Tom Pullar-Strecker reports: Police are axing their contract with Auckland research firm Gravitas after information they sent the firm about police complainants was lost in a Nigerian hack. Assistant commissioner Jevon McSkimming announced earlier this month – without naming the company – that Gravitas had alerted Police to the data breach and had also reported it…
Category: Hack
Data Breach at Crypto Wallet Firm Ledger Exposes User’s Personal Info
Mohammad Musharraf reports: Major cryptocurrency hardware wallet provider Ledger has alerted customers to a data breach it faced in June and July. In an email on July 29, the company said it was made aware of the breach on July 14 when a researcher participating in its bounty program reached out with details of a…
Hackers stole GitHub and GitLab OAuth tokens from Git analytics firm Waydev
Catalin Cimpanu reports: Waydev, an analytics platform used by software companies, has disclosed a security breach earlier this month. The company says that hackers broke into its platform and stole GitHub and GitLab OAuth tokens from its internal database. Read more on ZDNet.
Hiscox Hack Suit Advances as Warden Grier Loses Dismissal Bid
Julia Weng reports: Hiscox Insurance Co. Inc. can move forward with claims against Warden Grier LLP, which lost a bid to dismiss allegations that fault the law firm’s handling of a hack that exposed the insurer’s data. Read more on Bloomberg. As reported on DataBreaches.net in 2018, thedarkoverlord (“TDO”) had started leaking what they claimed…
Ongoing Meow attack has nuked >1,000 databases without telling anyone why
In March, thousands of elastic search installations were wiped out and all that was left was a calling card, “NightLionSecurity.com.” Now there’s a new round of attacks using a “Meow” calling card as they wipe out ElasticSearch and MongoDB databases. Dan Goodin reports: More than 1,000 unsecured databases so far have been permanently deleted in…
278k Instacart customer records reportedly hacked, includes order history
Ben Lovejoy reports: Some 278,531 Instacart customer records have reportedly been hacked, and are for sale on the dark web. The data includes names, email addresses, the last four digits of credit card numbers, and order histories … Instacart denies that there has been any breach, and says that if any data is real, it didn’t come…