Ax Sharma reports: Slack suffered a security incident over the holidays affecting some of its private GitHub code repositories. … The incident involves threat actors gaining access to Slack’s externally hosted GitHub repositories via a “limited” number of Slack employee tokens that were stolen. While some of Slack’s private code repositories were breached, Slack’s primary codebase and…
Category: Business Sector
FCC Proposes to Modernize Data Breach Rules
Commission Will Seek Comment on Proposed Consumer and Law Enforcement Notification Requirements for CPNI Leaks — WASHINGTON, January 6, 2023—The Federal Communications Commission today launched a proceeding to strengthen the Commission’s rules for notifying customers and federal law enforcement of breaches of customer proprietary network information (CPNI). The Commission will look to better align its…
Air France and KLM notify customers of account hacks
Sergiu Gatlan reports: Air France and KLM have informed Flying Blue customers that some of their personal information was exposed after their accounts were breached. Flying Blue is a loyalty program allowing clients of multiple airlines, including Air France, KLM, Transavia, Aircalin, Kenya Airways, and TAROM, to exchange loyalty points for various rewards. Read more…
Bits ‘n Pieces (Trozos y Piezas)
MX: BlackCat claims attack on Grupo Estrategas EMM ALPHV, aka BlackCat, claims to have attacked Grupo Estrategas EMM, but the ransomware group has not as yet uploaded any proof of claims. Nor has the insurance firm posted any notice on its website or social media indicating any incident. The insurer has not responded to an…
Just snarky or dangerous? Ransomware gang cloned victim’s website to leak stolen data
Ionut Ilascu reports: The ALPHV ransomware operators have gotten creative with their extortion tactic and, in at least one case, created a replica of the victim’s site to publish stolen data on it. It appears that ALPHV, also known as BlackCat ransomware, is known for testing new extortion tactics as a way to pressure and shame their…
Toyota Kirloskar Motor reports data breach system
PTI reports: Toyota Kirloskar Motor on Sunday reported a data breach in its system but said the extent of intrusion is being confirmed. In a statement, the company said it has been ”notified by one of its service providers of an incident that might have exposed personal information” of some of its customers on the…