TracFone will pay $16 million to settle FCC data breach investigation
Prepay wireless provider TracFone has been slapped on the wrist to the tune of $16 million for insufficient customer data protection
Read moredata breaches
Researchers: Weak Security Defaults Enabled Squarespace Domains Hijacks
Credit to Author: BrianKrebs| Date: Mon, 15 Jul 2024 15:24:46 +0000
At least a dozen organizations with domain names at domain registrar Squarespace saw their websites hijacked last week. Squarespace bought all assets of Google Domains a year ago, but many customers still haven’t set up their new accounts. Experts say malicious hackers learned they could commandeer any migrated Squarespace accounts that hadn’t yet been registered, merely by supplying an email address tied to an existing domain.
Read moreCrooks Steal Phone, SMS Records for Nearly All AT&T Customers
Credit to Author: BrianKrebs| Date: Fri, 12 Jul 2024 18:12:20 +0000
AT&T Corp. disclosed today that a new data breach has exposed phone call and text message records for roughly 110 million people — nearly all of its customers. AT&T said it delayed disclosing the incident in response to “national security and public safety concerns,” noting that some of the records included data that could be used to determine where a call was made or text message sent. AT&T also acknowledged the customer records were exposed in a cloud database that was protected only by a username and password (no multi-factor authentication needed).
Read moreHackers Steal Phone, SMS Records for Nearly All AT&T Customers
Credit to Author: BrianKrebs| Date: Fri, 12 Jul 2024 18:12:20 +0000
AT&T Corp. disclosed today that a new data breach has exposed phone call and text message records for roughly 110 million people — nearly all of its customers. AT&T said it delayed disclosing the incident in response to “national security and public safety concerns,” noting that some of the records included data that could be used to determine where a call was made or text message sent. AT&T also acknowledged the customer records were exposed in a cloud database that was protected only by a username and password (no multi-factor authentication needed).
Read moreAlleged Boss of ‘Scattered Spider’ Hacking Group Arrested
Credit to Author: BrianKrebs| Date: Sat, 15 Jun 2024 23:40:20 +0000
A 22-year-old man from the United Kingdom arrested this week in Spain is allegedly the ringleader of Scattered Spider, a cybercrime group suspected of hacking into Twilio, LastPass, DoorDash, Mailchimp, and nearly 130 other organizations over the past two years.
Read moreWho Stole 3.6M Tax Records from South Carolina?
Credit to Author: BrianKrebs| Date: Tue, 16 Apr 2024 11:26:55 +0000
For nearly a dozen years, residents of South Carolina have been kept in the dark by state and federal investigators over who was responsible for hacking into the state’s revenue department in 2012 and stealing tax and bank account information for 3.6 million people. The answer may no longer be a mystery: KrebsOnSecurity found compelling clues suggesting the intrusion was carried out by the same Russian hacking crew that stole of millions of payment card records from big box retailers like Home Depot and Target in the years that followed.
Read moreIntroducing the Digital Footprint Portal
Find out what sensitive data of yours is exposed online today with our new, free Digital Footprint Portal.
Read moreWhy CISA is Warning CISOs About a Breach at Sisense
Credit to Author: BrianKrebs| Date: Thu, 11 Apr 2024 20:48:06 +0000
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) said today it is investigating a breach at business intelligence company Sisense, whose products are designed to allow companies to view the status of multiple third-party online services in a single dashboard. CISA urged all Sisense customers to reset any credentials and secrets that may have been shared with the company, which is the same advice Sisense gave to its customers Wednesday evening.
Read more