Update: On April 28, Yellow Pages issued a breach notification to employees affected by the breach. The notification reports that the types of information involved varied by individual and may have included name, email address, postal address, Social Insurance Number (where applicable), bank account information, emergency contact information, salary information, and date of birth. For…
Category: Business Sector
Naivas Supermarket’s System Hacked, Data Stolen
Wycliffe Musalia reports that Kenya’s Naivas supermarket chain in Kenya has been the victim of a ransomware incident, but the chain assures customers that certain customer data such as payment card data was never at risk because it is not stored on their system. From the news report, it sounds like the company notified law…
Switch hacker Gary Bowser released from jail, will pay Nintendo 25-30% income ‘for the rest of his life’
Chris Scullion writes: Gary Bowser, the hacking group member who was convicted for creating and selling circumvention devices enabling users to play illegal backups on Switch and 3DS, has been released from prison early. Bowser was sentenced in February 2022 to 40 months in prison for his part as a member of a hacking group called Team-Xecuter, which in…
3CX Breach Was a Double Supply Chain Compromise
Brian Krebs reports: In late March 2023, 3CX disclosed that its desktop applications for both Windows and macOS were compromised with malicious code that gave attackers the ability to download and run code on all machines where the app was installed. 3CX says it has more than 600,000 customers and 12 million users in a broad range of industries,…
Russian hackers exfiltrated data from from Capita over a week before outage
Kevin Beaumont writes: Capita have finally admitted a data breach, but still do not think they need to disclose key details of the incident to customers, regulators, impacted parties and investors. So in this piece we shall dig into the details using open source intelligence, and prove Capita was penetrated by Black Basta ransomware group using…
Bits ‘n Pieces (Trozos y Piezas)
Cementos Bío-Bío S.A attacked by BlackByte Cementos Bio-Bio S.A, a Chilean cement company, was added to BlackBye’s leaks site on April 9. DataBreaches found no notice of any incident on the main cbb.cl website, but the cbbexpress.cl customer portal had a notice about interruptions: “At this time we are having intermittencies with our services. If…