Amanda St. Hilaire reports: The Department of Workforce Development says Wisconsin was one of several states to detect “unauthorized intrusions of state UI data originating from Japan, South Korea, Russia, and inside the U.S.” A spokesperson says the department believes the cyber attack or attacks were able to access 116 active unemployment accounts. Fischer said…
Search Results for: credential stuffing
NY Attorney General James Gets Dunkin’ to Fill Holes in Security, Reimburse Hacked Customers
New York Attorney General Letitia James today announced a settlement with Dunkin’ Brands, Inc. (Dunkin’) — franchisor of Dunkin’ Donuts — resolving a lawsuit over the company’s failure to respond to successful cyberattacks that compromised tens of thousands of customers’ online accounts. The settlement requires the company to notify customers impacted in the attacks, reset those customers’…
University of Missouri Health Care discloses 2019 breach
University of Missouri Health Care (MU Health Care) has today disclosed a breach that occurred in September 2019. According to a notification on their site, on September 21, 2019, they became aware that the email accounts of some students who had been seen by their health care system had been accessed without authorization. Those email…
Over 500,000 Zoom accounts sold on hacker forums, the dark web
Lawrence Abrams reports: Over 500 hundred thousand Zoom accounts are being sold on the dark web and hacker forums for less than a penny each, and in some cases, given away for free. These credentials are gathered through credential stuffing attacks where threat actors attempt to login to Zoom using accounts leaked in older data…
Detroit officials warn data breach exposed city workers, residents
Charles E. Ramirez reports: The city is offering free credit monitoring to its employees in the wake of a data breach in its email system, officials said Thursday. The city’s Chief Information Officer Beth Niblock said the breach happened Jan. 16 and fewer than 10 email accounts were affected. Some of the accounts contained sensitive information and the…
Accounting firm notifies clients affected by Citrix Shareful incident
In December, 2018, Citrix forced a password reset for some of its clients due to what appeared to be a credential stuffing attack against ShareFile. But did some customers first find out about it March? On April 16, external counsel for LD Evans, CPA provided notification that began; On March 4, 2019, LD Evans learned…