The SITA breach that also impacted 580,000 Singapore Airlines customers is getting more attention as more and more airlines issue statements to their customers. Now my friends are even sending me emails they receive from airlines. You can read SITA’s disclosure on their site.
Category: Business Sector
Spirit Airlines hit by Nefilim ransomware – Report
Marco De Felice reports: In these hours, the ransomware group Nefilim has published on the dark web a first part of data stolen from the American “ultra low cost” company Spirit Airlines. The first block contains over 40GB of data with over 33,000 files. Financial data, personal information of customers who purchased tickets to fly with…
Data of 580,000 Singapore Airlines customers leaked in SITA security breach
Toh Ting Wei reports: About 580,000 Singapore Airlines (SIA) customers have been affected by a data leak at an external firm. SIA said in a statement yesterday that members of its KrisFlyer and PPS Club reward programmes have had their membership numbers, tier status and, in some cases, membership names compromised. […] SIA said the…
The Accellion breach also impacted Qualys; threat actors start dumping files
As I noted yesterday on Twitter, Qualys was added to threat actor CLOP’s leak site, raising the question as to whether the firm had been an Accellion client. They had. Qualys issued a statement later yesterday. It said, in part: Qualys has confirmed that there is no impact on the Qualys production environments, codebase or…
Payroll giant PrismHR outage likely caused by ransomware attack
Lawrence Abrams reports: Leading payroll company PrismHR is suffering a massive outage after suffering a cyberattack this weekend that looks like a ransomware attack from conversations with customers. PrismHR is an online payroll, benefits, and human resources platform used by Professional employer organizations (PEO). PEOs use this platform to provide payroll, HR, and benefits services…
Serasa asked for bank passwords and will reveal itself
Leonard Manson reports: The São Paulo Consumer Protection and Defense Program (Procon-SP) notified Serasa on Monday (1st) to provide clarifications on the collection, and possible use, of the internet banking passwords required by the credit bureau to carry out searches on the site. The request for a bank password, made in the “customer area”, was…