Leaked Customer Data, Just Like Sister Firms Jared, Kay Jewelers Did in 2018

Credit to Author: BrianKrebs| Date: Thu, 28 Oct 2021 18:54:30 +0000

In December 2018, bling vendor Signet Jewelers fixed a weakness in their Kay Jewelers and Jared websites that exposed the order information for all of their online customers. This week, Signet subsidiary updated its website to remediate a nearly identical customer data exposure.

Read more

T-Mobile: Breach Exposed SSN/DOB of 40M+ People

Credit to Author: BrianKrebs| Date: Wed, 18 Aug 2021 16:24:33 +0000

T-Mobile warned Monday that a data breach has exposed the names, date of birth, Social Security number and driver’s license/ID information of more than 40 million current, former or prospective customers. The acknowledgment came less than 48 hours after millions of the stolen T-Mobile customer records went up for sale in the cybercrime underground.

Read more

T-Mobile Investigating Claims of Massive Data Breach

Credit to Author: BrianKrebs| Date: Mon, 16 Aug 2021 23:53:37 +0000

Communications giant T-Mobile said today it is investigating the extent of a data breach that hackers claim has exposed sensitive personal data on 100 million T-Mobile USA customers, in many cases including the name, Social Security number, address, date of birth, phone number, security PINs and details that uniquely identify each customer’s mobile device.

Read more

Kaseya Left Customer Portal Vulnerable to 2015 Flaw in its Own Software

Credit to Author: BrianKrebs| Date: Thu, 08 Jul 2021 15:22:58 +0000

Last week cybercriminals deployed ransomware to 1,500 organizations that provide IT security and technical support to many other companies. The attackers exploited a vulnerability in software from Kaseya, a Miami-based company whose products help system administrators manage large networks remotely. Now it appears Kaseya’s customer service portal was left vulnerable until last week to a data-leaking security flaw that was first identified in the same software six years ago.

Read more

Alleviating ransomware’s legal headaches with Jake Bernstein: Lock and Code S02E08

Credit to Author: Malwarebytes Labs| Date: Mon, 10 May 2021 14:15:58 +0000

This week on Lock and Code, we speak to cybersecurity and privacy attorney Jake Bernstein about ransomware attacks that can cause legal peril.

Categories: Podcast


(Read more…)

The post Alleviating ransomware’s legal headaches with Jake Bernstein: Lock and Code S02E08 appeared first on Malwarebytes Labs.

Read more

ParkMobile Breach Exposes License Plate Data, Mobile Numbers of 21M Users

Credit to Author: BrianKrebs| Date: Mon, 12 Apr 2021 22:18:59 +0000

Someone is selling account information for 21 million customers of ParkMobile, a mobile parking app that’s popular in North America. The stolen data includes customer email addresses, phone numbers, license plate numbers, hashed passwords and mailing addresses.

Read more

Are You One of the 533M People Who Got Facebooked?

Credit to Author: BrianKrebs| Date: Tue, 06 Apr 2021 18:55:53 +0000

Ne’er-do-wells leaked personal data — including phone numbers — for some 553 million Facebook users this week. Facebook says the data was collected before 2020 when it changed things to prevent such information from being scraped from profiles. To my mind, this just reinforces the need to remove mobile phone numbers from all of your online accounts wherever feasible. Meanwhile, if you’re a Facebook product user and want to learn if your data was leaked, there are easy ways to find out.

Read more

Ubiquiti All But Confirms Breach Response Iniquity

Credit to Author: BrianKrebs| Date: Sun, 04 Apr 2021 19:22:03 +0000

For four days this past week, Internet-of-Things giant Ubiquiti failed to respond to requests for comment on a whistleblower’s allegations that the company had massively downplayed a “catastrophic” two-month breach ending in January to save its stock price, and that Ubiquiti’s insinuation that a third-party was to blame was a fabrication. I was happy to add their eventual public response to the top of Tuesday’s story on the whistleblower’s claims, but their statement deserves a post of its own because it actually confirms and reinforces those claims.

Read more