DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

Category: Commentaries and Analyses

Hackers Go on a Magento Attack Spree Using a Helpdesk Extension

Posted on December 29, 2017 by Dissent

Rafia Shaikh reports: Cybercriminals are targeting Magento sites running Mirasvit Helpdesk – a popular helpdesk extension. The extension enables site owners to add a “Chat with us” widget on their Magento shops. Mirasvit was vulnerable to security flaws that affect every version of the extension up until version 1.5.2. Security firm WebShield had first published details about these security…

Read more

A tale of three leaks, Wednesday edition

Posted on December 27, 2017 by Dissent

On December 6, DataBreaches.net was contacted by researchers who requested help notifying two entities that they were exposing health information due to misconfigured AWS S3 buckets.  They would turn out to be a delight to deal with, unlike a third entity that was also leaking information from a misconfigured S3 bucket. So let’s start with…

Read more

In November, I gave thanks for fewer breach reports

Posted on December 21, 2017 by Dissent

Protenus has released its monthly Breach Barometer, and the statistics for November were something to be thankful for – even if they turn out to be just a brief  break from the crush of breach reports we’ve seen every month. As Protenus reports, there were 28 incidents first disclosed during November. We were able to…

Read more

Encryption protected Golden Optometric patients’ EHR from CrySiS attack

Posted on December 20, 2017 by Dissent

It’s nice to read a notification where an entity had good defenses in place. Consider this notification from Golden Optometric in California: Early on the morning of November 6, 2017, the network server at Golden Optometric was infected with a variant of the “CrySiS” ransomware virus, which encrypted a limited number of files on its…

Read more

Banks Find (Some) Success Suing Over Data Breaches

Posted on December 20, 2017 by Dissent

Donna Wilson of Manatt, Phelps & Phillips, LLP writes: Banks continue to file suit against retailers, hoping to shift the costs of data breaches, with some recent success. What happened In January 2016, hackers accessed Eddie Bauer’s point-of-sale register system and installed malicious software that infected every Eddie Bauer store in the United States and…

Read more

In the wake of a breach: tips from the FTC

Posted on December 19, 2017 by Dissent

After the Equifax data breach, some people are considering placing a fraud alert, freeze, or lock on their credit file to help prevent identity thieves from opening new accounts in their name. To help consumers decide on a course of action, a Federal Trade Commission blog post, Fraud alert, freeze or lock after Equifax? FAQs,…

Read more
  • Previous
  • 1
  • …
  • 531
  • 532
  • 533
  • 534
  • 535
  • 536
  • 537
  • …
  • 876
  • Next

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • McDonald’s McHire leak involving ‘123456’ admin password exposes 64 million applicant chat records
  • Qilin claims attack on Accu Reference Medical Laboratory. It wasn’t the lab’s first data breach.
  • Louis Vuitton hit by data breach in Türkiye, over 140,000 users exposed; UK customers also affected (1)
  • Infosys McCamish Systems Enters Consent Order with Vermont DFR Over Cyber Incident
  • Obligations under Canada’s data breach notification law
  • German court offers EUR 5000 compensation for data breaches caused by Meta
  • Air Force Employee Pleads Guilty to Conspiracy to Disclose Unlawfully Classified National Defense Information
  • UK police arrest four in connection with M&S, Co-op and Harrods cyberattacks (1)
  • At U.S. request, France jails Russian basketball player Daniil Kasatkin on suspicion of ransomware conspiracy
  • Avantic Medical Lab hacked; patient data leaked by Everest Group

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • DeleteMyInfo Wins 2025 Digital Privacy Excellence Award from Internet Safety Council
  • TikTok Loses First Appeal Against £12.7M ICO Fine, Faces Second Investigation by DPC
  • German court offers EUR 5000 compensation for data breaches caused by Meta
  • How to Build on Washington’s “My Health, My Data” Act
  • Department of Justice Subpoenas Doctors and Clinics Involved in Performing Transgender Medical Procedures on Children
  • Google Settles Privacy Class Action Over Period Tracking App
  • ICE Is Searching a Massive Insurance and Medical Bill Database to Find Deportation Targets

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.