Bill Toulas reports: Patelco Credit Union warns customers it suffered a data breach after personal data was stolen in a RansomHub ransomware attack earlier this year. Though the organization did not name the attackers, the RansomHub gang claimed responsibility on August 15, 2024, when they published all of the stolen data on their extortion portal….
Category: Financial Sector
Third-party breach resulted in Singapore Moneylenders Credit Bureau being leaked by GhostR (UPDATED)
Threat actors known as GhostR claim to have stolen more than 50 GB of files on loan borrowers from the Singapore MLCB (the Moneylenders Credit Bureau). They have offered some of the data as a leak on a popular hacking forum and provided proof of claims in the form of copies of completed loan applications:…
Evolve Bank & Trust Notice of Data Breach
MEMPHIS, Tenn., July 8, 2024 (Newswire.com) – As recently announced on the Evolve Bank & Trust (“Evolve” or “we”) website, Evolve was recently subject to a cybersecurity incident. Today, Evolve is beginning the process of notifying individuals whose personal information was affected. We deeply regret any inconvenience or concern this incident may cause. The security of our…
ShinyHunters Leak What They Claim Are 33M Twilio Authy Phone Numbers, Neiman Marcus and Truist Bank Data
Waqas reports: ShinyHunters hackers have taken responsibility for three high-profile data breaches involving Neiman Marcus, Truist Bank, and Twilio Authy, compromising personal details of millions of users and tens of thousands of employees. The infamous ShinyHunters hacking group, known for their recent Ticketmaster data breach, has struck again with a series of new attacks. This time,…
Santander customers’ private data put up for sale for $2m by hackers
The Guardian reports: Hackers are attempting to sell confidential information including the bank and credit card numbers of millions of Santander customers to the highest bidder. ShinyHunters posted an advert on a hacker forum for the data, which it says also includes staff HR details, with an asking price of $2m (£1.6m). It is the…
SEC amends Reg S-P to require data breach notification within 30 days
Aaron Nicodemus reports: The Securities and Exchange Commission (SEC) will require broker-dealers and registered investment advisers to adopt written policies and procedures for handling data breaches of customer data and notify affected customers within 30 days. On Thursday, the SEC approved amendments to Regulation S-P, known as the safeguards rule. The rule requires covered entities to…