Threats, Regulations & Laws, Security Monitoring, Third-Party Security / By Frank Crast / December 24, 2020 December 24, 2020 / Data Security, DHS, DOJ, EO 13913, EO 13942, EO 13943, Executive Order, Harvard, Huawei, NIST, PLA, PRC, USTR, WTO, ZTE

The United States Department of Homeland Security (DHS) has published a new advisory warning businesses of the risks using tech and data services linked to the People’s Republic of China (PRC).

CISA: Threat actors behind SolarWinds hack pose ‘grave risk’ (updated)

Cloud Security, Configuration Management, Cybersecurity Attacks, Data Breach, Malware, Security Updates & Patches, Third-Party Security, Vulnerabilities & Exploits / By Frank Crast / December 19, 2020 December 19, 2020 / APT, CISA, Cisco, Emergency Directive, Equifax, FireEye, Microsoft, NNSA, NSA, Nuclear, SolarWinds, Sunburst, Supply Chain, Symantec, Teardrop, UNC2452

The Cybersecurity and Infrastructure Security Agency (CISA) has warned the recent compromise by threat actors of SolarWinds poses a ‘grave risk’ to critical infrastructure, government and private sector organizations.

Global active exploits against SolarWinds via Sunburst backdoor

Cybersecurity Attacks, Data Breach, Security Updates & Patches, Third-Party Security, Vulnerabilities & Exploits / By Frank Crast / December 14, 2020 December 18, 2020 / backdoor, malware, Orion, SolarWinds, Sunburst, UNC2452

Cybersecurity experts are warning of major global active exploits against SolarWinds Orion Platform software versions via a Sunburst backdoor and supply chain attack.

FTC releases new video to help keep your small business safe from fraud

Cybersecurity Articles, Cybersecurity Attacks, Data Breach, Data Privacy, Regulations & Laws, Security Monitoring, Small Business Security, Third-Party Security / By Frank Crast / July 14, 2020 July 14, 2020 / Data Breach, FTC, Privacy, Small Business, SMB

The Federal Trade Commission (FTC) has released a new video to help keep your small business safe from fraud. This is another video in a series of videos from the FTC Protecting Small Businesses playlist.

GE third party data breach exposes employee personal data

Data Breach, Third-Party Security / By Frank Crast / March 27, 2020 April 5, 2020 / Canon, Data Breach, GE, General Electric, third party

In a breach notification letter posted online, General Electric (GE) said one of their service providers Canon Business Process Services experienced a data breach last month. The breach exposed certain personal data on past and present GE employees, as well as their beneficiaries.

Walgreens discloses mobile app data breach

Data Breach, Data Privacy / By Frank Crast / March 2, 2020 March 2, 2020 / California, Data Breach, mobile

Walgreens has disclosed that a flaw in the personal secure messaging feature of its mobile app allowed unauthorized access to personal data stored in a Walgreens database. The company also said the issue did not impact financial data and affected a small number of customers.

Hackers target PayPal’s Google Pay integration

Application Security, Data Breach, Vulnerabilities & Exploits / By Frank Crast / February 26, 2020 December 25, 2020 / Google Pay, hackers, payments, PayPal, ZDNet

Hackers discovered a bug in PayPal’s Google Pay integration to perform unauthorized transactions via PayPal accounts.