On July 26, DataBreaches reported that DESORDEN had attacked Ranhill Utilities Berhad, a provider of water and power supply in Malaysia. At the time, DESORDEN claimed, in part: The initial data breach was initiated on Nov 2021. For over 18 months, DESORDEN has been in their systems. On 17th July 2023, our group infiltrated their…
Category: Business Sector
Forever 21 notifies 540,000 of breach affecting employees enrolled in firm’s health plan
In 2017, fashion retailer Forever 21 experienced a malware attack on its card payment system that compromised customers’ payment cards. The breach was an embarrassment on a number of levels because the attacker had access to their system for about 7 months, and Forever 21 did not seem to have discovered the breach on their…
Jp: Medical organizations and IT vendors “should bear part of the cyber damage”.
[Translation:] A document released on August 24 by the Japan Medical Association Policy Research Institute (Nichi-Isouken), which aims to plan medical policy, is causing controversy on SNS. Regarding contracts and responsibility sharing between medical institutions and system vendors, based on the “principle of good faith”, if the vendor’s risk explanation is insufficient, the medical institution…
Medically-tailored food provider, PurFoods, discloses data breach
Jurgita Lapienytė reports: PurFoods, which positions itself as a provider of “tailored home-delivered meals,” has reported a data breach affecting over 1.2 million people. PurFoods (doing business as Mom’s Meals) filed a data breach report with the Maine Attorney General’s Office, stating that attackers acquired sensitive info such as name or other personal identifier, together…
Kroll Employee SIM-Swapped for Crypto Investor Data
Brian Krebs reports: Security consulting giant Kroll disclosed today that a SIM-swapping attack against one of its employees led to the theft of user information for multiple cryptocurrency platforms that are relying on Kroll services in their ongoing bankruptcy proceedings. And there are indications that fraudsters may already be exploiting the stolen data in phishing attacks. Cryptocurrency…
Cloud and hosting provider Leaseweb took down critical systems after a cyber attack
Pierluigi Paganini reports: Global hosting and cloud services provider Leaseweb has disabled some “critical” systems following a recent security breach. The company informed its customers that is now working on restoring these systems. According to a notice of incident sent to customers, on August 22, the company discovered “unusual” activity in some of its systems…