Here’s today’s reminder of the insider threat. And also the external threat. Consider it a pre-holiday twofer. DataBreaches was contacted yesterday by “0mid16B,” the same individual who was responsible for previously hacking The1 Card, Thailand’s most popular loyalty program. In their latest contact, they claim to have successfully attacked Ardyss[.]com and ArdyssLife[.]com, telling DataBreaches, “In…
Zack Whittaker reports: GPS tracking firm Hapn exposed the names of thousands of its customers due to a website bug, TechCrunch has learned. A security researcher alerted TechCrunch in late November to customer names and affiliations — such as the name of their workplace — spilling from one of Hapn’s servers, which TechCrunch has seen….
Gursimran Kaur Bakshi reports: In a summary judgment, Judge Phyllis Hamilton of the US District Court in Oakland, Northern District of California has found Israeli-mercenary’s surveillance firm NSO Group Technologies (also known as Q Cyber Technologies) liable for the hacking of Meta’s Whatsapp through its state-of-the-art military-grade malware Pegasus. The Court has found that NSO violated the Computer Fraud…
The Federal Trade Commission finalized an order requiring Marriott International, Inc. and its subsidiary Starwood Hotels & Resorts Worldwide LLC to implement a comprehensive information security program to settle charges that the companies failed to implement reasonable data security, which led to three large data breaches affecting more than 344 million customers worldwide. In a complaint first…
The hacker and forum owner known as “IntelBroker” announced that he and others breached Cisco systems and obtained source code and other valuable information. In a forum post where they offered “partial Cisco” data, they admit that a Cisco error had enabled them to access the data: In October 2024, Cisco accidentally left open their…
Solomon Klappholz reports: A major data breach at password manager firm LastPass in 2022 is still causing mayhem two years later, with cyber criminals using stolen information to carry out further attacks. According to data collated by crypto investigator ZachXBT, hackers stole $12.38 million in cryptocurrency from LastPass users on 16 and 17 December. The attackers drained…