Ravie Lakshmanan reports: Telecommunication services providers in Africa are the target of a new campaign orchestrated by a China-linked threat actor at least since November 2022. The intrusions have been pinned on a hacking crew tracked by Symantec as Daggerfly, and which is also tracked by the broader cybersecurity community as Bronze Highland and Evasive Panda….
Category: Business Sector
Capita IT breach gets worse as Black Basta claims it’s now selling off stolen data
Jessica Lyons Hardcastle reports: Black Basta, the extortionists who claimed they were the ones who lately broke into Capita, have reportedly put up for sale sensitive details, including bank account information, addresses, and passport photos, stolen from the IT outsourcing giant. A spokesperson for the London-based corporation, which has UK government contracts totaling £6.5 billion…
Real estate firm OrangeTee & Tie fined for data breach involving 250,000 customers and employees
CNA reports a follow-up to an attack by ALTDOS that was previously reported by DataBreaches: Real estate agency OrangeTee & Tie has been fined S$37,000 by Singapore’s privacy watchdog after the personal data of more than 250,000 customers and employees was compromised. Names, bank account numbers, property transaction amounts, as well as identity card numbers were…
A short-lived BlackCat listing suggests NCR’s customers’ networks were accessed
It’s been more than a decade since DataBreaches covered any significant data breach involving the Aloha POS system, and back then it was owned by Radiant Systems. In 2011, NCR Corporation bought Aloha POS. Things were fairly quiet since then, if you don’t count NCR’s response to a zero day RCE vulnerability that NCR somewhat…
Kodi Confirms Data Breach: 400K User Records and Private Messages Stolen
Ravie Lakshmanan reports: Open source media player software provider Kodi has confirmed a data breach after threat actors stole the company’s MyBB forum database containing user data and private messages. What’s more, the unknown threat actors attempted to sell the data dump comprising 400,635 Kodi users on the now-defunct BreachForums cybercrime marketplace. Read more at The Hacker News.
Over a Million Financial Records Exposed in Data Incident Involving NorthOne Bank
Jeremiah Fowler discovered yet another unsecured database. This one reportedly had more than one million financial records: The PDF documents that were made public included invoices from both individuals and businesses who used an app to pay for products and services. The invoices contained names, email addresses and physical addresses, phone numbers, and more. In…