Olivia Brown reports: Courier company Mailpac Group Limited, and Florida, United States-based logistics management and package delivery company, Aeropost, have come under fire over an email informing customers of a credit card breach. One customer shared that the email stated that her credit card had been “compromised,” and she should check her credit card statement…
Category: Business Sector
Edu-tech firm GeniusU fined $35,000 for data leak affecting 1.26m users
Rei Kurohei reports: GeniusU, a Singapore-based education technology company, has been fined $35,000 for a data breach that resulted in the theft of 1.26 million users’ personal data. The incident is one of the largest data breaches here in recent years, in terms of the number of users affected. Read more at The Straits Times. As…
Wawa wants a refund, says Mastercard owes $32 million for data breach penalties
Joseph N. DiStefano reports: Wawa, the Delaware County-based convenience store and gas station chain, paid $10.7 million last year linked to a 2019 breach of its customer payment security systems. But now it wants that money back — and more. On Monday in federal court in New York, Wawa sued Mastercard, the giant payment-card network,…
Sunwing president apologizes to stranded passengers, says outage result of cyberattack
Joshua Freeman reports that a Canadian airline’s flights were disrupted after an attack on the firm that provides its check-in system: “Obviously, this is a terrible situation and one that we didn’t expect,” Sunning CEO Mark Williams told CP24 in an interview. “Certainly apologize to everyone for the inconvenience this has caused. By Tuesday, it…
GitHub: Attacker breached dozens of orgs using stolen OAuth tokens
Sergiu Gatlan reports: GitHub revealed today that an attacker is using stolen OAuth user tokens (issued to Heroku and Travis-CI) to download data from private repositories. Since this campaign was first spotted on April 12, 2022, the threat actor has already accessed and stolen data from dozens of victim organizations using Heroku and Travis-CI-maintained OAuth apps, including…
DHS investigators say they foiled cyberattack on undersea internet cable in Hawaii
Meanwhile, last week, AJ Vicens reported: Federal agents in Honolulu last week “disrupted” an apparent cyberattack on an unnamed telecommunication company’s servers associated with an underwater cable responsible for internet, cable service and cell connections in Hawaii and the region, the agency said in a statement Tuesday. Hawaii-based agents with Homeland Security Investigations, an arm…