Zack Whittaker reports: Phone giant AT&T has reset millions of customer account passcodes after a huge cache of data containing AT&T customer records was dumped online earlier this month, TechCrunch has exclusively learned. The U.S. telco giant initiated the passcode mass-reset after TechCrunch informed AT&T on Monday that the leaked data contained encrypted passcodes that could…
Category: Business Sector
Major credit bureau slapped with enforcement notice for data breach in South Africa
Jan Vermeulen reports: The Information Regulator has slapped credit bureau TransUnion with an enforcement notice following a data breach on 18 March 2022. N4ugthySecTU, the group that claimed responsibility for the attack, alleged that they exfiltrated 4TB of data from one of TransUnion’s databases, including the records of 54 million South Africans. However, the bureau said far…
Nissan Oceania Data Breach Impacts 100,000 Individuals in Australia and New Zealand
Alicia Hope reports: Nissan Oceania is notifying 100,000 individuals that the December 2023 data breach exposed their personal information. The New Zealand and Australia-based subsidiary of the Japanese automaker Nissan said it detected “unauthorized access” to its local IT servers on December 5, 2023. It responded by notifying law enforcement authorities, privacy regulators, and national…
Convergent Outsourcing Settles Data Breach Class Action for $2.45 Million
Kathryn M. Rattigan of Robinson & Cole LLP writes: Convergent Outsourcing Inc., a debt-collection agency, settled a data breach class action in the U.S. District Court for the Western District of Washington for $2.45 million. The class action suit against Convergent alleged that the business failed to protect the personal information of over 640,000 individuals….
Update on Microsoft Actions Following Attack by Nation State Actor Midnight Blizzard
From a new blog post by Microsoft: In recent weeks, we have seen evidence that Midnight Blizzard is using information initially exfiltrated from our corporate email systems to gain, or attempt to gain, unauthorized access. This has included access to some of the company’s source code repositories and internal systems. To date we have found…
41 State Attorneys General tell Meta to do better in preventing and mitigating account takeovers
A coalition of state attorneys general have sent a letter to Meta asking them to do more to help users whose accounts have been hacked or taken over. The letter to Meta’s Chief Legal Officer begins: Dear Ms. Newstead: We, the undersigned attorneys general (the “State AGs”), write to request immediate action to address the…