LATEST POST
Double Trouble: Two Gangs Both Attack and Encrypt the Same Revenue Cycle Management Firm
SuspectFile reports that two well-known ransomware gangs independently attacked and encrypted files from Resource Corporation of America (RCA), a revenue cycle management business associate headquartered in Texas. What happened next is not totally clear because neither the Qilin gang nor the victim provided any details, but SuspectFile reports that the Medusa gang provided some information […]
ShinyHunters claim to be behind SSO-account data theft attacks
BleepingComputer reports: The ShinyHunters extortion gang claims it is behind a wave of ongoing voice phishing attacks targeting single sign-on (SSO) accounts at Okta, Microsoft, and Google, enabling threat actors to breach corporate SaaS platforms and steal company data for extortion. In these attacks, threat actors impersonate IT support and call employees, tricking them into […]
Charlotte man loses more than $1 million in cryptocurrency phone scam
Action 5 News reports a real-life example of a consumer who was scammed into revealing his cryptocurrency wallet seed phrase — with all-too-sad and predictable results: A Charlotte man lost more than $1 million in cryptocurrency after falling victim to a phone scam that began with a caller claiming to be from a legitimate crypto […]
Millions of people imperiled through sign-in links sent by SMS
Ars Technica reports: Websites that authenticate users through links and codes sent in text messages are imperiling the privacy of millions of people, leaving them vulnerable to scams, identity theft, and other crimes, recently published research has found. The links are sent to people seeking a range of services, including those offering insurance quotes, job […]
Future Apple product plans may be at risk following Luxshare hack
Apple Insider reports: Apple supply chain member Luxshare suffered a major data breach in December, and hackers that pilfered the files are now offering it for sale on the dark web. It looks legit. The Apple supply chain is typically a very secure system, and core to the existence of Apple itself. This leads it […]
DOGE improperly shared Social Security data: Filing
The Hill reports: Members of Elon Musk’s Department of Government Efficiency (DOGE) improperly shared Social Security data through a third-party server, according to a recent court filing from the Justice Department. The DOGE team embedded at the Social Security Administration (SSA) used Cloudflare, which was not approved for storing agency data, to share data during a 10-day period in March, the […]
Monroe University data breach affected 321,000
The Minnesota Department of Human Services’ vendor breach was not the only recent breach disclosed that affected more than 300,000 people. Monroe University in New York also disclosed a breach involving a lot of sensitive information. From their January 13 notification letter: We are posting this notice to inform our community of a data security […]
Over 160,000 Companies Notify Regulators of GDPR Breaches
Infosecurity Magazine reports: The number of organizations notifying their GDPR regulator of a data breach surged by 22% to a daily average of 443 in 2025, according to DLA Piper. The global law firm has been analyzing GDPR regulatory activity every year since the data protection regulation came into being in 2018. The past 12 months […]