< ciso
brief />
Tag Banner

All news with #data breach tag

785 articles · page 9 of 40

Booking.com Data Breach Prompts Reservation PIN Resets

🔒 Booking.com confirmed that unauthorized parties accessed booking information associated with some reservations. The company says it immediately forced PIN resets for affected current and past bookings and directly emailed impacted users with updated reservation PINs and guidance. Compromised fields may include full names, email and postal addresses, phone numbers, and communications with property providers. Booking.com warned customers to be vigilant for phishing and noted that app notifications were not sent, which has caused confusion.
read more →

Protecting Privacy and Security in Smart Sex-Toy Apps

🔒 This article explains privacy and security risks associated with smart sex‑toy apps and companion services, focusing on realistic threats such as data collection, account compromise, and server-side access rather than rare remote device takeovers. It outlines practical mitigations — create anonymous accounts, avoid social logins, limit app permissions, use a strong unique password with two‑factor authentication, and keep software updated. The guidance emphasizes minimizing shared personal data and avoiding identifiable media to reduce risks like stalking, blackmail, and targeted profiling.
read more →

Hungarian government email passwords exposed before election

🔐An analysis by Bellingcat found passwords for almost 800 Hungarian government email accounts circulating online, many tied to national-security roles. The exposure affected 12 of 13 government departments and involved weak, easily guessed credentials such as variations of "Password", sequences like "1234567", and simple surnames. The leaks reflect poor email hygiene rather than a sophisticated intrusion, and experts urge stronger credential practices including password managers and passkeys. Security teams are urged to deploy enterprise controls and regular training to prevent similar exposures.
read more →

EngageLab SDK Flaw Exposed Millions of Android Users

🔒 Microsoft Defender disclosed a patched vulnerability in the EngageLab SDK that could allow co‑located apps on an Android device to bypass the system sandbox and access private app data. The issue, introduced in version 4.5.4 and characterized as an intent redirection vulnerability, affected many cryptocurrency and wallet apps—wallet installations exceeded 30 million and total installs topped 50 million. EngageLab released version 5.2.1 in November 2025 after a responsible disclosure in April 2025; detected vulnerable apps were removed from Google Play and developers are urged to update immediately.
read more →

Smart Slider update system hijacked to push malware

🔒 Smart Slider 3 Pro update infrastructure was hijacked to push a malicious 3.5.1.35 release to WordPress and Joomla sites. The tampered update preserved normal slider functionality while installing multiple backdoors, creating a hidden administrator account, and exfiltrating credentials. The vendor urges immediate upgrade to 3.5.1.36 (or restoring to 3.5.1.34 or earlier) and advises treating affected sites as fully compromised.
read more →

When Attackers Already Have the Keys — MFA is Not Enough

🔒 The Figure breach exposed 967,200 email records without a single exploit, creating a large inventory adversaries can immediately weaponize for credential stuffing, AI-driven phishing, and help-desk social engineering. The article argues these exposures are operational inputs, not static data, and that common MFA methods — push notifications, SMS, and TOTP — are vulnerable to real-time relay (AiTM) attacks and MFA fatigue. Fixing the problem is architectural, not purely educational: effective defence requires cryptographic origin binding, hardware-bound private keys, and live biometric verification simultaneously.
read more →

Bitcoin Depot Reports $3.6M Theft After System Breach

🔒 Bitcoin Depot detected unauthorized access to parts of its corporate IT environment on March 23, which allowed attackers to use compromised credentials tied to digital asset settlement accounts. Threat actors transferred 50.903 Bitcoin (approximately $3.66m) out of company-controlled wallets before the activity was blocked. The company says customer-facing platforms and customer data were not affected, and operations have not been materially disrupted. External cybersecurity specialists and law enforcement are assisting the ongoing investigation.
read more →

Eurail Data Breach Exposes Personal Details of 308,777

🚆 Eurail says attackers stole personal information for over 300,000 customers after an unauthorized transfer of files from its network on December 26, 2025. The company disclosed the incident publicly in February and notified affected individuals by letter on March 27, reporting that records contained names, passport numbers and other sensitive identifiers. A sample of the stolen data was posted on Telegram and put up for sale on the dark web; Eurail advises customers to update Rail Planner passwords, reset reused passwords elsewhere, monitor bank accounts, and watch for phishing and suspicious transactions.
read more →

Bitcoin Depot Breach: $3.66M Stolen from Company Wallets

🪙 Bitcoin Depot confirmed on March 23, 2026 that an unauthorized actor accessed portions of its corporate IT environment and transferred approximately 50.903 BTC (about $3.665 million) from company-controlled wallets. The operator of more than 25,000 Bitcoin ATMs said it promptly activated incident response protocols, engaged external cybersecurity experts, and notified law enforcement while believing customer platforms and systems were not affected. On April 6, the company declared the incident material and warned that its cyber insurance may not cover all losses as the investigation continues.
read more →

Google API Key Flaw Exposes Mobile Apps to Gemini Access

🔒 A flaw in Google's API key model has allowed embedded Android app keys to gain silent access to the Gemini AI endpoints when the API is enabled in a project. CloudSEK's April 8 advisory found 32 active keys across 22 apps with more than 500 million installs and demonstrated retrieval of user-uploaded audio via the Gemini Files API. Developers should immediately audit projects, rotate exposed keys and apply strict API restrictions.
read more →

FBI: Americans Lost $21B to Cybercrime in 2025 - Record High

📈 The FBI reports U.S. victims lost a record $21 billion to cyber-enabled crime in 2025, a 26% rise from 2024, as the Internet Crime Complaint Center (IC3) logged more than one million complaints. Losses were led by investment fraud, business email compromise, tech-support scams, and data breaches, while cryptocurrency-related fraud topped $11 billion. The report includes 22,300 AI-related scam complaints totaling $893 million and shows seniors over 60 suffered disproportionately. The FBI says proactive interventions, including 3,900 Financial Fraud Kill Chain actions and Operation Level Up, helped freeze $679 million and alert thousands of likely victims; it urges verification before sending funds and reporting incidents to ic3.gov.
read more →

Snowflake Customers Targeted After SaaS Integrator Breach

🔐 Over a dozen companies experienced data theft after attackers used stolen authentication tokens from a breached SaaS integrator to access cloud accounts. The majority of observed incidents targeted Snowflake, which reported "unusual activity" and said a small number of customer accounts were impacted. Snowflake emphasized that its systems were not compromised and that it locked down potentially affected accounts and notified customers. BleepingComputer sources point to an alleged breach at Anodot, and the extortion gang ShinyHunters claims responsibility.
read more →

Telehealth Risks in 2026: Medical Data and AI Scams

🔒 Telehealth offers fast, convenient access to care but creates persistent medical records that are highly valuable to criminals. Stolen health data — from diagnoses and prescriptions to insurance IDs and test results — often fetches far more than payment or social-login credentials and enables extortion, fraud, and identity theft. The rise of AI-driven fake clinics and diagnostic tools makes realistic phishing and data-harvesting sites easier to create. Protect yourself by using a dedicated medical email, avoiding social sign-in, enabling 2FA, using clinic-provided encrypted portals, and keeping health devices patched.
read more →

Why Simple Breach Monitoring Is No Longer Enough in 2026

🔒 Organizations must move beyond checkbox breach monitoring to defend against fast-moving infostealers. Ran Geva (CEO, Webz.io & Lunar) warns that monthly scans and reliance on MFA, EDR, or zero-trust alone often miss stolen credentials, session cookies, and stealer logs. With 4.17 billion compromised credentials observed in 2025 and high breach costs, enterprises need continuous, forensic-grade monitoring, automated triage, and integrations that can reset credentials and invalidate sessions quickly.
read more →

Hims & Hers Discloses Zendesk Support Ticket Breach

🔒 Hims & Hers says support tickets were exfiltrated from its Zendesk instance after threat actors accessed a third-party customer service platform via a compromised Okta SSO account. The company reports the activity occurred Feb 4–7, 2026, was first noticed on Feb 5, and that an internal investigation concluded on March 3 that certain tickets were accessed or acquired without authorization. Potentially exposed information includes names, contact details, and other request-related data; the company states no medical records or doctor communications were affected and is offering 12 months of credit monitoring to impacted individuals.
read more →

Die Linke Confirms Data Stolen by Qilin Ransomware

🔒 Die Linke, a German democratic socialist party, has confirmed that the Russian-speaking ransomware group Qilin stole data from its network and is threatening to leak it. The party stated its membership database was not impacted, but attackers sought sensitive internal documents and employee personal information. Die Linke notified German authorities, filed a criminal complaint, and retained independent IT experts to restore affected systems. Qilin added the party to its leak site on April 1 but had not published any data samples.
read more →

Company Secretly Records and Publishes Public Zoom Meetings

📹 WebinarTV discovers public Zoom invites, joins meetings, secretly records the streams, and posts the videos on 404 Media. It does not use Zoom’s built‑in recording feature, so Zoom’s administrative controls and recording logs cannot detect or block these captures. This behavior raises significant privacy and consent concerns for organizers and participants of publicly announced meetings.
read more →

Drift Loses $285M in Solana Attack via Durable Nonces

🔐 Drift confirmed that attackers drained about $285 million from its Solana-based decentralized exchange on April 1, 2026, using pre-signed transactions tied to durable nonce accounts. The company says no smart-contract vulnerability or compromised seed phrases were involved; attackers instead obtained multisig approvals through sophisticated social engineering and pre-signed authorizations. Threat intelligence firms TRM Labs and Elliptic report on-chain indicators linking the heist to DPRK-associated actors, noting use of Tornado Cash, cross-chain bridging and rapid laundering. Drift is coordinating with security vendors, bridges, exchanges and law enforcement to trace and attempt to freeze funds.
read more →

CERT-EU: Commission cloud hack exposes 30 EU entities

🔐 CERT-EU attributed a cloud compromise of the European Commission to TeamPCP, saying attackers used a compromised AWS API key allegedly stolen in a Trivy supply‑chain incident to access the Commission’s cloud and harvest secrets. The intruders used TruffleHog to locate additional credentials, attached a new access key to an existing user to evade detection, and carried out reconnaissance before exfiltrating data. The stolen dataset was later posted by ShinyHunters as a 90GB archive (≈340GB uncompressed), and CERT-EU confirmed the theft includes tens of thousands of files with personal information. CERT-EU reported no websites were defaced and found no evidence of lateral movement between Commission AWS accounts.
read more →

Drift loses $280M after attacker seizes Security Council

🔒 The Drift Protocol lost approximately $280 million after an attacker obtained administrative control of its Security Council by leveraging durable nonce accounts and pre-signed transactions to delay execution and strike at a chosen time. Drift stresses that no programs or smart contracts were exploited and no seed phrases were compromised. Protocol functions are largely frozen while the team coordinates with security firms, exchanges, and law enforcement.
read more →