Data Breach - Page 6 of 9

Attackers exploit Facebook code that impacts 50 million accounts

Leave a Comment / Cybersecurity Attacks, Data Breach, Data Privacy / By Frank Crast / September 28, 2018 December 28, 2018 / Cyberattack, Data Breach, Facebook

Facebook posted a security update that describes a security issue that occurred on September 25, 2018 that affected nearly 50 million accounts.

MageCart compromises Feedify

Cybercrime, Cybersecurity Attacks, Data Breach, Malware / By Frank Crast / September 15, 2018 February 1, 2020 / British Airways, Cloud, eCommerce, Feedify, Magecart, Ticketmaster

Magecart cyber criminal group has been targeting numerous eCommerce sites since 2015, to include Ticketmaster and British Airways.

British Airways data breach update

Cybercrime, Data Breach, Malware / By Frank Crast / September 11, 2018 February 1, 2020 / ba.com, British Airways, Cyberattack, Data Breach, e-skimming, Magecart, RiskIQ, Skimming

British Airways provided an update to a previously disclosed data breach. The incident occurred between August 21, 2018 and September 5, 2018 on their website, ba.com and mobile app.

Hacker breaks into Reddit systems via SMS-based 2FA

Data Breach, Identity & Access Management, Password Management / By Frank Crast / August 2, 2018 January 12, 2020 / 2FA, 800-63B, Authenticator, Hacker, NIST, Reddit, SMS, token, TOTP

Reddit, a popular social news aggregation and discussion website, suffered from a security breach between June 14 and June 18 of this year. The incident was discovered on June 19 and linked to weaknesses in SMS-based two-factor authentication (2FA).

Single account blamed for Clarksons breach

Leave a Comment / Data Breach, Identity & Access Management, Third-Party Security / By Frank Crast / July 31, 2018 December 29, 2018 / Clarksons, Data Breach, Privacy, UK

Clarkson PLC (“Clarksons”), a British shipping company, recently revealed a single and isolated user account compromise was the cause of a data breach and theft of confidential information last year.

Linux distribution hosted on GitHub was hacked

Leave a Comment / Application Security, Data Breach / By Frank Crast / June 29, 2018 December 30, 2018 / Application, code repository, Gentoo, GitHub, Linux

A popular Linux distribution, Gentoo, said its source code hosted on GitHub was compromised.

Hackers target payment transfer systems of Banco de Chile

Leave a Comment / Cybersecurity Attacks, Data Breach, Malware / By Frank Crast / June 11, 2018 December 30, 2018 / banking, Killdisk, malware, Ransomware

Hackers have targeted Chile’s largest bank, Banco de Chile, in a multi-faceted cyber attack on systems linked to the Society for Worldwide Interbank Financial Telecommunication’s (SWIFT) inter-bank transfer network.

DNA testing service leaks data on 92M customers

Leave a Comment / Data Breach / By Frank Crast / June 6, 2018 December 30, 2018 / Data Breach, DNA, MyHeritage, Privacy

Account data associated with 92 million users of genealogy and DNA testing service MyHeritage were leaked and found on a third party private server.

Google Groups leaks data

Leave a Comment / Data Breach / By Frank Crast / June 5, 2018 December 30, 2018 / Google, Groups, Workspace

Thousands of organizations are leaking sensitive email according to researchers from Kenna Security. The root cause is a widespread misconfiguration of Google Groups, a web forum used as part of Google’s G Suite of workspace tools.

Internet exposed Redis servers

Leave a Comment / Data Breach, Server Security / By Frank Crast / June 1, 2018 December 30, 2018 / Internet, Open Source, Redis, server

Does your organization have any Redis servers exposed to the internet? If so, you should disconnect them from the public and ensure Redis services are exposed to only “trusted” environments such as your internal company network.