What's Your IT Question?

Want to know more about this topic or about us? Contact us!

All posts in data breach

New Grelos Skimmer Variants Siphon Credit Card Data

Domains related to the new variant of the Grelos web skimmer have compromised dozens of websites so far. Just as seasonal online shopping kicks into high gear, new variants of the point-of-sale Grelos skimmer malware have been identified. Variants are targeting the payment-card data of online retail shoppers on dozens . . . Read more

Cybercrime Moves to the Cloud to Accelerate Attacks Amid Data Glut

A report on the underground economy finds that malicious actors are offering cloud-based troves of stolen data, accessible with handy tools to slice and dice what’s on offer. Cybercriminals are embracing cloud-based services and technologies in order to accelerate their attacks on organizations and better monetize their wares, researchers have . . . Read more

Ticketmaster Scores Hefty Fine Over 2018 Data Breach

The events giant faces a GDPR-related penalty in the U.K., and more could follow. Ticketmaster’s UK division has been slapped with a $1.65 million fine by the Information Commissioner’s Office (ICO) in the UK, over its 2018 data breach that impacted 9.4 million customers. The fine (£1.25million) has been levied . . . Read more

Credential-Stuffing Attack Hits The North Face

The North Face has reset an undisclosed number of customer accounts after detecting a credential-stuffing attack on its website. The North Face has reset its customers’ passwords after attackers launched a credential-stuffing attack against the popular outdoor outfitter’s website. In a recent data-breach notification, the company told customers that it . . . Read more

COVID-19 Data-Sharing App Leaked Healthcare Worker Info

Philippines COVID-KAYA app allowed for unauthorized access typically protected by ‘superuser’ credentials and also may have exposed patient data. A platform used by healthcare workers in the Philippines designed to share data about COVID-19 cases contained multiple flaws that exposed healthcare worker data and could potentially could have leaked patient . . . Read more

Trump Site Alleging AZ Election Fraud Exposes Voter Data

Slapdash setup of Trump website collecting reports of Maricopa County in-person vote irregularities exposed 163,000 voter data records to fraud, via SQL injection. A security flaw on a website set up to gather evidence of in-person voter fraud in Arizona would have opened the door for SQL injection and other . . . Read more

GrowDiaries Exposes Emails, Passwords of 1.4M Cannabis Growers

Cannabis journaling platform GrowDiaries exposed more than 3.4 million user records online, many from countries where pot is illegal. A database linked to GrowDiaries, an online community of cannabis growers, has exposed more than a million users’ email addresses, passwords, IP address records and posts. GrowDiaries is a robust online community of . . . Read more

34M Records from 17 Companies Up for Sale in Cybercrime Forum

A diverse set of companies, including an adaptive-learning platform in Brazil, an online grocery service in Singapore and a cold-brew coffee-maker company, are caught up in the large data trove. A whopping 34 million user records have materialized on an underground sales forum, which cybercriminals claim are gleaned from 17 . . . Read more