Bill Toulas reports: The cracked passwords for almost 7.5 million DatPiff members are being sold online, and users can check if they are part of the data breach through the Have I Been Pwned notification service. DatPiff is a popular mixtape hosting service used by over 15 million users, allowing unregistered users to download or upload…
Category: Business Sector
New York Attorney General James Alerts 17 Companies to “Credential Stuffing” Cyberattacks Impacting More Than 1.1 Million Consumers
NEW YORK – New York Attorney General Letitia James today announced the results of a sweeping investigation into “credential stuffing” that discovered more than 1.1 million online accounts compromised in cyberattacks at 17 well-known companies. Attorney General James released a “Business Guide for Credential Stuffing Attacks” that details the attacks — which involve repeated, automated attempts to access online…
UScellular discloses data breach after billing system hack
Segiu Gatlan reports: UScellular, self-described as the fourth-largest wireless carrier in the US, has disclosed a data breach after the company’s billing system was hacked in December 2021. The mobile carrier said in data breach notification letters sent to 405 impacted individuals that the attackers also ported some of the affected customers’ numbers using personal information stolen…
Portuguese newspaper is hacked by group that attacked Ministry of Health
Abhishek Pratap reports: The Portuguese newspaper Expresso was attacked by hackers at dawn this Sunday, 2. Those responsible for the invasion are the Lapsus Group, the same team that shut down the Ministry of Health’s systems last December. The newspaper’s website displays a page similar to the one shown in the attack on the Brazilian government agency….
Virtual Care Provider Sues Rivals, Alleging Data Theft, Patent Violation
Anuja Vaidya reports: MDsave, a direct-to-consumer virtual marketplace for healthcare services, has filed a lawsuit against three of its competitors alleging they stole and exploited MDSave’s protected data and intellectual property. The lawsuit accuses the defendants, Sesame, Green Imaging, and Tripment, of misappropriating MDSave’s protected data, falsely advertising their services, directly interfering with MDSave’s relationships with its…
Fintech firm hit by log4j hack refuses to pay $5 million ransom
Ax Sharma reports: One of the largest Vietnamese crypto trading platforms, ONUS, recently suffered a cyber attack on its payment system running a vulnerable Log4j version. Soon enough, threat actors approached ONUS to extort a $5 million sum and threatened to publish the customer data should ONUS refuse to comply. After the company’s refusal to pay the ransom, threat actors put up data…