In the News

Sensitive US military emails spill online

February 21, 2023 – The U.S. Department of Defense secured an exposed server on Monday that was spilling internal U.S. military emails to the open internet for the past two weeks.

The exposed server was hosted on Microsoft’s Azure government cloud for Department of Defense customers, which uses servers that are physically separated from other commercial customers and as such can be used to share sensitive but unclassified government data.[…]

Data Breaches That Have Happened in 2022 and 2023 So Far

February 9, 2023 – Apple, Meta, Twitter, and Samsung have all disclosed cybersecurity attacks this year. We track the latest data breaches.

Data breaches have been on the rise for a number of years, and sadly, this trend isn’t slowing down. The last year or so has been littered with thefts of sensitive information. Data breaches have affected companies and organizations of all shapes, sizes, and sectors, and they’re costing US businesses millions in damages..[…]

T-Mobile data breach exposes about 37 mln accounts

Januaray, 2023 (Reuters) – U.S. wireless carrier T-Mobile (TMUS.O) said on Thursday it was investigating a data breach that may have exposed 37 million postpaid and prepaid accounts, and hinted at incurring significant costs related to the incident.

It’s the second major cyberattack in less than two years and comes months after the carrier agreed to upgrade its data security to settle a litigation related to a 2021 incident that compromised information of an estimated 76.6 million people[…]

Five Guys Data Breach Puts HR Data Under a Heat Lamp

January 4, 2023 – Job applicants could face a raft of follow-on attacks after cyber intruders accessed their data in an opportunistic attack.

The Five Guys burger empire has been hit with what appears to be a “smash-and-grab” operation: Cyberattackers busted into a file server and made off with the personally identifiable information (PII) of people who applied to work at the chain.[…]

Uber suffers new data breach after attack on vendor, info leaked online

December 12, 2022 – Uber has suffered a new data breach after a threat actor leaked employee email addresses, corporate reports, and IT asset information stolen from a third-party vendor in a cybersecurity incident.[…]

American Airlines says data breach affected some customers, employees

Sept 20 (Reuters) – American Airlines Inc (AAL.O) on Tuesday confirmed a data breach and said while an “unauthorized actor” gained access to personal information of a small number of customers and employees through a phishing campaign, there was no evidence of data misuse.

Shares of the carrier, the latest U.S. company to suffer a cyber attack, fell 2.6% in afternoon trade. Recently, Uber Technologies Inc (UBER.N) and Take-Two Interactive Software Inc also disclosed similar breaches, leaving investors and customers worried about data security..[…]

Hotel giant Marriott confirms yet another data breach

July 6, 2022 – Hotel group Marriott International has confirmed another data breach, with hackers claiming to have stolen 20 gigabytes of sensitive data, including guests’ credit card information.

The incident, first reported by Databreaches.net, is said to have happened in June when an unnamed hacking group claimed they used social engineering to trick an employee at a Marriott hotel in Maryland into giving them access to their computer.[…]

Cognizant with 300k Employees Confirms the Leaking of Name, SSN, Credit Cards, & Passport Data

June 18, 2020 – A couple of months ago, IT service giant Cognizant revealed that it was the victim of a severe ransomware incident. Now, experts from a cyber security course mention that the company also suffered a significant unencrypted data breach as a result of the encryption malware attack[…]

MGM Resorts Data Breach Exposes Personal Information Of 10.6 Million Guests

February 20, 2020 – Were you hacked at your last stay at an MGM Grand property? Personal data details of some 10.6 million guests was reportedly posted on a hacker forum this week[…]

Mastercard: Why A Truly Connected Economy Needs A New Security Paradigm

February 7, 2020  – In the fully connected world that appears to be on the horizon, day by day and even second by second, there are going to be transactions and micro-transactions that a consumer has authorized — but isn’t directly aware of. That will require an entirely new set of standards for authorizing and securing transactions[…]

Guess what? GDPR enforcement is on fire!

February 3, 2020 – You read that right: GDPR enforcement is on fire! While fines are not always particularly high, our analysis shows that, in terms of volume, data protection authorities (DPAs) are rapidly increasing their GDPR enforcement[…]

Amazon Engineer Leaked Private Encryption Keys. Outside Analysts Discovered Them in Minutes

January 22, 2020 – An Amazon Web Services (AWS) engineer last week inadvertently made public almost a gigabyte’s worth of sensitive data, including their own personal documents as well as passwords and cryptographic keys to various AWS environments[…]

Capital One Data Breach Hacked

July 29, 2019 – A software engineer, facing federal charges in Seattle, was accused of gaining access to 140,000 Social Security numbers and 80,000 bank account numbers[..].

Britain Looks to Levy Record GDPR Fine Against British Airways

July 8, 2019 – British Airways is facing a £183 million (US$229 million) fine for a June 2018 data breach — the largest fine to date under the European Union’s General Data Protection Regulation (GDPR).