Waqas reports on a leak spotted by VPNMentor: In total, the database contains 10GB worth of data from companies like SuperVPN, GeckoVPN, and ChatVPN which is now available for free download on several different Telegram groups. On May 7th, 2022, a database containing the personal details and login credentials of 21 million users was leaked…
Category: Business Sector
NZ: Data breach on AA Traveller website
RNZ reports: AA Traveller said the website was in use between 2003 and 2018 and allowed customers to make travel bookings, enter competitions and take part in surveys. In a statement on its website AA Traveller said it “recently discovered a vulnerability in the application where the AA Traveller information was stored and that an…
Cyber attack prompts security response by Oregon secretary of state
KTVZ reports: A ransomware attack on a campaign finance firm has prompted the Oregon Elections Division to require that 1,100 users of the state’s online campaign contribution reporting system change their passwords, but Sectary of State Shemia Fagan stressed late Monday that the agency’s systems have not been hacked. […] The Oregon Elections Division learned…
OpenSea Discord server hacked, increasing the risk of phishing scams
Ali Raza reports: OpenSea, a non-fungible token marketplace, has become the victim of a hack on its main Discord channel. The breach has allowed the threat actors to post fake announcements about partnerships between OpenSea and other projects. OpenSea shared a screenshot on May 6 showing the fake news about partnerships. The screenshot also contained a link…
IKEA Canada confirms data breach involving personal information of approximately 95,000 customers
Chris Fox reports on an insider-wrongdoing breach that sounds like it was detected and stopped fairly quickly, but not before more than 90,000 customers could have had their data accessed. IKEA says that it has notified Canada’s privacy watchdog following a data breach involving the personal information of approximately 95,000 customers. In a statement provided…
Indian government makes user data collection mandatory for VPNs; Providers debate leaving country
Rahul Verma reports: The Indian government has introduced a new IT policy that requires virtual private network companies (VPNs) to collect extensive customer data and maintain it for five years or more. The directive came from Computer Emergency Response Team, CERT-in. The new policy lists data centers and crypto exchanges under the same provision. The…