Data Breaches
#
State Street Reports Data Breach to Massachusetts Attorney General
On February 5, 2024, financial services company State Street filed a notice of data breach with the Attorney General of Massachusetts after discovering unauthorized access to confidential information held by the company. The breach exposed sensitive information of consumers, including names, Social Security numbers, financial account details, and driver’s license numbers.
State Street initiated an...
Bank of America Notifies Texas Attorney General of Data Breach
Bank of America, N.A. recently filed a notice of data breach with the Attorney General of Texas after discovering unauthorized access to confidential information through a third-party data breach at Infosys McCamish Systems LLC ("IMS"). The breach exposed sensitive information of consumers, including names, Social Security numbers, financial account details, addresses, and dates of...
Exposed Database from My WinStar App Raises Privacy Concerns
A security lapse in a logging database associated with the My WinStar app, developed by Nevada startup Dexiga for the casino resort giant WinStar, has raised concerns over customer privacy. The database, left unprotected on the internet without a password, contained personal information of WinStar customers, including full names, phone numbers, email addresses, and...
Hackers Leak Partial Facebook Marketplace Database, Exposing User Information
In a recent development, the notorious threat actor known as IntelBroker has claimed responsibility for leaking a partial database of the Facebook Marketplace. The breach, reportedly conducted by another cybercriminal under the alias “algoatson,” occurred in October 2023 but was only made public on Sunday, February 11, 2024.
According to IntelBroker's disclosure on Breach Forums,...
Prominent Indian Gaming Platforms Face Potential Data Breach; Cybercriminal ‘roshtosh’ Claims Responsibility
Concerns arise as two prominent online gaming platforms in India, Teenpatti.com and Mpl.live, are potentially facing a data breach. The threat was disclosed on January 22, 2024, following the activities of a cybercriminal known as 'roshtosh' on January 20, 2024, who claims to have stolen data from these platforms.
The alleged breach, impacting both platforms...
LoanDepot Reports Massive Data Breach, 16.6 Million Consumers’ Information Compromised
In a recent development, LoanDepot, a prominent retail mortgage lender based in Foothill Ranch, California, filed a notice of a data breach with the Securities and Exchange Commission on January 22, 2024. The company revealed that a cyberattack had occurred, allowing unauthorized access to its IT network.
Following a thorough investigation, LoanDepot commenced the notification...
Major Data Breach Hits Mortgage Giant Mr. Cooper, Exposing Personal Details of 15 Million Customers
In a recent revelation, Mr. Cooper, the mortgage and mortgage servicing company formerly known as Nationstar, disclosed a significant data breach compromising the personal information of every current and former customer, impacting nearly 15 million individuals nationwide, including those in Arizona.
The company, which identified the breach on October 31 of last year, stated in...
Data Breach Exposes Health Records at 40 Nursing Facilities
A data breach during the summer has potentially given hackers access to health records and personal information of both residents and staff at 40 nursing homes, according to HMG Healthcare, the healthcare services provider whose servers were compromised. The breach was first identified in November, and the incident was traced back to August.
While the...
HMSA Member Data Possibly Compromised in Vendor Partner’s Cyber Attack
Hawaii Medical Service Administration (HMSA) members' data may have been compromised following a cyber attack on their health management service vendor, Navvis. In early September 2023, Navvis announced a data privacy event that led to the compromise of personal and protected health information for both former and current HMSA employees.
Upon discovering the incident, Navvis...
Alleged Trello Data Breach Raises Concerns: 15 Million User Records on Sale
A potential Trello data breach has come to light as a threat actor claims to have 15,115,516 unique lines of Trello user data for sale. The compromised information includes emails, usernames, full names, and other account details, posing significant concerns given the sensitive nature of the information.
Trello, widely used for visual project management, has...
Raptor Technologies Data Leak Exposes 4 Million Records, Including Sensitive School Safety Details
School security software provider Raptor Technologies faced a major data breach, exposing approximately 4 million records, including sensitive school safety information and personal details of students, parents, and staff. The breach was discovered by cybersecurity researcher Jeremiah Fowler, who found that the files were stored in a database without any password protection.
Raptor Technologies, serving...
High Court Action Launched as Over 5,000 Individuals Sue Capita for 2023 Data Breaches
More than 5,000 individuals impacted by data breaches stemming from two separate cyber incidents targeting outsourcing firm Capita in 2023 have initiated legal proceedings in a group action lawsuit at the High Court of England and Wales. The lawsuit is led by Manchester-based Barings Law, which claims to represent the growing number of affected...
Ulsan HD FC Faces Alleged Data Breach: Full Database Reportedly for Sale
Ulsan HD FC, a prominent South Korean professional football club competing in the K League 1, is currently under scrutiny following claims of a data breach. The threat actor, identified as 'Donald Bucks,' posted a message on January 14, 2024, asserting the Ulsan HD FC data breach and offering the club's full database for...
Innefu Labs Faces Severe Data Breach, PreciousMadness Claims Responsibility
In a recent turn of events, Innefu Labs, a prominent Indian cybersecurity firm renowned for its AI and data analytics solutions, has reportedly fallen victim to a sophisticated cyberattack. The breach, revealed by a threat actor named 'PreciousMadness' on the RAMP forum, has raised concerns within the cybersecurity community.
The breach, disclosed on January 10,...
Inspiring Vacations Faces Significant Data Breach Exposing Personal Details of Thousands
Melbourne-based travel company, Inspiring Vacations, has fallen victim to a major data breach, compromising the personal information of thousands of individuals. The breach, involving an unsecured 26.8GB database containing over 112,000 records, exposed passport and travel details. The severity of the incident was revealed by cybersecurity expert Jeremiah Fowler.
In the wake of the breach,...