Logitech reports attackers stole data likely belonging to customers, employees, and suppliers. The breach stemmed from a zero-day flaw in a third-party software platform that has since been patched. Logitech has not disclosed which data types or which platform were affected. The Cl0p ransomware group claims it exploited an Oracle E-Business Suite vulnerability to access […]
Clorox is suing IT provider Cognizant after a 2023 ransomware attack cost the company $380 million. The lawsuit claims Cognizant’s helpdesk handed over employee passwords to attackers posing as staff. No hacking skills were needed, just a phone call and a convincing story, Clorox alleges. Cognizant denies responsibility, stating it only offered limited helpdesk support. […]
Victims of Finland’s largest psychotherapy data breach are seeking higher compensation. In 2020, a hacker stole sensitive information from 40,000 clients of Vastaamo, including patient records, and used it for extortion. While the Finnish government has offered compensation ranging from €500 to €1500, lawyers argue that this is insufficient, given the severe privacy violations the […]
The UK’s Electoral Commission leaked personal details of 40 million voters due to unpatched vulnerabilities in their Microsoft Exchange Server, spanning registrations from 2014 to 2022. Hackers accessed the server through known ProxyShell vulnerabilities in August and October 2021, installing malware and sending spam before the issues were detected and partially mitigated. The ICO investigation […]
A UK national, Joseph James O’Connor, has pleaded guilty to his involvement in the July 2020 Twitter hack that targeted numerous high-profile accounts and defrauded users of the platform. O’Connor and his co-conspirators seized control of 130 Twitter accounts, including those belonging to Barack Obama, Bill Gates, and Elon Musk, to perpetrate a cryptocurrency scam […]
Irish university MTU Cork has decided to close all four campuses for two days and cancel all classes due to an intrusion into its IT systems. The attack took place last weekend and would have been detected at an early stage. The university gives no details about what kind of attack it is exactly and […]
Twilio, which earlier this month became a sophisticated phishing attack, disclosed last week that the threat actors also managed to gain access to the accounts of 93 individual users of its Authy two-factor authentication (2FA) service.
Propietary software and technical information stolen of LastPass. No effects according to LastPass on 33 million active end-users and more than 100.000 businesses. LastPass says to update customers with transparency. Up2now LastPass didn’t elaborate on the exact mitigation techniques that it used to strengthen its environment. It also reiterated that the break-in had no impact […]
Cisco confirmed it was the victim of a cyberattack on May 24, 2022 after the attackers got hold of an employee’s personal Google account that contained passwords synced from their web browser.“Initial access to the Cisco VPN was achieved via the successful compromise of a Cisco employee’s personal Google account” “The user had enabled password […]
Cloud communications company Twilio says some of its customers’ data was accessed by attackers who breached internal systems after stealing employee credentials in an SMS phishing attack.
- 1
- 2