Since July of 2022, DataBreaches has been reporting on the case of Sébastien Raoult, a young French national detained in Morocco on an Interpol Red Notice requested by the U.S. for alleged involvement in ShinyHunters. Yesterday, Morocco’s Court of Cassation notified Raoult that they signed the order for his extradition to the U.S. According to…
Category: Business Sector
Hackers stole data from multiple electric utilities in recent ransomware attack
Sean Lyngaas reports: Hackers stole data belonging to multiple electric utilities in an October ransomware attack on a US government contractor that handles critical infrastructure projects across the country, according to a memo describing the hack obtained by CNN. […] The ransomware attack hit Chicago-based Sargent & Lundy, an engineering firm that has designed more…
Vendor Claims to Have Scraped 400M Twitter User Records (with UPDATE 1)
Perhaps the top story this past week involves a sales offering on a popular hacking-related forum. The seller, who first joined the forum in December, has listed information on 400 million Twitter users for sale. No price is specified in the listing. The data, that were allegedly scraped due to a vulnerability, include email, name,…
Claimant to Maintain Anonymity in English High Court Cyber Attack Case
Hunton Andrews Kurth writes: On December 20, 2022, the English High Court has granted the victim of a cyber attack a permanent injunction against cyber attackers whilst the victim organization maintains its anonymity. Generally, a claimant’s identity is public in English court proceedings. Injunctions can be made against unknown and unidentifiable defendants enabling them to…
Update to LastPass incident: Customers should read it
From an update from LastPass: Based on our investigation to date, we have learned that an unknown threat actor accessed a cloud-based storage environment leveraging information obtained from the incident we previously disclosed in August of 2022. While no customer data was accessed during the August 2022 incident, some source code and technical information were…
Sports betting operator BetMGM hit by data breach
Aishwarya Nair reports: Sports betting service BetMGM said on Wednesday personal information of its customers were obtained in an unauthorized manner, but did not specify the number of users affected. The issue affected customer information such as name, contact information, date of birth, hashed Social Security number, account identifiers and information related to transactions with…