CL: Saville Row attacked by BlackCat Saville Row, a Chilean clothing store, was added to BlackCat’s leak site on April 21. Sample files provided by the threat actors included internal Saville Row documents such as invoices and purchase orders. DataBreaches found no notice of any incident on the store’s website or social networks. They did…
Category: Business Sector
TIC Hosting Solutions customer data leaked? What, if anything, happened there? (1)
DataBreaches has received a tip that TIC Hosting Solutions in Romania had a recent data breach affecting customer data. The tipster provided an .SQL database called “Galactic” as an example of data being leaked. The users table included usernames and email addresses, including one for “tichhosting.” This site was unable to reach TIC Hosting Solutions…
Many Public Salesforce Sites are Leaking Private Data
Brian Krebs reports: A shocking number of organizations — including banks and healthcare providers — are leaking private and sensitive information from their public Salesforce Community websites, KrebsOnSecurity has learned. The data exposures all stem from a misconfiguration in Salesforce Community that allows an unauthenticated user to access records that should only be available after logging…
Yellow Pages Canada confirms cyber attack as Black Basta leaks data
Update: On April 28, Yellow Pages issued a breach notification to employees affected by the breach. The notification reports that the types of information involved varied by individual and may have included name, email address, postal address, Social Insurance Number (where applicable), bank account information, emergency contact information, salary information, and date of birth. For…
Naivas Supermarket’s System Hacked, Data Stolen
Wycliffe Musalia reports that Kenya’s Naivas supermarket chain in Kenya has been the victim of a ransomware incident, but the chain assures customers that certain customer data such as payment card data was never at risk because it is not stored on their system. From the news report, it sounds like the company notified law…
Switch hacker Gary Bowser released from jail, will pay Nintendo 25-30% income ‘for the rest of his life’
Chris Scullion writes: Gary Bowser, the hacking group member who was convicted for creating and selling circumvention devices enabling users to play illegal backups on Switch and 3DS, has been released from prison early. Bowser was sentenced in February 2022 to 40 months in prison for his part as a member of a hacking group called Team-Xecuter, which in…