Jagmeet Singh reports: Emerging Indian social media app Slick left an internal database containing users’ personal information, including data of school-going children, publicly exposed to the internet for months. Since at least December 11, a database containing full names, mobile numbers, dates of birth, and profile pictures of Slick users was left online without a password. Read…
Category: Business Sector
Hackers breach Reddit to steal source code and internal data
Lawrence Abrams reports: Reddit suffered a cyberattack Sunday evening, allowing hackers to access internal business systems and steal internal documents and source code. The company says the hackers used a phishing lure targeting Reddit employees with a landing page impersonating its intranet site. This site attempted to steal employees’ credentials and two-factor authentication tokens. After…
iRent fined for data leak
CNA reports: Taiwanese car rental and automobile/motorcycle-sharing services platform iRent received separate fines from the Ministry of Transportation and Communications (MOTC) and Taipei City government on Thursday for data protection failings. The popular platform is operated by Ho Ing Mobility Service, a subsidiary of Taiwanese automotive conglomerate Hotai Motor Co. The company received the fines…
AmerisourceBergen MWI Animal Health hit by Lorenz; Company investigating
The Lorenz ransomware group has added AmerisourceBergen/MWI Animal Health to their leak site with what teasingly appears to be a lot of data, except there is no key to unlock the leaked files. Those who want the key will have to contact Lorenz and buy the key. Lorenz did provide a file list as a…
Hackers hit Vesuvius, UK engineering company shuts down affected systems
Graham Cluley writes: Vesuvius, the London Stock Exchange-listed molten metal flow engineering company, says it has been hit by a cyber attack. This morning, Vesuvius issued an alert that it was “currently managing a cyber incident.” Read more at GrahamCluley.com.
Russian e-commerce giant exposed buyers’ delivery addresses
Jurgita Lapienytė reports: A leading electrical engineering company in Russia, Elevel, has exposed its customers’ personally identifiable information (PII,) including full names and addresses. Founded in 1991, Elevel (previously Eleko) positions itself as the leading Russian electrical engineering company that runs both an e-commerce business and wholesale stores. On January 24, the Cybernews research team…