breached
-
Blog
Chinese hackers breached T-Mobile’s routers to scope out network
T-Mobile says the Chinese “Salt Typhoon” hackers who recently compromised its systems as part of a series of telecom breaches first hacked into some of its routers to explore ways to navigate laterally through the network. However, the company says its engineers blocked the threat actors before they could spread further on the network and access customer information. Also tracked…
Read More » -
Blog
Fried chicken chain Bojangles breached; SSNs and medical info stolen by ransomware gang
Fast-food fried chicken chain Bojangles yesterday confirmed it notified more than 33,000 people of a February 2024 data breach that compromised the following info: Names Social Security numbers Government-issued ID numbers, e.g. driver’s license or passport Financial account numbers Credit and debit card numbers Medical info Health insurance info Based on the info listed above, we can infer the data…
Read More » -
Blog
US says Chinese hackers breached multiple telecom providers
The FBI and the U.S. Cybersecurity & Infrastructure Security Agency (CISA) have disclosed that Chinese hackers breached commercial telecommunication service providers in the United States. The breached entities have been warned, and the agencies are proactively alerting other potential targets of the elevated cyber activity. “The U.S. Government is investigating the unauthorized access to commercial telecommunications infrastructure by actors affiliated…
Read More » -
Blog
Internet Archive breached again through stolen access tokens
The Internet Archive was breached again, this time on their Zendesk email support platform after repeated warnings that threat actors stole exposed GitLab authentication tokens. Since last night, BleepingComputer has received numerous messages from people who received replies to their old Internet Archive removal requests, warning that the organization has been breached as they did not correctly rotate their stolen…
Read More » -
Blog
ESET partner breached to send data wipers to Israeli orgs
Hackers breached ESET’s exclusive partner in Israel to send phishing emails to Israeli businesses that pushed data wipers disguised as antivirus software for destructive attacks. A data wiper is malware that intentionally deletes all of the files on a computer and commonly removes or corrupts the partition table to make it harder to recover the data. In a phishing campaign that…
Read More » -
Blog
Ransomware gang claims it breached Tennessee school district, disrupted internet access
Ransomware gang Rhysida this week claimed responsibility for a cyber attack on Henry County Schools in Tennessee. The group posted samples of what it says are confidential documents stolen from the school district. Rhysida posted a proof pack of documents it claims to have stolen from Henry County Schools. Henry County Schools has not verified Rhysida’s claim. The district posted…
Read More » -
Blog
Massachusetts halfway house client data breached, SSNs and medical info compromised
The North Cottage Program, a Massachusetts addiction treatment center, this week confirmed it notified 6,650 current and former clients of a May 2024 data breach that compromised names, Social Security numbers, addresses, medication info, health insurance info, treatment plans, provider notes, and dates of birth. The notice (PDF) to victims states, “NCP discovered a network security incident involving an unauthorized…
Read More » -
Blog
Ransomware gang claims it breached Canada’s Park’N Fly airport shuttle service, 1 million records compromised
Ransomware group Ransomhub today claimed responsibility for a data breach at Park’N Fly, the parking and shuttle service for several Canadian airports. Park’N Fly on August 27, 2024 notified customers of a July data breach that compromised 1 million customers’ contact information, Aeroplan, and CAA number. The company says no financial or payment card information was accessed by attackers. The…
Read More » -
Blog
RansomHub ransomware breached 210 victims since February
Since surfacing in February 2024, RansomHub ransomware affiliates have breached over 200 victims from a wide range of critical U.S. infrastructure sectors. This relatively new ransomware-as-a-service (RaaS) operation extorts victims in exchange for not leaking stolen files and sells the documents to the highest bidder if negotiations fail. The ransomware group focuses on data-theft-based extortion rather than encrypting victims’ files,…
Read More » -
Blog
Globacap confirms systems & data haven’t been breached following ransomware claim
This morning, ransomware gang APT73 posted capital markets technology firm, Globacap, to its data leak site. It alleges to have stolen 823KB of data and will upload the stolen data on September 2 if the ransom demands aren’t met. In a statement to Comparitech, Globacap confirmed its systems and data hadn’t been breached and that the hackers’ claim was inaccurate.…
Read More »