Data Breach - Page 6 of 9

British Airways data breach update

Cybercrime, Data Breach, Malware / By Frank Crast / September 11, 2018 February 1, 2020

British Airways provided an update to a previously disclosed data breach. The incident occurred between August 21, 2018 and September 5, 2018 on their website, ba.com and mobile app.

Hacker breaks into Reddit systems via SMS-based 2FA

Data Breach, Identity & Access Management, Password Management / By Frank Crast / August 2, 2018 January 12, 2020

Reddit, a popular social news aggregation and discussion website, suffered from a security breach between June 14 and June 18 of this year. The incident was discovered on June 19 and linked to weaknesses in SMS-based two-factor authentication (2FA).

Single account blamed for Clarksons breach

Leave a Comment / Data Breach, Identity & Access Management, Third-Party Security / By Frank Crast / July 31, 2018 December 29, 2018

Clarkson PLC (“Clarksons”), a British shipping company, recently revealed a single and isolated user account compromise was the cause of a data breach and theft of confidential information last year.

Linux distribution hosted on GitHub was hacked

Leave a Comment / Application Security, Data Breach / By Frank Crast / June 29, 2018 December 30, 2018

A popular Linux distribution, Gentoo, said its source code hosted on GitHub was compromised.

Hackers target payment transfer systems of Banco de Chile

Leave a Comment / Cybersecurity Attacks, Data Breach, Malware / By Frank Crast / June 11, 2018 December 30, 2018

Hackers have targeted Chile’s largest bank, Banco de Chile, in a multi-faceted cyber attack on systems linked to the Society for Worldwide Interbank Financial Telecommunication’s (SWIFT) inter-bank transfer network.

DNA testing service leaks data on 92M customers

Leave a Comment / Data Breach / By Frank Crast / June 6, 2018 December 30, 2018

Account data associated with 92 million users of genealogy and DNA testing service MyHeritage were leaked and found on a third party private server.

Google Groups leaks data

Leave a Comment / Data Breach / By Frank Crast / June 5, 2018 December 30, 2018

Thousands of organizations are leaking sensitive email according to researchers from Kenna Security. The root cause is a widespread misconfiguration of Google Groups, a web forum used as part of Google’s G Suite of workspace tools.

Internet exposed Redis servers

Leave a Comment / Data Breach, Server Security / By Frank Crast / June 1, 2018 December 30, 2018

Does your organization have any Redis servers exposed to the internet? If so, you should disconnect them from the public and ensure Redis services are exposed to only “trusted” environments such as your internal company network.

Two Canadian banks hacked, say cyber crooks

Leave a Comment / Data Breach / By Frank Crast / May 29, 2018 December 30, 2018

Two Canadian banks released statements on Monday that cyber criminals may have stolen data of nearly 90,000 customers from Bank of Montreal and Canadian Imperial Bank of Commerce.

Twitter urges users to reset passwords

Leave a Comment / Data Breach, Password Management / By Frank Crast / May 4, 2018 December 30, 2018

Twitter urged users on Thursday to reset their passwords after the company discovered a critical flaw in how passwords were stored unmasked in internal logs.