Mage Data strengthens its data security posture with the ISO 27001 certification. READ MORE >

About

Team

Partners

Data Privacy

Cross-Border Data Sharing

Data Security

Test Data Management

Database Security

Secure Digital Transformation

Overview

Sensitive Data Discovery

Static Data Masking

Dynamic Data Masking

Privacy Enhancing Technologies

Database Activity Monitoring

Data Subject Access Rights Automation

Datasheets

In the News

Business Use Cases

Whitepapers

Secure FactTM

Guides & E-Books

Blogs

Success Stories

Webinars

FAQ




CYBER SECURITY NEWS – WEEK OF MARCH 18, 2024


71 Million AT&T Customers Have Reportedly Had Their Data Leaked Including SSN Numbers, Birth Dates, & More

  • A massive trove of personal data impacting 71 million AT&T customers that was originally put up for sale in 2021 has been shared for free by a threat actor on an online forum.
  • The leaked data includes names, addresses, mobile phone numbers, date of birth, social security numbers and other internal information of AT&T customers.
  • AT&T has confirmed that it does not believe that it’s network was compromised in 2021. It is possible that a 3rd party partner of AT&T had their network compromised, leading to the leak of AT&T customer data.

*Source

 

French unemployment agency data breach impacts 43 million people

  • France Travail, formerly known as Pôle Emploi, the French governmental agency responsible for registering unemployed individuals, providing financial aid, and assisting them in finding jobs, is warning that hackers breached its systems and may leak or exploit personal details of an estimated 43 million individuals.
  • The agency disclosed that hackers stole details belonging to job seekers registered with the agency in the last 20 years in a cyberattack between February 6 and March 5. Data from individuals with a job candidate profile was also exposed.
  • The types of data that have been exposed from this attack include: Full Name, Date of Birth, Place of Birth, Social Security Number (NIR), France Travail Identifier, Email Address, Postal Address, Phone Number.

*Source

 

Over 2,300,000 records of Family Entertainment Business Were Exposed in Data breach

  • A cybersecurity researcher discovered a non-password protected database that contained over 2.3 million documents belonging to Kids Empire, an US operator of recreational centers.
  • The publicly exposed database contained 2,363,222 documents in .pdf and .png formats with a total size of 92.3 GB. These included reservations, injury waivers, and receipts with partial credit card numbers and transaction details. Additionally, there were digital gift cards with no expiration date, source images for websites and templates.
  • The data exposure poses potential privacy risks to customers by revealing personally identifiable information (PII) such as names, physical and email addresses, phone numbers, and details about the reservations. The mandatory waivers included the child’s name as well as the parent’s personal information and signature.

*Source

 

Nissan to let 100,000 Aussies and Kiwis know their data was stolen in cyberattack

  • Over the next few weeks, Nissan Oceania will make contact with around 100,000 people in Australia and New Zealand whose data was pilfered in a December 2023 attack on its systems, perhaps by the Akira ransomware gang.
  • The hackers stole some form of government identification from up to ten percent of victims including info on 4,000 Medicare cards – Australia’s national health insurance scheme – plus 7,500 driving licenses, 220 passports, and 1,300 tax file numbers.
  • The remaining 90 percent of folks had other info stolen – perhaps copies of loan-related transaction statements, employment details, or salary information. The heist may also include personally identifiable information (PII) such as dates of birth.

*Source

 

Stanford says data from 27,000 people leaked in September ransomware attack

  • The Akira ransomware gang accessed the personal information of more than 27,000 people on Stanford University servers during a cyberattack last year, the university warned this week.
  • The personal information that may have been affected varies from person to person but could include date of birth, Social Security number, government ID, passport number, driver’s license number, and other information the Department of Public Safety may have collected in its operations.
  • The California-based school began sending out breach notification letters this week, 10 months after the Akira ransomware gang first compromised the school’s systems.

*Source

 

Scottish health service says ‘focused and ongoing cyber attack’ may disrupt services

  • NHS Dumfries and Galloway, part of the Scottish healthcare system, announced on Friday it was the target “of a focused and ongoing cyber attack” and warned patients of a risk that hackers have been able to acquire a significant quantity of data.
  • The Dumfries and Galloway region has a population of just under 150,000 people — almost all of whom are likely to be users of the country’s universal National Health Service.
  • In an update, the health board said they have reason to believe that this could include patient-identifiable and staff-identifiable data.

*Source

SECUREFACT ARCHIVE >