James Pearson reports: Cybercriminals have stolen data on over 8,000 children attending nurseries in London operated by childcare provider Kido International, the hackers said on their dark web portal. The gang, which calls itself Radiant, evidenced its claim by publishing the names, photos, home addresses, and family contact information of 10 children it said attended…
Category: Hack
Salesforce AI Hack Enabled CRM Data Theft
Eduard Kovacs reports: Prompt injection and an expired domain could have been used to target Salesforce’s Agentforce platform for data theft. The attack method, dubbed ForcedLeak, was discovered by researchers at Noma Security, a company that recently raised $100 million for its AI agent security platform. Salesforce Agentforce enables businesses to build and deploy autonomous AI agents…
Data Leak? Crypto.com Fires Back At ‘Unfounded’ Allegations
Christian Encila reports: According to Bloomberg and several other news outlets, Crypto.com has pushed back against a report that a 2023 breach exposed user details and was kept from authorities. The story centers on a hacking group known as Scattered Spider and a young suspect who, according to reports, used phishing and social engineering to access an employee account….
When “Goodbye” isn’t the end: Scattered LAPSUS$ Hunters hack on
“Goodbye isn’t the end. It’s the beginning of what happens next.” — Joshua Shaw Reading the news, I see some headlines suggesting that “Scattered LAPSUS$ Hunters” lied in their “Goodbye” message. One headline read, “Security Industry Skeptical of Scattered Spider-ShinyHunters Retirement Claims.” Another read, “Scattered Spider Resurfaces With Financial Sector Attacks Despite Retirement Claims,” and…
Tiffany discloses data breach involving gift cards — second breach disclosure in recent months (1)
In May, Tiffany & Co. confirmed a data breach affecting an unspecified number of customers in South Korea. Tiffany is one of LVMH Moët Hennessy Louis Vuitton’s 75 high-end brands in six different sectors. On May 26, Tiffany Korea emailed select customers to notify them of a cybersecurity breach involving unauthorized access to a vendor…
Scattered Spider Tied to Fresh Attacks on Financial Services
Mathew J. Schwartz reports: A member of the band of native English-speaking adolescent hackers lately calling itself Scattered Lapsus$ Hunters published Friday a semi-coherent screed proclaiming the collective would be “going dark.” Many cybersecurity experts responded with skepticism. Evidence suggests that at least some members of the loose-knit hacking collective are continuing to hit targets. Threat intelligence…