“This database contained a significant volume of chat history, backend data and sensitive information, including log streams, API Secrets, and operational details.” It appears that DeepSeek — the same AI platform that sent tech stocks crashing because it might be better and was definitely cheaper than U.S. AI platforms — could not get basic security […]
TechCrunch reports that the engineering giant and government contractor was impacted significantly for six weeks following a ransomware attack in November: U.S. engineering firm ENGlobal has confirmed that hackers accessed “sensitive personal information” from its systems during a November 2024 cyberattack. ENGlobal, which provides engineering and automation services to the federal government and critical infrastructure organizations, […]
HackRead reports that Hewlett Packard Enterprise (HPE) has been hacked for a second time by the threat actor known as IntelBroker: IntelBroker, a notorious hacker linked to prior high-profile cyberattacks, has announced an alleged new data breach of Hewlett-Packard Enterprise (HPE). The hacker claims to have accessed and cloned new data from HPE’s repositories. Although […]
From Aoki Holdings in Japan, this updated statement of January 28, 2025: Additional information can be found at Aoki Holdings (.pdf). Those responsible for the attack have not been publicly identified or claimed responsibility for the attack. Aoki’s statement does not indicate whether they received an extortion demand or not.
The Wall Street Journal reports that an end is in sight to a consolidated federal class-action lawsuit against MGM Resorts International stemming from data breaches in 2019 and 2023. A federal court has given preliminary approval to a $45 million settlement. Hackers broke into the resort operator’s systems twice, according to the suit filed in the […]
NPR reports that a U.S. Justice Department investigation of a global hacking campaign that targeted prominent American climate activists took a turn in court this week due to an allegation that the hacking was ordered by a lobbying firm working for ExxonMobil. The hacking was allegedly commissioned by a Washington, D.C., lobbying firm, according to a lawyer representing […]
Bleeping Computer reports: UK telecommunications company TalkTalk is investigating a third-party supplier data breach after a threat actor began selling alleged customer data on a hacking forum. “As part of our regular security monitoring, given our ongoing focus on protecting customers’ personal data, we were made aware of unexpected access to, and misuse of, one […]
The Minnesota Star Tribune reports: UnitedHealth Group says the impact from the cyberattack last year at its Change Healthcare subsidiary is much wider than previously understood, affecting roughly 190 million patients — up from previous estimates of about 100 million people. The updated tally extends the scope beyond what was previously described by company Chief Executive Andrew […]
On December 28, PowerSchool discovered that its Student Information System (SIS) program had been compromised. Since then, more and more schools in the U.S. and Canada have been notifying parents and students that student information stored in the system — including a lot of historical data on former students — was involved in the breach. […]
PayPal’s Cybersecurity Failures Led to the Exposure of Customers’ Social Security Numbers January 23, 2025 New York State Department of Financial Services Superintendent Adrienne A. Harris today announced that PayPal, Inc. (PayPal) will pay a $2 million penalty to New York State for violations of DFS’s Cybersecurity Regulation. An investigation determined PayPal failed to use qualified […]
