Paulina Okunytė reports: Private data allegedly belonging to more than 230,000 Puma customers in Chile has been found on a hacker forum. A threat actor has listed an 84MB-strong dataset for sale that allegedly belongs to the multinational sportswear manufacturer. The cybercriminal or criminals behind the dataset listing claim that it is from Puma’s Chilean…
Category: Business Sector
LastPass owner GoTo says hackers stole customers’ backups
Carly Page reports: LastPass’ parent company GoTo — formerly LogMeIn — has confirmed that cybercriminals stole customers’ encrypted backups during a recent breach of its systems. The breach was first confirmed by LastPass on November 30. At the time, LastPass chief executive Karim Toubba said an “unauthorized party” had gained access to some customers’ information stored in a third-party…
Ticketmaster says cyberattack disrupted Taylor Swift ticket sales
Josh Sisco and Maggie Miller report: Ticketmaster was hit by a cyberattack in November that led to the problems with ticket sales for Taylor Swift’s upcoming U.S. tour, the president of its parent company plans to tell a congressional committee Tuesday. A massive influx of traffic on the Ticketmaster website caused the slowdown in ticket…
North Korea-linked hackers behind $100 million crypto heist, FBI says
Arjun Kharpal reports: North Korean-linked actors were behind the theft of $100 million through the hack of a crypto product last year, the Federal Bureau of Investigation said. The FBI said it was “able to confirm” that Lazarus Group and APT38, two hacking groups linked to Pyongyang, were responsible for the attack on the so-called Horizon…
FanDuels warns of data breach after customer info stolen in vendor hack
Lawrence Abrams reports: The FanDuel sportsbook and betting site is warning customers that their names and email addresses were exposed in a January 2023 MailChimp security breach, urging users to remain vigilant against phishing emails. On January 13th, MailChimp confirmed they suffered a breach after hackers stole an employee’s credentials using a social engineering attack. Read more at BleepingComputer.
TSA ‘no fly’ list leaked after being found on unsecured airline server
Chris Pandolfo reports: The Swiss hacker known as “maia arson crimew” blogged Thursday that she discovered the Transportation Security Administration “no fly” list from 2019 and a trove of data belonging to CommuteAir on an unsecured Amazon Web Services cloud server used by the airline. The hacker told The Daily Dot the list appeared to have more…