Tuesday, September 16, 2025
Latest:

Computer Security Articles

RSS Reader for Computer Security Articles

data breaches

IndependentKrebs
admin

Poor Passwords Tattle on AI Hiring Bot Maker Paradox.ai

Credit to Author: BrianKrebs| Date: Fri, 18 Jul 2025 01:23:20 +0000

Security researchers recently revealed that the personal information of millions of people who applied for jobs at McDonald’s was exposed after they guessed the password (“123456”) for the fast food chain’s account at Paradox.ai, a company that makes artificial intelligence based hiring chatbots used by many Fortune 500 companies. Paradox.ai said the security oversight was an isolated incident that did not affect its other customers, but recent security breaches involving its employees in Vietnam tell a more nuanced story.

Read More
IndependentKrebs
admin

DOGE Denizen Marko Elez Leaked API Key for xAI

Credit to Author: BrianKrebs| Date: Tue, 15 Jul 2025 01:23:43 +0000

Marko Elez, a 25-year-old employee at Elon Musk’s Department of Government Efficiency (DOGE), has been granted access to sensitive databases at the U.S. Social Security Administration, the Treasury and Justice departments, and the Department of Homeland Security. So it should fill all Americans with a deep sense of confidence to learn that Mr. Elez over the weekend inadvertently published a private key that allowed anyone to interact directly with more than four dozen large language models (LLMs) developed by Musk’s artificial intelligence company xAI.

Read More
IndependentKrebs
admin

Breachforums Boss to Pay $700k in Healthcare Breach

Credit to Author: BrianKrebs| Date: Thu, 15 May 2025 19:56:51 +0000

In what experts are calling a novel legal outcome, the 22-year-old former administrator of the cybercrime community Breachforums will forfeit nearly $700,000 to settle a civil lawsuit from a health insurance company whose customer data was posted for sale on the forum in 2023. Conor Brian Fitzpatrick, a.k.a. “Pompompurin,” is slated for resentencing next month after pleading guilty to access device fraud and possession of child sexual abuse material (CSAM).

Read More
IndependentKrebs
admin

Fintech Giant Finastra Investigating Data Breach

Credit to Author: BrianKrebs| Date: Wed, 20 Nov 2024 01:12:15 +0000

The financial technology firm Finastra is investigating the alleged large-scale theft of information from its internal file transfer platform, KrebsOnSecurity has learned. Finastra, which provides software and services to 45 of the world’s top 50 banks, notified customers of a potential breach after a cybercriminal began selling more than 400 gigabytes of data purportedly stolen from the company. 

Read More
IndependentKrebs
admin

An Interview With the Target & Home Depot Hacker

Credit to Author: BrianKrebs| Date: Fri, 15 Nov 2024 04:45:32 +0000

In December 2023, KrebsOnSecurity revealed the real-life identity of Rescator, the nickname used by a Russian cybercriminal who sold more than 100 million payment cards stolen from Target and Home Depot between 2013 and 2014. Moscow resident Mikhail Shefel, who confirmed using the Rescator identity in a recent interview, also admitted reaching out because he is broke and seeking publicity for several new money making schemes.

Read More
IndependentKrebs
admin

Brazil Arrests ‘USDoD,’ Hacker in FBI Infragard Breach

Credit to Author: BrianKrebs| Date: Fri, 18 Oct 2024 12:33:51 +0000

Brazilian authorities reportedly have arrested a 33-year-old man on suspicion of being “USDoD,” a prolific cybercriminal who rose to infamy in 2022 after infiltrating the FBI’s InfraGard program and leaking contact information for 80,000 members. More recently, USDoD was behind a breach at the consumer data broker National Public Data that led to the leak of Social Security numbers and other personal information for a significant portion of the U.S. population.

Read More