Brian Krebs reports: A class action lawsuit has been filed against big-three consumer credit bureau Experian over reports that the company did little to prevent identity thieves from hijacking consumer accounts. The legal filing cites liberally from an investigation KrebsOnSecurity published in July, which found that identity thieves were able to assume control over existing Experian accounts…
Category: Business Sector
Microsoft accounts targeted with new MFA-bypassing phishing kit
Bill Toulas reports: A new large-scale phishing campaign targeting credentials for Microsoft email services use a custom proxy-based phishing kit to bypass multi-factor authentication. Researchers believe the campaign’s goal is to breach corporate accounts to conduct BEC (business email compromise) attacks, diverting payments to bank accounts under their control using falsified documents. The phishing campaign’s…
Twitter confirms January breach, urges pseudonymous accounts to not add email or phone number
Jonathan Greig reports: Twitter officially confirmed that a January breach led to the leak of information connected to 5.4 million accounts. Two weeks ago, a hacker on Breach Forums offered email addresses and phone numbers connected to the accounts, which they said ranged from “celebrities, companies, randoms, OGs, etc.” […] For those who have pseudonymous Twitter accounts,…
New York DFS Fines Robinhood $30M for “Significant” Cybersecurity Violations
Linn F. Freedman of Robinson + Cole writes: The New York Department of Financial Services (DFS) announced its first ever penalty against a cryptocurrency platform this week, with a whopping $30 million fine assessed against Robinhood Crypto, LLC (RHC) for what it described as “significant failures in the areas of bank secrecy act/anti-money laundering obligations and cybersecurity…
Hackers stole passwords for accessing 140,000 payment terminals
Zack Whittaker reports: Hackers had access to dashboards used to remotely manage and control thousands of credit card payment terminals manufactured by digital payments giant Wiseasy, a cybersecurity startup told TechCrunch. Wiseasy is a brand you might not have heard of, but it’s a popular Android-based payment terminal maker used in restaurants, hotels, retail outlets…
A 2020 Data Breach That Continues To Remain An Unsolved Mystery
Over 3.4 million users’ data is up for sale in what was alleged to be a data breach at Paytm Mall. But now we don’t know whose data is it By Sarvesh Mathi In 2020, a cybersecurity firm alleged a massive data breach at Paytm Mall, but this was firmly denied by the company back then….