“I think it’s probably one of the biggest breaches in a long time, can’t think of any bigger ones,” Pompompurin, the owner of Breached.to, wrote when asked about a new for-sale listing that appeared on his forum. A seller called “Data,” who Pompompurin says he will “vouch all day and night for” listed user data…
Category: Business Sector
Uber links breach to Lapsus$ group, blames contractor for hack
Sergiu Gatlan reports: Uber believes the hacker behind last week’s breach is affiliated with the Lapsus$ extortion group, known for breaching other high-profile tech companies such as Microsoft, Cisco, NVIDIA, Samsung, and Okta. The company added that the attacker used the stolen credentials of an Uber EXT contractor in an MFA fatigue attack where the contractor was flooded with two-factor authentication (2FA)…
Revolut hit by ‘phishing’ cyberattack
Ben Martin reports: A cyberattack on Revolut has compromised the personal details of more than 50,000 people. The breach at the app-based payments company occurred last Sunday night after a Revolut employee was caught out by a phishing scam. The attack has affected 50,144 people and involved an unauthorised third-party accessing some of their details,…
IHG hack: ‘Vindictive’ couple deleted hotel chain data for fun
Joe Tidy reports: Hackers have told the BBC they carried out a destructive cyber-attack against Holiday Inn owner Intercontinental Hotels Group (IHG) “for fun”. Describing themselves as a couple from Vietnam, they say they first tried a ransomware attack, then deleted large amounts of data when they were foiled. They accessed the FTSE 100 firm’s…
Starbucks Singapore hit by data breach affecting rewards program customers
CNA reports: Starbucks Singapore has been hit by a data breach affecting customers of its rewards membership programme. In an email sent to customers on Friday (Sep 16), Starbucks said it discovered “some unauthorised access” to user details such as name, gender, date of birth, mobile number, email address and residential address. Read more at…
Bits ‘n Pieces (Trozos y Piezas)
Ransomware attacks continue This week, LockBit added four entities related to South America: Chile, Colombia, and Venezuela: Comision Nacional de Acreditación in Chile CNA is a public entity that seeks to evaluate and accredit the quality of the Institutions of Higher Education in Chile. DataBreaches sent an email to them yesterday to ask them if…