Data Breach Archives - Page 4 of 18 - Cyber Security Minute

California County Says Personal Information Compromised in Data Breach

Issued by: Security Week

The incident, Tehama County says, was identified on April 9, but the investigation into the matter stretched to August 19, when it was determined that personally identifiable information (PII) was compromised. The investigation revealed that an unauthorized third-party had access to the county’s systems between November 18, 2021, and April 9, 2022, and that files…

Malware & Threats

Keystone Health Data Breach Impacts 235,000 Patients

Issued by: Security Week

In a data breach notification published on its website, Keystone is disclosing a cybersecurity incident identified on August 19 and which has resulted in the disruption of some systems. The healthcare provider says it immediately launched an investigation into the incident, which discovered that certain patient information might have been compromised. “Our investigation found that…

Malware & Threats

Retail Giant Woolworths Discloses Data Breach Impacting 2.2 Million MyDeal Customers

Issued by: Security Week

Woolworths acquired 80% of the MyDeal online marketplace in September, but says MyDeal systems are completely separate from its own systems, which have not been impacted by the incident. According to the company, a threat actor leveraged a user’s compromised credentials to access the MyDeal customer relationship management (CRM) system. This gave the attacker access…

Vulnerabilities

Personal Information of 123K Individuals Exposed in City of Tucson Data Breach

Issued by: Security Week

The incident was identified at the end of May 2022, but the city concluded its investigation only last month. In a data breach notice on its website, the city says that the incident was the result of compromised network account credentials that allowed the attackers to access files containing the personal information of some individuals….

Malware & Threats

Optus data breach “attacker” says sorry, it was a mistake

Issued by: Malwarebytes

Since Australian telecoms company Optus disclosed a security breach on September 22, 2022, a lot has been happening. Much of it reads like a movie script. Prologue A hacker acting under the pseudonym “optusdata” claims to have stolen the data of 10 million Optus customers. The information included home addresses, drivers’ licenses, Medicare numbers, and…

Malware & Threats

New York Emergency Services Provider Says Patient Data Stolen in Ransomware Attack

Issued by: Security Week

Founded in 1985 and located in Yonkers, the organization provides emergency transportation services, as well as emergency and non-emergency response services to hospitals, private care facilities, and correctional institutions. Empress EMS has more than 200 employees. In a data breach notice posted on its website, Empress EMS reveals that on July 14, 2022, it identified…

Malware & Threats

LastPass Found No Code Injection Attempts Following August Data Breach

Issued by: Security Week

The GoTo-owned company announced on August 25 that unknown intruders had gained access to the LastPass development environment and stole “portions of source code and some proprietary LastPass technical information”. At the time, the company posted a notice online, saying that no user data or master passwords were compromised in the incident, and that its…

Vulnerabilities

Samsung US Says Customer Data Compromised in July Data Breach

Issued by: Security Week

As part of the incident, which was identified roughly a month ago, an unauthorized third party gained access to some of Samsung’s US systems and exfiltrated information stored on them. Although it had determined that the personal information of some of its customers was compromised in the attack, Samsung took nearly a month to disclose…

Malware & Threats

Data Stolen in Breach at Security Company Entrust

Issued by: Security Week

The breach was discovered on June 18 and the firm started notifying customers on July 6. However, the intrusion came to light only on July 21 when security researcher Dominic Alvieri came across a copy of the notification sent by Entrust to customers. Entrust is a Minneapolis, MN-based company that provides security solutions for user…

Malware & Threats

Insecure password leads to Mangatoon data breach

Issued by: Malwarebytes

The hugely popular Manga comics platform Mangatoon has fallen victim to a data breach. No fewer than 23 million user accounts could be at risk, thanks to a poorly secured database. Worse still, Mangatoon doesn’t seem to be responding to messages from the breacher, or people notifying it that the breach has taken place. A…