Data Breach Archives - Page 3 of 18 - Cyber Security Minute

American Bar Association (ABA) suffered a data breach,1.4 million members impacted

Issued by: Security Affairs

The American Bar Association (ABA) is a voluntary bar association of lawyers and law students; it is not specific to any jurisdiction in the United States. The ABA has 166,000 members as of 2022. The attackers may have gained access to the members’ credentials for a legacy member system that was decommissioned in 2018. The…

News

Millions of AT&T Customers Notified of Data Breach at Third-Party Vendor

Issued by: Security Week

One of the largest carriers in the US, AT&T has roughly 200 million wireless customers, but only a small percentage of the total has been impacted by the incident. “Approximately 9 million wireless accounts had their Customer Proprietary Network Information accessed,” AT&T said in an emailed statement. “We recently determined that an unauthorized person breached…

News

Ransomware Hits US Marshals Service

Issued by: DataBreach Today

Hackers earlier this month maliciously encrypted a system belonging to the U.S. Marshals Service, compromising and exfiltrating sensitive data law enforcement data. Department of Justice officials classify the attack as a “major incident,” said NBC, which broke news of the attack. Exposed data include returns from legal process, administrative information and personal identifiable information pertaining…

Malware & Threats

Two of The Worst Healthcare Data Breaches in US History Happened Last Year

Issued by: Dark Reading

Network Assured shared the results of a recent study on cyberattacks against U.S. healthcare organizations. It looked at the total number of data breaches historically, the number of individuals affected, and the financial cost of each breach. One of the more stark findings of the report was that two of the worst healthcare data breaches…

Malware & Threats

Ireland Set to Notify 20,000 More Health Data Breach Victims

Issued by: DataBreach Today

Ireland’s child and family agency, Tusla, says it is beginning a months-long process to notify 20,000 individuals that their personal information was exposed in the May 2021 ransomware attack against the Health Service Executive. The HSE is Ireland’s publicly funded national healthcare system and social services agency. It formerly provided IT services to Tusla. An…

Malware & Threats

T-Mobile Breached Again, This Time Exposing 37M Customers’ Data

Issued by: Dark Reading

T-Mobile has disclosed a new, enormous breach that occurred in November, which was the result of the compromise of a single application programming interface (API). The result? The exposure of the personal data of more than 37 million prepaid and postpaid customer accounts. For those keeping track, this latest disclosure marks the second sprawling T-Mobile…

Application Security

Norton LifeLock Warns on Password Manager Account Compromises

Issued by: Dark Reading

Norton LifeLock customers have fallen victim to a credential-stuffing attack. Cyberattackers used a third-party list of stolen username and password combinations to attempt to break into Norton accounts, and possibly password managers, the company is warning. Gen Digital, owner of the LifeLock brand, is sending data-breach notifications to customers, noting that it picked up on…

Malware & Threats

Airline company Air France-KLM discloses security breach

Issued by: Security Affairs

Airline company Air France-KLM announced it has suffered a data breach, data belonging to customers of its loyalty program Flying Blue were exposed. The Flying Blue loyalty program is used by other airlines, including Aircalin, Kenya Airways, TAROM, and Transavia. The company did not provide details about the security breach, it is not clear if…

Application Security

Twitter data of “+400 million unique users” up for sale – what to do?

Issued by: Naked Security

Hot on the heels of the LastPass data breach saga, which first came to light in August 2022, comes news of a Twitter breach, apparently based on a Twitter bug that first made headlines back in the same month. According to a screenshot posted by news site Bleeping Computer, a cybercriminal has advertised: I’m selling…

Application Security

LastPass revealed that encrypted password vaults were stolen

Issued by: Security Affairs

In August password management software firm LastPass disclosed a security breach, threat actors had access to portions of the company development environment through a single compromised developer account and stole portions of source code and some proprietary technical information. In response to the incident, the company deployed containment and mitigation measures and implemented additional enhanced…