Lawrence Abrams reports: A threat actor has leaked a list of almost 500,000 Fortinet VPN login names and passwords that were allegedly scraped from exploitable devices last summer. While the threat actor states that the exploited Fortinet vulnerability has since been patched, they claim that many VPN credentials are still valid. Read more on BleepingComputer.
Category: Business Sector
Data Breach Lawsuit Against Sonic Will Proceed
Sarah Coble reports: Litigation filed against American fast-food chain Sonic over a 2017 data breach has been allowed to proceed. Financial institutions brought a lawsuit against Sonic Corp after it emerged that financial data belonging to customers of the restaurant had been stolen in a cyber-attack. The attacker(s) installed malware on a point-of-sale system used at hundreds of Sonic franchises. Read…
Data breach at US restaurant and gambling chain Dotty’s may have leaked sensitive customer information
Jessica Haworth reports: A cyber-attack on US fast food and gambling chain Dotty’s has exposed the personal data of customers, the company has warned. Dotty’s, a fast food chain which offers gambling services across 175 locations, is owned and operated by Nevada Restaurant Services (NRS). Read more on The Daily Swig. DataBreaches.net had previously reported on Nevada…
Elon Musk’s top-secret ‘full self-driving’ AI car software leaked to hackers
Claran Daly reports: The software which enables certain Tesla cars to autonomously drive themselves has been leaked, enabling hackers outside of the USA to hit the streets hands-free. The software usually costs up to $10,000. Read more on The Daily Star. Does anyone else find this leak frightening?
PA: Penelec customers must reset passwords after security breach
WCED News reports: The parent company of Penelec and other electric companies in our state, the First Energy Corporation, is requiring all customers to reset their passwords due to a security breach. First Energy disabled the online accounts and asked customers to reset the passwords on Friday after detecting hackers making numerous unauthorized attempts to…
ALTDOS claims some of their servers were seized but they did not lose data
It would be great if the good guys had backups as good as the threat actors have. Threat actors who call themselves “ALTDOS” have re-emerged after a brief hiatus that had left this site wondering if something had happened to them following a joint advisory about them. ALTDOS has attacked a number of ASEAN firms,…