Bernie Cahiles-Magkilat has an update on the Cashalo breach, noted previously. The National Privacy Commission (NPC) said its initial findings showed data breach on cash-loaning application Cashalo where a certain user was found selling personal information of 3.3 million users. NPC said this following its preliminary probe on the data security issue of Cashalo, which…
Category: Business Sector
FireEye and Accellion provide more details on attack
Andrew Moore, Genevieve Stark, Isif Ibrahima, Van Ta of FireEye write: Starting in mid-December 2020, malicious actors that Mandiant tracks as UNC2546 exploited multiple zero-day vulnerabilities in Accellion’s legacy File Transfer Appliance (FTA) to install a newly discovered web shell named DEWMODE. The motivation of UNC2546 was not immediately apparent, but starting in late January 2021, several organizations…
Watermark takes action after data security breach potentially affects people in 10 states
Kimberly Bonvissuto reports: Tucson, AZ-based Watermark Retirement Communities is the latest victim of a data security breach, in this case one that may have compromised the personal information of 208 residents and others. The company sent out a notice on Wednesday that it became aware of a “cyber intrusion” in September. The senior living operator…
PH: Cashalo hit with data breach, but says accounts not compromised
Xave Gregorio reports: Fintech platform Cashalo reported Saturday it has been hit by a data breach, but assured that accounts and passwords of their users have not been compromised as these have been encrypted. Cashalo said it discovered two days ago that there was “unauthorized access” to a database archive containing some personal data of…
Underwriters Laboratories (UL) certification giant hit by ransomware
Lawrence Abrams reports: UL LLC, better known as Underwriters Laboratories, has suffered a ransomware attack that encrypted its servers and caused them to shut down systems while they recover. […] BleepingComputer has learned that UL suffered a ransomware attack last weekend that encrypted devices in their data center. Read more on BleepingComputer.
Kroger reports Accellion data breach affecting pharmacy records, associate HR data
Updated March 9: This incident subsequently appeared on HHS’s public breach tool as having been reported to HHS on February 19 and impacting 368,100 patients. Brian Planalp reports: Kroger is informing some customers and associates that a third-party software company it uses for data services recently suffered a data breach. Kroger’s own IT systems were not…