Solomon Klappholz reports: Snowflake has pinned the blame on a series of high-profile data breaches in recent days on customers failing to adequately secure production environments by using two-factor authentication. In a statement on 2 June 2024, Snowflake CISO Brad Jones pushed back on claims that major data breaches involving Ticketmaster and Santander were caused by a vulnerability or misconfiguration in Snowflake’s platform. […] Cyber crime intelligence…
Category: Hack
Santander customers’ private data put up for sale for $2m by hackers
The Guardian reports: Hackers are attempting to sell confidential information including the bank and credit card numbers of millions of Santander customers to the highest bidder. ShinyHunters posted an advert on a hacker forum for the data, which it says also includes staff HR details, with an asking price of $2m (£1.6m). It is the…
Hacked? Ticketmaster’s terrible, horrible, no good, very bad week just got worse
On May 23, the U.S. Department of Justice, joined by 29 state attorneys general and the District of Columbia, sued Live Nation Entertainment and its wholly-owned subsidiary, Ticketmaster, for violating the Sherman Antitrust Act. In his prepared remarks, Attorney General Garland said In recent years, Live Nation-Ticketmaster’s exorbitant fees and technological failures have been criticized…
Sav-Rx notifies 2.8 million patients of October 2023 data breach
A&A Services, which does business as Sav-Rx, is notifying 2,812,336 patients of a hacking incident in October 2023. According to its submissions to the California and Maine attorneys general, Sav-Rx detected an interruption to their network on October 8, 2023. By the next day, their IT systems were restored and prescriptions were shipped on time…
More than 540,000 patients notified so far about Cencora/Lash Group data breach (9)
– Only partial numbers so far – Only partial list of clients so far – No group has as yet claimed responsibility for the hack and data exfiltration As the week draws to a close, clients of Cencora and The Lash Group have been submitting breach notifications to state attorneys general. DataBreaches reported in February…
Sg: Software firm fined $74k for data breach caused by weak password; half a million users affected
Ang Qing reports from Singapore: A company running online language lessons for children around the world used a password based on its website name, LingoAce, making it vulnerable to the data breach that resulted. More than half a million users were affected. Among personal data compromised were the cellphone numbers, bank account numbers, signatures and…