Dan Goodin reports: The support team for 3CX, the VoIP/PBX software provider with more than 600,000 customers and 12 million daily users, was aware its desktop app was being flagged as malware, but decided to take no action for a week when it learned it was on the receiving end of a massive supply chain attack,…
Category: Business Sector
Data of 2 million Dutch people leaked, software supplier taken to court
More on a breach noted earlier today that affected 780,000 railway users. Now NU.nl reports that a software firm is being taken to court by one of the marketing firms affected (machine translation): The personal data of about two million Dutch people have been exposed in recent days due to a data breach. It concerns a…
Hackers compromise 3CX desktop app in a supply chain attack
Sergiu Gatlan reports: A digitally signed and trojanized version of the 3CX Voice Over Internet Protocol (VOIP) desktop client is reportedly being used to target the company’s customers in an ongoing supply chain attack. 3CX is a VoIP IPBX software development company whose 3CX Phone System is used by more than 600,000 companies worldwide and…
ChatGPT Suffers First Data Breach, Exposes Personal Information
Dom Nicastro reports: OpenAI’s ChatGPT has suffered its first major personal data breach. The breach came during a March 20 outage and exposed payment-related and other personal information of 1.2% of the ChatGPT Plus subscribers who were active during a specific nine-hour window, according to a blog post by OpenAI Friday, March 24. “In the hours before we…
So you leaked data on BreachForums, but weren’t the hacker? Can you be prosecuted for leaking?
In the wake of the arrest of “Pompompurin,” BreachForums’ self-proclaimed owner and moderator, DataBreaches has been contacted by a number of anxious folks who want to know if they are at risk of being arrested for their own actions. Obviously, DataBreaches is not a lawyer or any kind of authority and can’t provide any assurances. …
NYS Secures $200,000 from Law Firm for Failing to Protect New Yorkers’ Personal Data
NYS Attorney General Letitia James announced a settlement: New York Attorney General Letitia James secured $200,000 from the law firm, Heidell, Pittoni, Murphy & Bach LLP (HPMB) for failing to protect New Yorkers’ personal and healthcare data. HPMB’s poor data security measures made it vulnerable to a 2021 data breach that compromised the private information of approximately…