Solomon Klappholz reports: Toyota is once again in the headlines after a hacker collective claimed to have exfiltrated 240GB of sensitive data from the car manufacturer’s internal systems. Toyota has confirmed its network was breached after a threat actor listed a 240GB trove of data stolen from the company’s internal systems on an underground hacking forum. The…
Category: Business Sector
Top US oilfield firm Halliburton hit by cyberattack, source says
Liz Hampton reports: U.S. oilfield services firm Halliburton (HAL.N) on Wednesday was hit by a cyberattack, according to a person familiar with the matter. Halliburton said it was aware of an issue affecting certain systems at the company and was working to determine the cause and impact of the problem. The company was also working with “leading…
National Public Data Published Its Own Passwords
Brian Krebs reports: New details are emerging about a breach at National Public Data (NPD), a consumer data broker that recently spilled hundreds of millions of Americans’ Social Security Numbers, addresses, and phone numbers online. KrebsOnSecurity has learned that another NPD data broker which shares access to the same consumer records inadvertently published the passwords to its…
National Public Data reports highly publicized breach affected a total 1.3 million people
There has been a lot of publicity about a breach and then leak of data from National Public Data. Some early reports erroneously claimed that 2.9 billion people were affected. Other sources noted more accurately noted that 2.9 billion was the number of records and not the number of unique individuals. In its disclosure to…
CFIUS Fines T-Mobile $60 Million Over Unauthorized Data Access and Breach Response
Hunton Andrews Kurth writes: On August 14, 2024, the Committee on Foreign Investment in the United States (“CFIUS”) disclosed that it had assessed a $60 million penalty against T-Mobile US, Inc. (“T-Mobile”) in connection with unauthorized data access incidents following T-Mobile’s 2020 merger (the “Merger”) with Sprint Corporation (“Sprint”). CFIUS is a U.S. government interagency…
NationalPublicData.com Hack Exposes a Nation’s Data
Brian Krebs reports: On July 21, 2024, denizens of the cybercrime community Breachforums released more than 4 terabytes of data they claimed was stolen from nationalpublicdata.com, a Florida-based company that collects data on consumers and processes background checks. The breach tracking service HaveIBeenPwned.com and the cybercrime-focused Twitter account vx-underground both concluded the leak is the same information first put up for…