Sergiu Gatlan reports: The operators behind Sodinokibi Ransomware published download links to files containing what they claim is financial and work documents, as well as customers’ personal data stolen from giant U.S. fashion house Kenneth Cole Productions. Sodinokibi (aka REvil) is a Ransomware-as-a-Service operation where the operators manage development of the ransomware and the payment portal used…
Category: Business Sector
Israeli Marketing Company Straffic Exposes 140 GB Contacts Database
Jeremy Kirk reports: An Israeli marketing company left authentication credentials for an Elasticsearch database online, exposing more than 140 GB worth of contact details for individuals in the U.S. and Europe. The exposed data includes names, email addresses, phone numbers, physical addresses and genders, but not all records have those fields completed, according to a…
OnlyFans says it wasn’t hacked after hundreds of performers’ videos leak online
Jacob Kastrenakes and Megan Farokhmanesh report: More than 1.6TB worth of videos and images from OnlyFans has been leaked online. The data dump appears to be primarily comprised of women’s accounts, specifically those who use the site to share pornographic images. OnlyFans claims it’s not due to a hack, though. Steve Pym, OnlyFans’ marketing chief, said…
UPDATE: TQL says data breach was not malware or ransomware attack
Clarissa Hawes reports: Total Quality Logistics (TQL) says it will continue to work with an expert cybersecurity firm to find out how external hackers breached its IT systems and gained access to some carriers’ sensitive business information. Tom Millikin, corporate communications manager of TQL, told FreightWaves the data breach was not a malware or ransomware…
Chinese dissident can sue law firm over hack that exposed information online, judge rules
Debra Cassens Weiss reports: A federal judge in Washington, D.C., has ruled that a Chinese asylum-seeker can sue the Clark Hill law firm over a 2017 hack that allegedly exposed personal data online. U.S. District Judge James Boasberg ruled last week in the case of Guo Wengui, who describes himself in the malpractice suit as…
Transmit Security, Authentication Company Used by Banks, Hacked
Joseph Cox reports: This week a cybersecurity company called Transmit Security, that focuses on providing corporate clients with tools to securely log users into different services, notified customers of a data breach at the firm. The breach impacted over a thousand email addresses, passwords, phone numbers, and other sensitive information, according to a researcher mentioned…