Tag: data breach

Dollar Tree hit by third-party data breach impacting 2 million people
News

Dollar Tree hit by third-party data breach impacting 2 million people

A third-party data breach that affected 1,977,486 individuals was linked to the discount store chain Dollar Tree following the hack of service provider Zeroed-In Technologies. Discount retailer Dollar Tree runs the Dollar Tree and Family Dollar brands in 23,000 locations across the US and Canada. A security incident occurred between August 7 and August 8, 2023, according to a data breach notification that Dollar Tree's service provider, Zeroed-In, shared with the Maine Attorney General. Threat actors were able to obtain data comprising Dollar Tree and Family Dollar employees' personal information during this cyberattack. Although the inquiry was able to establish that these systems had been accessed, it was unable to verify which precise read more Dollar Tree hit by third-party data...
Samsung hit by new data breach impacting UK store customers
News

Samsung hit by new data breach impacting UK store customers

A data breach that exposed some of Samsung Electronics' customers' personal information to an unauthorized party is being notified to these customers. According to the company, only customers who made purchases from the Samsung UK online store between July 1, 2019, and June 30, 2020 were affected by the cyberattack.Two days ago, on November 13, Samsung became aware of the data breach and ascertained that it was caused by a hacker taking advantage of a weakness in a third-party program the company was using. The security flaw used in the attack and the weak application that gave the attacker access to Samsung customers' personal data have not been made public read more Samsung hit by new data breach impacting UK store customers. Get up to date on the latest cybersecurity news and ...
FTC orders non-bank financial firms to report breaches in 30 days
News

FTC orders non-bank financial firms to report breaches in 30 days

The Safeguards Rules have been modified by the of the United States to require non-banking financial organizations to report data breach events within a 30-day period. These organizations include investment firms, insurance companies, peer-to-peer lenders, payday lenders, car dealers, mortgage brokers, and asset management corporations. In order to tighten compliance requirements and improve data security procedures to safeguard customer information, this requirement supplements the Safeguards Rule. This pertains to security events involving 500 or more customers, particularly when unapproved parties obtain unencrypted (cleartext) data. Samuel Levine, director of the FTC's Bureau for Consumer Protection, said, "Companies that are trusted with sensitive financial read more FTC orders...
D-Link confirms data breach after employee phishing attack
News

D-Link confirms data breach after employee phishing attack

Taiwanese networking equipment maker D-Link has acknowledged a data breach connected to information that was taken earlier this month from its network and sold on BreachForums. The hacker alleges to have taken millions of entries containing private customer and employee data, including information on the CEO of the company, and the source code for D-Link's D-View network management software. Names, emails, addresses, phone numbers, account registration dates, and the users' most recent sign-in times are purportedly among the stolen data. A thread participant noted that the data appeared to be very old after read more D-Link confirms data breach after employee phishing attack. Stay informed with the best cybersecurity news and raise your cybersecurity awareness with our compre...
Third Flagstar Bank data breach since 2021 affects 800,000 customers
News

Third Flagstar Bank data breach since 2021 affects 800,000 customers

A breach at a third-party service provider has led to the theft of personal information from over 800,000 US customers, according to a notice from Flagstar Bank. Before being acquired by the New York Community Bank last year, Michigan-based financial services provider Flagstar was one of the biggest banks in the country with total assets of more than $31 billion. Today, Flagstar is owned by the New York Community Bank. Fiserv, a company that Flagstar utilizes for payment processing and mobile banking services, was indirectly responsible for the data breach, according to a letter emailed to impacted clients read more Third Flagstar Bank data breach since 2021 affects 800000 customers. Stay informed with the best cybersecurity news and raise your cybersecurity awareness with our co...
National Student Clearinghouse data breach impacts 890 schools
News

National Student Clearinghouse data breach impacts 890 schools

890 schools around the country that use National Student Clearinghouse's services have been affected by a data hack, according to the nonprofit educational organization. Attackers got access to Clearinghouse's MOVEit managed file transfer (MFT) server on May 30 and stole files containing a variety of personal information, according to a breach notification letter submitted to the Office of the California Attorney General. The Clearinghouse was warned of a cybersecurity problem with Progress Software's MOVEit Transfer solution on May 31, 2023, according to a statement from the Clearinghouse. We immediately launched an inquiry after becoming aware of the problem, assisted by top cybersecurity authorities read more National Student Clearinghouse data breach impacts 890 schools. S...
Associated Press warns that AP Stylebook data breach led to phishing attack
News

Associated Press warns that AP Stylebook data breach led to phishing attack

The Associated Press has issued a warning regarding a data breach that has affected users of the AP Stylebook. The attackers utilized the stolen information to launch specific phishing attacks. A widely used manual on grammar, punctuation, and writing style for journalists, periodicals, and newsrooms around the world is the AP Stylebook. The Associated Press has issued a warning this week regarding a cyberattack that occurred between July 16 and July 22, 2023 on a defunct third-party-managed AP Stylebook website, resulting in the theft of 224 customers' personal information. Name, email address, street address, city, state, zip code, phone number, and User ID of a client are among the stolen data read more Associated Press warns that AP Stylebook data breach led to phishing attack. ...
Freecycle confirms massive data breach impacting 7 million users
News

Freecycle confirms massive data breach impacting 7 million users

Over 7 million users were impacted by a significant data breach, according to Freecycle, a website that promotes trading used products rather than throwing them away. According to the nonprofit, the breach was detected on Wednesday, weeks after a threat actor posted the stolen data for sale on a hacking site on May 30 and advised anybody affected to change their passwords right away.According to Freecycle, the stolen data only contains usernames, User IDs, email addresses, and passwords that have been MD5 hashed. Deron Beal, the creator and executive director of Freecycle, had his credentials taken in the incident, according to screenshots given by the threat actor who is selling the stolen data. This gave the threat actor complete access to forum postings and member information rea...
University of Sydney data breach impacts recent applicants
News

University of Sydney data breach impacts recent applicants

International applicants who had just applied and been accepted were subject to a breach at a third-party service provider, according to a statement from the University of Sydney (USYD). The public university was founded in 1850, has close to 70,000 students, and employs roughly 8,500 academic and administrative staff. It is regarded as one of the most significant educational institutions in Australia. According to the university's data breach notice, the event had a minor impact and there was no evidence that local students, employees, or alumni were affected. It's unclear whether the attacker chose the time of the attack on purpose or whether it was a chance operation. According to the university, those who will be impacted will be contacted and given the necessary assistance t...
Paramount discloses data breach following security incident
News

Paramount discloses data breach following security incident

After hackers broke into Paramount Global's systems and obtained personally identifiable information (PII), the American entertainment giant made a data breach disclosure. In breach notification letters delivered to impacted parties and signed by Brian Keane, EVP of Nickelodeon Animation Studio, Paramount stated that the attackers gained access to company systems between May and June 2023. "Based on our investigation, the personal information may have included your name, date of birth, Social Security number or other government-issued identification number (such as driver's license number or passport number), and information related to your relationship with Paramount read more Paramount discloses data breach following security incident. Stay informed with the best cybersecurity ...