Ozten Shebakheget reports: The parent company of a popular luxury spa in Winnipeg is in hot water after a data breach potentially opened the door for hackers to access a variety of private information from customers. This week, customers who purchased gift certificates from Thermea spa between early November and late February were told in an…
Category: Business Sector
Crossbow firm discloses data breach: crooks compromised credit card data
Jurgita Lapienytė reports: Killer Instinct, a company that trades high-tech modern adaptations of the archaic long-range weapon, has disclosed a data breach affecting over 800 users. The company filed a notification with the Maine Attorney General’s Office, saying threat actors obtained users’ financial account or credit/debit card numbers in combination with security, access code, password…
Noteboom – The Law Firm hit by BlackCat
On March 24, BlackCat emailed Noteboom – The Law Firm, a Texas personal injury law firm. The email, shared with DataBreaches by BlackCat, appeared to be sent from the firm’s own systems administrator, Paul Khong. With some light editing by DataBreaches to correct some typos, it read: This is [ALPHV] aka BlackCat Ransomware Team. We…
Western Digital says hackers stole data in ‘network security’ breach
Carly Page reports: Data storage giant Western Digital has confirmed that hackers exfiltrated data from its systems during a “network security incident” last week. The California-based company said in a statement on Monday that an unauthorized third party gained access to “a number” of its internal systems on March 26. Western Digital hasn’t confirmed the nature of…
Are you a “Lucky Winner” from Equifax?
Earlier today, vx-underground reported that a hoax email was being sent from Equifax with the subject line “Free Pompompurin.” An unknown individual has compromised the email system for Equifax. They have sent out an email with the subject matter as “Free Pompompurin”. Image 1. email extended header information Image 2. email itself pic.twitter.com/mlrO99uVdl — vx-underground…
3CX knew its app was flagged as malicious, but took no action for 7 days
Dan Goodin reports: The support team for 3CX, the VoIP/PBX software provider with more than 600,000 customers and 12 million daily users, was aware its desktop app was being flagged as malware, but decided to take no action for a week when it learned it was on the receiving end of a massive supply chain attack,…