Data Leak
Checkmarx confirms LAPSUS$ hackers leaked its stolen GitHub data
Application security company Checkmarx has confirmed that the LAPSUS$ threat group leaked data stolen from its private GitHub repository. Although the investigation is ongoing, Checkmarx believes that the access vector was the Trivy supply-chain attack attributed to the hacker group known as TeamPCP. which provided access to credentials from downstream users. Using stolen credentials obtained from the Trivy […]
Data breach at edtech giant McGraw Hill affects 13.5 million accounts
The ShinyHunters extortion group has leaked data from 13.5 million McGraw Hill user accounts, stolen after breaching the company’s Salesforce environment earlier this month. Founded in 1909, McGraw Hill is a leading global educational publisher with annual revenue of $2.2 billion, which provides education content and solutions for PreK–12, higher education, and professional learning. The […]
Aura confirms data breach exposing 900,000 marketing contacts
Identity protection company Aura has confirmed that an unauthorized party gained access to nearly 900,000 customer records containing names and email addresses. The company states that the incident was caused by a voice phishing attack targeting an employee, which exposed the sensitive data of 20,000 current and 15,000 former customers. In a communication this week, Aura […]
Paint maker giant AkzoNobel confirms cyberattack on U.S. site
The multinational Dutch paint company AkzoNobel has confirmed to GeekFeed that hackers breached the network of one of its U.S. sites. Following a data leak from the Anubis ransomware gang, a company spokesperson said that the intrusion has been contained and that the impact is limited. “AkzoNobel has identified a security incident at one of […]
LexisNexis confirms data breach as hackers leak stolen files
American data analytics company LexisNexis Legal & Professional has confirmed to GeekFeed that hackers breached its servers and accessed some customer and business information. The company’s data breach confirmation comes as a threat actor named FulcrumSec leaked 2GB of files on various underground forums and sites. LexisNexis L&P is a global provider of legal, regulatory, […]
Olympique Marseille confirms ‘attempted’ cyberattack after data leak
French professional football club Olympique de Marseille has confirmed a cyberattack after a threat actor claimed on Monday that it breached the club’s systems earlier this month. Founded 126 years ago, Olympique Marseille competes in the Ligue 1, the top tier of the French football league system, and was the first French club to win […]
CarGurus data breach exposes information of 12.4 million accounts
The ShinyHunters extortion group has published personal information in more than 12 million records allegedly stolen from CarGurus, a U.S.-based digital auto platform. CarGurus is a publicly traded automotive research and shopping company that operates in the U.S., Canada, and the U.K. Its website has an estimated 40 million monthly visitors and helps people find, compare, and […]
Data breach at fintech firm Figure affects nearly 1 million accounts
Hackers have stolen the personal and contact information of nearly 1 million accounts after breaching the systems of Figure Technology Solutions, a self-described blockchain-native financial technology company. Founded in 2018, Figure uses the Provenance blockchain for lending, borrowing, and securities trading, and has unlocked over $22 billion in home equity with over 250 partners, including […]
Eurail says stolen traveler data now up for sale on dark web
Eurail B.V., the operator that provides access to 250,000 kilometers of European railways, confirmed that data stolen in a breach earlier this year is being offered for sale on the dark web. The company said that a threat actor also published a sample of the data on the Telegram messaging platform but it is still trying to […]
Man arrested for demanding reward after accidental police data leak
Dutch authorities arrested a 40-year-old man after he downloaded confidential documents that had been mistakenly shared by the police and refused to delete them unless he received “something in return.” Police detained the suspect at his Prinses Beatrixstraat residence in Ridderkerk on Thursday evening for computer hacking after the failed extortion attempt, searching his home and seizing […]