ShinyHunters
McGraw-Hill confirms data breach following extortion threat
Education company McGraw-Hill has confirmed in a statement to GeekFeed that hackers exploited a Salesforce misconfiguration and accessed its internal data. The company assured that the breach did not affect its Salesforce accounts, customer databases, or internal systems, and that the amount of exposed data is limited and non-sensitive. “McGraw-Hill recently identified unauthorized access to […]
Stolen Rockstar Games analytics data leaked by extortion gang
Rockstar Games has suffered a data breach linked to a recent security incident at Anodot, with the ShinyHunters extortion gang now leaking the stolen data on its data leak site. The threat actors claim the data was taken from Snowflake environments using authentication tokens stolen during a recent Anodot security incident. They have now published what […]
Snowflake customers hit in data theft attacks after SaaS integrator breach
Over a dozen companies have suffered data theft attacks after a SaaS integration provider was breached and authentication tokens stolen. While numerous cloud storage and SaaS vendors were targeted using the stolen tokens, GeekFeed has learned that the majority of the data theft attacks targeted the cloud data platform Snowflake. Snowflake confirmed “unusual activity” to GeekFeed, […]
Hims & Hers warns of data breach after Zendesk support ticket breach
Telehealth giant Hims & Hers Health is warning that it suffered a data breach after support tickets were stolen from a third-party customer service platform. Hims & Hers is an American telehealth company specializing in the direct-to-consumer healthcare space, providing subscription-based treatments for hair loss, ED, mental health, skincare, weight loss, and other conditions or […]
CERT-EU: European Commission hack exposes data of 30 EU entities
The European Union’s Cybersecurity Service (CERT-EU) has attributed the European Commission cloud hack to the TeamPCP threat group, saying the resulting breach exposed the data of at least 29 other Union entities. The European Commission publicly disclosed the incident on March 27 after GeekFeed reached out for confirmation that the Amazon cloud environment of the European Union’s main executive […]
European Commission confirms data breach after Europa.eu hack
The European Commission has confirmed a data breach after its Europa.eu web platform was hacked in a cyberattack claimed by the ShinyHunters extortion gang. GeekFeed first reported on Friday that this breach affects at least one of the Commission’s AWS (Amazon Web Services) accounts. The Commission says the attack didn’t disrupt any Europa websites and that its […]
Infinite Campus warns of breach after ShinyHunters claims data theft
Infinite Campus, a widely used K-12 student information system, is warning customers of a data breach following an extortion attempt by a threat actor. In the breach notification sent to customers, Infinite Campus states that hackers accessed an employee’s Salesforce account, exposing information that was mostly publicly available. The company has not published an official […]
Aura confirms data breach exposing 900,000 marketing contacts
Identity protection company Aura has confirmed that an unauthorized party gained access to nearly 900,000 customer records containing names and email addresses. The company states that the incident was caused by a voice phishing attack targeting an employee, which exposed the sensitive data of 20,000 current and 15,000 former customers. In a communication this week, Aura […]
Telus Digital confirms breach after hacker claims 1 petabyte data theft
Canadian business process outsourcing giant Telus Digital has confirmed it suffered a security incident after threat actors claimed to have stolen nearly 1 petabyte of data from the company in a multi-month breach. Telus Digital is the digital services and business process outsourcing (BPO) arm of Canadian telecommunications provider Telus, providing customer support, content moderation, AI […]
Wynn Resorts confirms employee data breach after extortion threat
Wynn Resorts has confirmed that a hacker stole employee data from its systems after the company was listed on the ShinyHunters extortion gang’s data leak site. In a statement shared today, the company said it activated its incident response procedures and launched an investigation, with assistance from external cybersecurity experts, after discovering the breach. “We […]