records
-
Blog
Breach at B2B data broker DemandScience exposes over 100 million records
Over 100 million leaked records of business contact information listed on the dark web linked to B2B data aggregator DemandScience might have been stolen from a third party, the company has told ITPro. Formerly known as Pure Incubation, DemandScience is an AI-powered B2B demand generation company that helps organizations find potential customers for upcoming campaigns. The firm scrapes the public…
Read More » -
Blog
Misconfigurations in Microsoft Power Pages could expose millions of sensitive records
A data exposure issue stemming from misconfigured access controls in Microsoft Power Pages has left several millions of records exposed to unauthorized users, new research reveals. Aaron Costello, chief of SaaS security and research at AppOmni, detailed how Microsoft’s website building platform could be granting anonymous users permissions to access sensitive PII. In September 2024, Costello said he uncovered “significant…
Read More » -
Blog
1.1 Million UK NHS Employee Records Exposed
Over a million NHS employee records — including email addresses, phone numbers, and home addresses — were exposed online due to a misconfiguration of the low-code website builder Microsoft Power Pages. In September, researchers with the software-as-a-service security platform AppOmni identified a large shared business service provider for the NHS that was allowing unauthorised access to sensitive data through insecure…
Read More » -
Blog
National Public Data breach: Lawsuit claims failed to protect billions of personal records
A proposed class action lawsuit has alleged that nearly three billion records were stolen during a cyber attack targeting background checking service, National Public Data, in April. Jerico Pictures, which operates National Public Data (NPD), is a background-checking service which scrapes personally identifiable information (PII) of individuals from non-public sources. On 8 April, the threat actor USDoD listed National Public…
Read More » -
Blog
FBCS debt collector data breach of 5 million+ records caused by ransomware attack, Comcast says
Financial Business and Consumer Solutions was the victim of a ransomware attack that compromised the personal data of more than 5 million people, according to a data breach notice sent to Comcast customers this week. FBCS previously labelled the attack as a general data breach and notified 1.9 million people in April 2024. The breach also affected customers of two…
Read More » -
Blog
Ransomware gang claims it breached Canada’s Park’N Fly airport shuttle service, 1 million records compromised
Ransomware group Ransomhub today claimed responsibility for a data breach at Park’N Fly, the parking and shuttle service for several Canadian airports. Park’N Fly on August 27, 2024 notified customers of a July data breach that compromised 1 million customers’ contact information, Aeroplan, and CAA number. The company says no financial or payment card information was accessed by attackers. The…
Read More » -
Blog
Hackers leak 2.7 billion data records with Social Security numbers
Almost 2.7 billion records of personal information for people in the United States were leaked on a hacking forum, exposing names, social security numbers, all known physical addresses, and possible aliases. The data allegedly comes from National Public Data, a company that collects and sells access to personal data for use in background checks, to obtain criminal records, and for private investigators. National…
Read More »