SaaS
Louis Vuitton, Dior, and Tiffany fined $25 million over data breaches
South Korea has fined luxury fashion brands Louis Vuitton, Christian Dior Couture, and Tiffany $25 million for failing to implement adequate security measures, which facilitated unauthorized access and the exposure of data belonging to more than 5.5 million customers. All three brands are part of the Louis Vuitton Moët Hennessy (LVMH) group and suffered data […]
Google OAuth flaw lets attackers gain access to abandoned accounts
A weakness in Google’s OAuth “Sign in with Google” feature could enable attackers that register domains of defunct startups to access sensitive data of former employee accounts linked to various software-as-a-service (SaaS) platforms. The security gap was discovered by Trufflesecurity researchers and reported to Google last year on September 30. Google initially disregarded the finding as […]
BeyondTrust says hackers breached Remote Support SaaS instances
Story updated with statement from BeyondTrust. Privileged access management company BeyondTrust suffered a cyberattack in early December after threat actors breached some of its Remote Support SaaS instances. BeyondTrust is a cybersecurity company specializing in Privileged Access Management (PAM) and secure remote access solutions. Their products are used by government agencies, tech firms, retail and e-commerce entities, […]
Blue Yonder SaaS giant breached by Termite ransomware gang
The Termite ransomware gang has officially claimed responsibility for the November breach of software as a service (SaaS) provider Blue Yonder. Blue Yonder (formerly JDA Software and operating as a Panasonic subsidiary) is an Arizona-based worldwide supply chain software provider for retailers, manufacturers, and logistics providers. Its list of over 3,000 customers includes other high-profile […]