Lawrence Abrams reports: In a new blog post published tonight, Microsoft has confirmed that one of their employee’s accounts was compromised by Lapsus$, providing limited access to source code repositories. “No customer code or data was involved in the observed activities. Our investigation has found a single account had been compromised, granting limited access. Our…
Category: Business Sector
Okta, Microsoft both investigating new claims by Lapsus$ hacking group
Ax Sharma reports: Okta, a leading provider of authentication services and Identity and access management (IAM) solutions says it is investigating claims of data breach. On Tuesday, data extortion group Lapsus$ posted screenshots in their Telegram channel of what it alleges to be Okta’s customer data. So far, the company seems to be claiming that…
BlockFi confirms unauthorized access to client data hosted on Hubspot
Arijit Sarkar reports: New Jersey-based crypto financial institution BlockFi confirmed a data breach incident via one of its third-party vendors, Hubspot. BlockFi’s proactive warning about the breach aims to deter the intentions of bad actors in repurposing the user data for fraudulent activities. According to the announcement, the hackers gained access to BlockFi’s client data on…
Polish SA: record fine of almost $1.2 million imposed on Fortum Marketing and Sales Polska S.A. for personal data breach
Seen at the European Data Protection Board, a decision from the Polish S.A.: Background information Date of final decision: 19 January 2022 Cross-border case or national case: National Case. Controller: Fortum Marketing and Sales Polska S.A. Legal Reference: Integrity and confidentiality (Art. 5(1)(f)), Responsibility of the controller (Art. 24(1)), Data protection by design and by…
Hackers hit Mass. background-check firm used by state agencies, universities
Dan Adams reports: Computer hackers made off with highly sensitive personal records on more than 164,000 job-seekers and license applicants in a virtual “smash and grab” attack last November on Creative Services Inc., a Massachusetts company that conducts background checks on everyone from marijuana entrepreneurs to state employees, university faculty members, and workers at nuclear…
Russian pipeline company Transneft hit by data leak dedicated to Hillary Clinton
Corin Faife reports: As the Russian invasion of Ukraine moves into its third week, unconventional actors continue to target Russian state-backed businesses with a string of hacks and data leaks — the latest apparently referencing pro-hacktivism comments made by Hillary Clinton. The targeted organization is Transneft, the Russian state-controlled oil pipeline giant. On Thursday, leak hosting website…