In 2017, fashion retailer Forever 21 experienced a malware attack on its card payment system that compromised customers’ payment cards. The breach was an embarrassment on a number of levels because the attacker had access to their system for about 7 months, and Forever 21 did not seem to have discovered the breach on their…
Category: Business Sector
Jp: Medical organizations and IT vendors “should bear part of the cyber damage”.
[Translation:] A document released on August 24 by the Japan Medical Association Policy Research Institute (Nichi-Isouken), which aims to plan medical policy, is causing controversy on SNS. Regarding contracts and responsibility sharing between medical institutions and system vendors, based on the “principle of good faith”, if the vendor’s risk explanation is insufficient, the medical institution…
Medically-tailored food provider, PurFoods, discloses data breach
Jurgita Lapienytė reports: PurFoods, which positions itself as a provider of “tailored home-delivered meals,” has reported a data breach affecting over 1.2 million people. PurFoods (doing business as Mom’s Meals) filed a data breach report with the Maine Attorney General’s Office, stating that attackers acquired sensitive info such as name or other personal identifier, together…
Kroll Employee SIM-Swapped for Crypto Investor Data
Brian Krebs reports: Security consulting giant Kroll disclosed today that a SIM-swapping attack against one of its employees led to the theft of user information for multiple cryptocurrency platforms that are relying on Kroll services in their ongoing bankruptcy proceedings. And there are indications that fraudsters may already be exploiting the stolen data in phishing attacks. Cryptocurrency…
Cloud and hosting provider Leaseweb took down critical systems after a cyber attack
Pierluigi Paganini reports: Global hosting and cloud services provider Leaseweb has disabled some “critical” systems following a recent security breach. The company informed its customers that is now working on restoring these systems. According to a notice of incident sent to customers, on August 22, the company discovered “unusual” activity in some of its systems…
A Brazilian phone spyware was hacked and victims’ devices ‘deleted’ from server
Zack Whittaker reports: Portuguese-language spyware called WebDetetive has been used to compromise more than 76,000 Android phones in recent years across South America, largely in Brazil. WebDetetive is also the latest phone spyware company in recent months to have been hacked. In an undated note seen by TechCrunch, the unnamed hackers described how they found and…