Mage Data strengthens its data security posture with the ISO 27001 certification. READ MORE >


Binance Bridge hit by $560 million hack

  • Hackers have exploited a cross-chain bridge to divert more than $560 million worth of cryptocurrency from Binance Bridge.
  • “An exploit on a cross-chain bridge, BSC Token Hub, resulted in extra BNB. We have asked all validators to temporarily suspend BSC. The issue is contained now. Your funds are safe. We apologize for the inconvenience and will provide further updates accordingly,” Binance CEO Changpeng Zhao said.
  • According to Zhao, the overall impact of the hack is of around $100 million worth of BNB. However, the attackers’ wallet reportedly received two transactions of 1,000,000 BNB each, worth a total of more than $560 million.
  • Soon after, the hackers started transferring funds to other cryptocurrency wallets, including over $50 million to Etherium and roughly the same amount to Fantom.


Insurance giant Lloyd’s of London investigating cybersecurity incident

  • Insurance giant Lloyd’s of London is investigating a cybersecurity incident that has forced it to disconnect some systems.
  • The company says it has detected unusual activity and decided to ‘reset’ its network and systems as a precaution. It shut down all external connectivity, including its delegated authority platforms, in response to the incident.
  • The company has not shared any details, but the actions taken in response to the incident suggest that it may have been targeted in a ransomware attack.


Personal information of 123K individuals exposed in city of Tucson data breach

  • The City of Tucson, Arizona, is notifying roughly 123,000 individuals that their personal information was compromised in a recent data breach.
  • In a data breach notice on its website, the city says that the incident was the result of compromised network account credentials that allowed the attackers to access files containing the personal information of some individuals.
  • The exposed data included name, Social Security number, driver’s license number, state identification number, and passport number.


State Bar of Georgia notifies members and employees of cybersecurity incident

  • Current and former employees and members are being offered complimentary credit monitoring and identity protection services as some personal information may have been accessed.
  • Since learning of the incident, the State Bar worked to restore its systems safely and resume normal operations.
  • The State Bar investigated the incident, and a third-party cybersecurity firm was engaged to assist in that investigation. Law enforcement and regulators were notified.
  • The investigation revealed that an unauthorized person gained access to the State Bar systems. Through its investigation, the State Bar determined that some personal information of its current and former employees as well as its members may have been subject to unauthorized access.


Russian-speaking hackers knock US state government websites offline

  • The Kentucky Board of Elections’ website, which posts information on how to register to vote, was also temporarily offline, but it was not immediately clear what caused that outage.
  • The board of elections’ website is also managed by the Kentucky government, though the hackers did not specifically list the board as a target.
  • The board of elections’ website is also managed by the Kentucky government, though the hackers did not specifically list the board as a target.


Australia’s data breaches continue with Telstra’s third-party supplier hacked

  • Australia’s largest telecoms firm Telstra revealed on Tuesday it was hit by a “small data breach” caused by one of its third–party suppliers being hacked.
  • Writing in a blog post (and on social media), Narelle Devine, chief information security officer for Asia Pacific at Telstra, stated that there was no direct breach of the company’s systems, and no customer account data was involved.
  • “Critically, there was no breach of any Telstra systems, and no customer account information was stored on the third–party platform,” the executive wrote.
  • According to the blog post, the data posted on the internet by the hackers who stole it was from 2017 and was “basic in nature.” Telstra said only names (first and last) and email addresses used to sign up to the employee rewards program were impacted.