Jonathan Greig reports: Internet infrastructure company Cloudflare said today that it mitigated one of the largest volumetric distributed denial of service (DDoS) attacks that has been recorded to date. Cloudflare said it detected and mitigated a 15.3 million request-per-second (rps) DDoS attack earlier this month — making it one of the largest HTTPS DDoS attacks on record….
Category: Business Sector
Mailpac customers affected by Aeropost data breach
Olivia Brown reports: Courier company Mailpac Group Limited, and Florida, United States-based logistics management and package delivery company, Aeropost, have come under fire over an email informing customers of a credit card breach. One customer shared that the email stated that her credit card had been “compromised,” and she should check her credit card statement…
Edu-tech firm GeniusU fined $35,000 for data leak affecting 1.26m users
Rei Kurohei reports: GeniusU, a Singapore-based education technology company, has been fined $35,000 for a data breach that resulted in the theft of 1.26 million users’ personal data. The incident is one of the largest data breaches here in recent years, in terms of the number of users affected. Read more at The Straits Times. As…
Wawa wants a refund, says Mastercard owes $32 million for data breach penalties
Joseph N. DiStefano reports: Wawa, the Delaware County-based convenience store and gas station chain, paid $10.7 million last year linked to a 2019 breach of its customer payment security systems. But now it wants that money back — and more. On Monday in federal court in New York, Wawa sued Mastercard, the giant payment-card network,…
Sunwing president apologizes to stranded passengers, says outage result of cyberattack
Joshua Freeman reports that a Canadian airline’s flights were disrupted after an attack on the firm that provides its check-in system: “Obviously, this is a terrible situation and one that we didn’t expect,” Sunning CEO Mark Williams told CP24 in an interview. “Certainly apologize to everyone for the inconvenience this has caused. By Tuesday, it…
GitHub: Attacker breached dozens of orgs using stolen OAuth tokens
Sergiu Gatlan reports: GitHub revealed today that an attacker is using stolen OAuth user tokens (issued to Heroku and Travis-CI) to download data from private repositories. Since this campaign was first spotted on April 12, 2022, the threat actor has already accessed and stolen data from dozens of victim organizations using Heroku and Travis-CI-maintained OAuth apps, including…