Breach
Oracle denies breach after hacker claims theft of 6 million data records
Oracle denies it was breached after a threat actor claimed to be selling 6 million data records allegedly stolen from the company’s Oracle Cloud federated SSO login servers. “There has been no breach of Oracle Cloud. The published credentials are not for the Oracle Cloud. No Oracle Cloud customers experienced a breach or lost any […]
Pennsylvania education union data breach hit 500,000 people
The Pennsylvania State Education Association (PSEA), the largest public-sector union in Pennsylvania, is notifying over half a million individuals that attackers stole their personal information in a July 2024 security breach. The union represents over 178,000 education professionals, including teachers, support staff, higher education personnel, nurses, retired educators, and future teachers. “PSEA experienced a security […]
Polish Space Agency offline as it recovers from cyberattack
The Polish Space Agency (POLSA) has been offline since it disconnected its systems from the Internet over the weekend to contain a breach of its IT infrastructure. After detecting the attack, the agency reported the incident to relevant authorities and launched an investigation to assess its impact. “There has been a cybersecurity incident at POLSA. The […]
Rubrik rotates authentication keys after log server breach
Rubrik disclosed last month that one of its servers hosting log files was breached, causing the company to rotate potentially leaked authentication keys. The company has confirmed to GeekFeed that the breach was not a ransomware incident and that it did not receive any communication from the threat actor. Rubrik is a cybersecurity company that […]
Belgium probes if Chinese hackers breached its intelligence service
The Belgian federal prosecutor’s office is investigating whether Chinese hackers were behind a breach of the country’s State Security Service (VSSE). Chinese state-backed attackers reportedly gained access to VSSE’s external email server between 2021 and May 2023, siphoning around 10% of all emails sent and received by the agency’s staff. The compromised server was only […]
Australian IVF giant Genea breached by Termite ransomware gang
The Termite ransomware gang has claimed responsibility for stealing sensitive healthcare data in a recent breach of Genea, one of Australia’s largest fertility services providers. The IVF (in vitro fertilization) provider has been operating since 1986 (when it was known as Sydney IVF). It offers a wide range of services, including fertility treatments, tests, genetic services, preservation options, […]
Black Basta ransomware gang’s internal chat logs leak online
An unknown leaker has released what they claim to be an archive of internal Matrix chat logs belonging to the Black Basta ransomware operation. ExploitWhispers, the individual who previously uploaded the stolen messages to the MEGA file-sharing platform, which are now removed, has uploaded it to a dedicated Telegram channel. It’s not yet clear if ExploitWhispers […]
Venture capital giant Insight Partners hit by cyberattack
New York-based venture capital and private equity firm Insight Partners has disclosed that its systems were breached in January following a social engineering attack. The company manages over $90 billion in regulatory assets and has invested in over 800 software and technology startups and companies worldwide during its 30 years of activity. In a statement […]
Lee Enterprises newspaper disruptions caused by ransomware attack
Newspaper publishing giant Lee Enterprises has confirmed that a ransomware attack is behind ongoing disruptions impacting the group’s operations for over two weeks. As a local news provider and one of the largest newspaper groups in the United States, Lee publishes 77 daily newspapers and 350 weekly and specialty publications across 26 states. Its newspapers […]
PostgreSQL flaw exploited as zero-day in BeyondTrust breach
Rapid7’s vulnerability research team says attackers exploited a PostgreSQL security flaw as a zero-day to breach the network of privileged access management company BeyondTrust in December. BeyondTrust revealed that attackers breached its systems and 17 Remote Support SaaS instances in early December using two zero-day bugs (CVE-2024-12356 and CVE-2024-12686) and a stolen API key. Less than one […]