Tim Toole reports: A ransomware attack on Business Systems House (BSH), a Middle Eastern partner of payroll provider ADP, led to Broadcom employee data theft in September 2024. Data was leaked online in December, but Broadcom wasn’t informed until May 2025. The El Dorado ransomware group claimed responsibility for the breach, which occurred as Broadcom…
Category: Business Sector
Dior faces scrutiny, fine in Korea for insufficient data breach reporting; data of wealthy clients in China, South Korea stolen
Korea Joong Ang Daily reports: Luxury brand Dior is facing criticism in Korea for its inadequate response to a recent data breach that exposed the personal information of customers in Korea. While the company notified the Personal Information Protection Commission (PIPC), it failed to report the hacking incident to the Korea Internet & Security Agency…
Twilio denies breach following leak of alleged Steam 2FA codes
Bill Toulas reports: Twilio has denied in a statement for BleepingComputer that it was breached after a threat actor claimed to be holding over 89 million Steam user records with one-time access codes. The threat actor, using the alias Machine1337 (also known as EnergyWeaponsUser), advertised a trove of data allegedly pulled from Steam, offering to sell it…
Department of Justice says Berkeley Research Group data breach may have exposed information on diocesan sex abuse survivors
Daniel Payne reports: The U.S. Department of Justice says a recent data breach of a California consulting firm exposed data of Catholic clergy abuse survivors in nearly a dozen bankruptcy lawsuits. In a May 6 letter addressed to attorneys at law firm Proskauer Rose LLP, the Justice Department’s Nan Eitel, the associate general counsel for Chapter…
IT warning after 160-year-old firm goes into administration following a ransomware attack
Even though the media often mentions the risk of businesses folding due to a cyberattack, attempts to find examples of where a cyberattack really was the sole explanation/cause are often hard to find. Whether there were any other financial factors in the case reported here that contributed to the firm going into administration is unknown…
Disney Hacker Who Accessed 1.1 Terabytes of Data Pleads Guilty
There’s an update to a previously reported breach claimed by “Nullbulge.” Pirates and Princesses reports: A California resident has pleaded guilty to charges related to hacking a Disney employee’s personal computer, resulting in the theft of more than 1 terabyte of confidential data. Last year, it was reported that a hacker accessed Disney’s files and released…