Updated May 3: Avos Locker subsequently added the university to its leak site with a message: “1.2 TB data from a college with cyber insurance policy that doesn’t care about protecting students. Management is a circus attempting to identify breach (good luck) and lying to students and media about the severity. We’ll continue attacking for…
Category: Hack
The Untold Story of the Boldest Supply-Chain Hack Ever
Kim Zetter has a fascinating piece on the run-up to the SolarWinds attack. Here’s a snippet: In fact, the Justice Department and Volexity had stumbled onto one of the most sophisticated cyberespionage campaigns of the decade. The perpetrators had indeed hacked SolarWinds’ software. Using techniques that investigators had never seen before, the hackers gained access…
T-Mobile discloses second data breach since the start of 2023
Sergiu Gatlan reports: T-Mobile disclosed the second data breach of 2023 after discovering that attackers had access to the personal information of hundreds of customers for more than a month, starting late February 2023. Compared to previous data breaches reported by T-Mobile, the latest of which impacted 37 million people, this incident affected only 836 customers….
Bits ‘n Pieces (Trozos y Piezas)
CL: Saville Row attacked by BlackCat Saville Row, a Chilean clothing store, was added to BlackCat’s leak site on April 21. Sample files provided by the threat actors included internal Saville Row documents such as invoices and purchase orders. DataBreaches found no notice of any incident on the store’s website or social networks. They did…
Amnesty International Australia Suffered a Data Breach in December, but Says Everything is Now Fine
Asha Barbaschow reports: On late Friday, Amnesty International Australia sent an email to supporters informing them their data may be at risk due to “anomalous activity” detected in its IT environment. While the email went out very late in the day/week, it also went out a very long time after the activity was found. The email, sighted by Gizmodo…
Some ‘sensitive information’ potentially compromised: Diocese of Las Vegas reports cybersecurity breach
Alyssa Roberts reports: The Diocese of Las Vegas on Friday announced a cybersecurity breach that potentially compromised “sensitive information of its volunteers, parishioners, donors and other stakeholders,” a news release states. A spokesperson noted there was “no indication that personal information has been misused,” but said the Diocese would notify those who may have been…