Attack

Why good email security is essential for every business

Why good email security is essential for every business

Threats to email security are on the rise. Without sufficient strategies, companies open themselves, their clients and customers to the consequences of cyber security incidents such as phishing, data breaches and business email compromise (BEC). They must protect this vulnerable asset without compromising its efficiency in communication. This threat to the internal working of the company can also lead to damage to a company’s brand if not dealt with swiftly and effectively. Even long-time customers may lose faith in an organization if they feel they are unable to trust in its cyber security, especially when their personal data is on…
Read More
SHEIN fined US$1.9mn over data breach affecting 39 million customers

SHEIN fined US$1.9mn over data breach affecting 39 million customers

Zoetop Business Company, the firm which owns fast fashion brands SHEIN and ROMWE, has been fined US$1.9mn by the state of New York after failing to disclose a data breach which affected 39 million customers. The cyber security incident which took place in July 2018 saw a malicious third party gain unauthorized access to SHEIN’s payment systems. According to a statement issued by the state of New York’s Attorney General’s office SHEIN’s payment processor contacted the brand and disclosed that it had been “contacted by a large credit card network and a credit card issuing bank, each of which had…
Read More
Over 1.2 million credit card numbers leaked on hacking forum

Over 1.2 million credit card numbers leaked on hacking forum

BidenCash, a dark web carding marketplace, has released the full details of more than  1.2 million stolen credit card details for free.  The file posted on the site contains information for 1,221,551 credit cards expiring between 2023 and 2026, in addition to other details needed to make online transactions including victim’s names, bank names, social security numbers, email addresses, phone numbers and addresses. The information was also shared on other hacking and carding forums. While the stolen credit cards originate from around the world, the majority are from the US. Carding marketplaces are dark web sites that deal in the…
Read More
IOTW: Capital One hacker given probation following cyber attack

IOTW: Capital One hacker given probation following cyber attack

Paige Thompson, a former Amazon software engineer known by the online handle ‘erratic’ was sentenced to time served and five years’ probation for seven federal crimes. Thompson’s location and personal computer will also be monitored.  The sentencing was related to her hacks into a number of cloud accounts for both individuals and companies, including the bank Capital One. During the hacks, Thompson stole data and computer power. At the trial, she was found guilty of five counts of unauthorized access to a protected computer, damaging a protected computer and wire fraud. US Attorney Nick Brown said in a release that…
Read More
Former CSO of Uber found guilty of covering up data breach

Former CSO of Uber found guilty of covering up data breach

A federal jury has found Joe Sullivan, former CSO of Uber, guilty of covering up a data breach the company suffered in 2016.  The breach saw 57 million user’s information including full names, email addresses, telephone numbers and driver’s license numbers exposed, and led to Uber paying US$148,000 to settle civil litigation. Sullivan was convicted on October 5 of obstruction of proceedings of the Federal Trade Commission (FTC) and misprision of felony in connection with attempting to cover up the hack. In November 2014, Uber suffered a data breach that exposed the personal information of 50,000 customers. As this hack…
Read More
Data breach sees Telstra employees’ details posted online

Data breach sees Telstra employees’ details posted online

Australian telecommunications company Telstra revealed on Tuesday that it had been hit by a data breach that had revealed the details of 30,000 current and former employees. The details included employee’s first and last names and email addresses, and were posted on hacking forum Breached. This forum was also used to leak information obtained in the Optus hack. In a tweet, Telstra confirmed that the data leak “wasn’t a breach of any Telstra system” and that it has notified its employees and authorities first, before notifying former employees, despite “minimal risk” to them. In a statement, a Telstra spokesperson said…
Read More
IOTW: Everything we know about the Optus data breach

IOTW: Everything we know about the Optus data breach

Australian telecommunication company Optus suffered a devastating data breach on September 22 that has led to the details of 11 million customers being accessed. The information accessed includes customers’ names, dates of birth, phone numbers, email addresses, home addresses, driver’s license and/or passport numbers and Medicare ID numbers. Payment detail and account passwords were not compromised in the breach. Optus confirmed that it has now contacted all customers to notify them of the cyber-attack's impact, beginning with those who had been affected by the breach and finishing with those who had not had their data accessed. How did the breach…
Read More
Suspected Grand Theft Auto 6 hacker arrested by UK police

Suspected Grand Theft Auto 6 hacker arrested by UK police

The person responsible for hacking into Rockstar Games, leaking gameplay and clips from the upcoming Grand Theft Auto 6 game, has been potentially identified and arrested by London police. The hacker, known as teapottuberhacker, was also allegedly responsible for an attack into rideshare platform Uber earlier this month, which saw the hacker take control of Uber’s systems and post a graphic image on the company’s internal sites. They are also said to be a member of notorious hacking group, Lapsus$, who have been responsible for data breaches in a number of companies including Microsoft and RobinHood. The City of London…
Read More
IOTW: Hacker allegedly hits both Uber and Rockstar

IOTW: Hacker allegedly hits both Uber and Rockstar

It has been alleged that the hacker who gained unauthorized access to rideshare service Uber’s servers was also responsible for a similar hack into the systems of Rockstar Games, developer of the Grand Theft Auto (GTA) game series. The hack into Rockstar Games was discovered on September 19, 2022 after a user called teapotuberhacker posted on Grand Theft Auto game series fan site GTAForums: “Here are 90 footage/clips from GTA 6. It’s possible I could leak more data soon, GTA 5 and 6 source code and assets, GTA 6 testing build.” In the post’s comments, the hacker claimed they had…
Read More
Wintermute loses $160 million in hack

Wintermute loses $160 million in hack

Cryptocurrency market maker Wintermute has disclosed that it has lost US$162.5 million in a hack. Founder and CEO Evgeny Gaevoy, made the hack known through a series of tweets, saying that as of September 20 the hack was “ongoing” and that, despite the hack, the company was “solvent with twice over that equity left”. He reassured customers that their funds were safe and that the company may be disrupted for a couple of days but will “get back to normal after [the breach]”. Gaevoy also appealed to the hacker in his tweets, saying: “We are (still) open to treat this…
Read More