TechRadar reports: Security and compliance automation company Vanta has confirmed sharing sensitive customer data with other customers by mistake. In a statement (via TechCrunch), the company said a change it had made in the code resulted in a security breach. In it, some sensitive data from a small subset of customers was shared with other customers. […]
Personal information on more than 364,000 people may have been compromised as part of a third-party hack. Fast Company reports: Data analytics firm LexisNexis Risk Solutions said it suffered a data breach that could have affected the names, Social Security numbers, driver’s license numbers, and contact information of more than 364,000 people. The company said […]
Tata Consultancy Services is conducting an internal investigation to determine whether it was the gateway for the cyber-attack on Marks & Spencer. The BBC reports: Tata Consultancy Services (TCS) has provided services to M&S for more than a decade. Earlier this week, M&S said the hackers who had brought huge disruption to the retailer had […]
Tiffany and Dior data breaches raise security questions for parent company LVMH Tiffany & Co. has confirmed a data breach affecting customers in South Korea, marking the second such incident involving an LVMH Moët Hennessy Louis Vuitton brand after a similar case at Dior. The Chosun reports that on May 26, Tiffany Korea notified select […]
GovInfoSecurity reports: A slew of Western cybersecurity agencies warned Wednesday that Russian intelligence is targeting logistics and technology companies in a prolonged hacking campaign that includes an emphasis on internet-connected cameras situated along border crossings and military installations. The advisory includes indicators of compromise typical of an attack by Unit 26165 of the Russian Main Intelligence Directorate. […]
Insurance Journal reports an insider data breach that will leave many people wondering exactly what a government contractor did in terms of background checks on its employees. In this case, the two allegedly rogue employees at Opexus (formerly known as AINS) were twin brothers who were previously convicted and served time for hacking crimes: A […]
The U.S. Attorney’s Office for the District of Massachusetts announced yesterday that Matthew D. Lane, 19, a student at Assumption University in Worcester, Mass., was charged and has agreed to plead guilty in connection with hacking into the computer networks of two U.S.-based companies and extorting the companies for ransoms. The two companies were not named in the Information […]
The Register reports: A ransomware attack at a Middle Eastern business partner of payroll company ADP has led to customer data theft at Broadcom, The Register has learned. It’s understood Broadcom’s HR department has begun the process of informing current and former staff who are affected by the September ransomware attack at Business Systems House (BSH). Broadcom […]
Footnotes in CrowdStrike’s forensics report offer troubling details of Deloitte’s handling of incident logs. Rhode Island Current reports that the attack on RIBridges triggered hundreds of firewall alerts during the five months that attackers were in the network and were transferring gigabytes of data. But the state’s vendor, Deloitte, did not know the system had […]
A press release from the Department of Justice
