Data Breaches

On February 5, 2024, financial services company State Street filed a notice of data breach with the Attorney General of Massachusetts after discovering unauthorized access to confidential information held by the company. The breach exposed sensitive information of consumers, including names, Social Security numbers, financial account details, and driver’s license numbers. State Street initiated an...

Bank of America, N.A. recently filed a notice of data breach with the Attorney General of Texas after discovering unauthorized access to confidential information through a third-party data breach at Infosys McCamish Systems LLC ("IMS"). The breach exposed sensitive information of consumers, including names, Social Security numbers, financial account details, addresses, and dates of...

A security lapse in a logging database associated with the My WinStar app, developed by Nevada startup Dexiga for the casino resort giant WinStar, has raised concerns over customer privacy. The database, left unprotected on the internet without a password, contained personal information of WinStar customers, including full names, phone numbers, email addresses, and...

In a recent development, the notorious threat actor known as IntelBroker has claimed responsibility for leaking a partial database of the Facebook Marketplace. The breach, reportedly conducted by another cybercriminal under the alias “algoatson,” occurred in October 2023 but was only made public on Sunday, February 11, 2024. According to IntelBroker's disclosure on Breach Forums,...

Concerns arise as two prominent online gaming platforms in India, Teenpatti.com and Mpl.live, are potentially facing a data breach. The threat was disclosed on January 22, 2024, following the activities of a cybercriminal known as 'roshtosh' on January 20, 2024, who claims to have stolen data from these platforms. The alleged breach, impacting both platforms...

In a recent development, LoanDepot, a prominent retail mortgage lender based in Foothill Ranch, California, filed a notice of a data breach with the Securities and Exchange Commission on January 22, 2024. The company revealed that a cyberattack had occurred, allowing unauthorized access to its IT network. Following a thorough investigation, LoanDepot commenced the notification...

In a recent revelation, Mr. Cooper, the mortgage and mortgage servicing company formerly known as Nationstar, disclosed a significant data breach compromising the personal information of every current and former customer, impacting nearly 15 million individuals nationwide, including those in Arizona. The company, which identified the breach on October 31 of last year, stated in...

A data breach during the summer has potentially given hackers access to health records and personal information of both residents and staff at 40 nursing homes, according to HMG Healthcare, the healthcare services provider whose servers were compromised. The breach was first identified in November, and the incident was traced back to August. While the...

Hawaii Medical Service Administration (HMSA) members' data may have been compromised following a cyber attack on their health management service vendor, Navvis. In early September 2023, Navvis announced a data privacy event that led to the compromise of personal and protected health information for both former and current HMSA employees. Upon discovering the incident, Navvis...

A potential Trello data breach has come to light as a threat actor claims to have 15,115,516 unique lines of Trello user data for sale. The compromised information includes emails, usernames, full names, and other account details, posing significant concerns given the sensitive nature of the information. Trello, widely used for visual project management, has...

School security software provider Raptor Technologies faced a major data breach, exposing approximately 4 million records, including sensitive school safety information and personal details of students, parents, and staff. The breach was discovered by cybersecurity researcher Jeremiah Fowler, who found that the files were stored in a database without any password protection. Raptor Technologies, serving...

More than 5,000 individuals impacted by data breaches stemming from two separate cyber incidents targeting outsourcing firm Capita in 2023 have initiated legal proceedings in a group action lawsuit at the High Court of England and Wales. The lawsuit is led by Manchester-based Barings Law, which claims to represent the growing number of affected...

Ulsan HD FC, a prominent South Korean professional football club competing in the K League 1, is currently under scrutiny following claims of a data breach. The threat actor, identified as 'Donald Bucks,' posted a message on January 14, 2024, asserting the Ulsan HD FC data breach and offering the club's full database for...

In a recent turn of events, Innefu Labs, a prominent Indian cybersecurity firm renowned for its AI and data analytics solutions, has reportedly fallen victim to a sophisticated cyberattack. The breach, revealed by a threat actor named 'PreciousMadness' on the RAMP forum, has raised concerns within the cybersecurity community. The breach, disclosed on January 10,...

Melbourne-based travel company, Inspiring Vacations, has fallen victim to a major data breach, compromising the personal information of thousands of individuals. The breach, involving an unsecured 26.8GB database containing over 112,000 records, exposed passport and travel details. The severity of the incident was revealed by cybersecurity expert Jeremiah Fowler. In the wake of the breach,...