Mage Data strengthens its data security posture with the ISO 27001 certification. READ MORE >




CYBER SECURITY NEWS – WEEK OF JULY 08, 2024


Bharti Airtel denies data breach, report said 375 million users’ details up for sale

  • Bharti Airtel has denied any breach of its security system, refuting reports of a major data leak of 375 million customers.
  • An Airtel spokesperson stated that based on preliminary investigation, there has been no data breach of Airtel’s system.
  • The reports had suggested that details such as phone numbers, emails, addresses, and Aadhaar numbers were allegedly available for sale on the dark web for $50,000

*Source

RockYou2024: 10 billion passwords leaked in the largest compilation of all time

  • The largest password compilation ever, containing nearly 10 billion unique plaintext passwords, was leaked on a popular hacking forum on July 4th, 2024.
  • The leaked file, titled “rockyou2024.txt”, was posted by a user named ObamaCare. The Cybernews research team believes this leak poses severe dangers to users prone to reusing passwords.
  • The RockYou2024 compilation is a mix of old and new data breaches, with an additional 1.5 billion passwords added since the previous RockYou2021 leak.
  • Threat actors can exploit this password compilation to conduct brute-force attacks and gain unauthorized access to various online accounts.

*Source

Infosys McCamish says LockBit stole data of 6 million people

  • Infosys McCamish Systems (IMS), a subsidiary of Infosys, disclosed that the LockBit ransomware attack it suffered in November 2023 compromised the personal data of over 6 million individuals.
  • The stolen data included sensitive information such as Social Security numbers, dates of birth, medical records, biometric data, login credentials, financial account details, and passport numbers.
  • The attack occurred between October 29 and November 2, 2023, and impacted IMS’s clients, including major financial institutions like Bank of America and insurance providers.
  • IMS has notified the affected individuals and is providing them with free credit monitoring and identity protection services to mitigate the risks

*Source

Prudential Data Breach Grows Nearly 70-Fold: Over 2.5 Million Affected

  • Prudential, the second largest life insurance company in the United States, has reported a massive data breach that has affected over 2.5 million individuals, In February 2024, insurance giant Prudential experienced a data breach that initially affected 36,545 individuals, according to the company’s initial reports.
  • The stolen information included names, addresses, driver’s license numbers, and non-driver identification card numbers.
  • Prudential stated that it has taken measures to secure its systems, including enhancing access controls, implementing additional monitoring technologies, and strengthening authentication protocols.

*Source

Healthcare FinTech HealthyEquity Latest in Sector Hit With Data Breach

  • HealthEquity, a health tech company, suffered a data breach where hackers stole “protected health information” of some customers.
  • The breach was an “isolated incident” and not connected to other recent high-profile cyberattacks in the sector, according to the company.
  • HealthEquity discovered the breach on March 25, 2024 and took immediate action to resolve the issue and conduct forensic analysis, which was completed on June 10, 2024.
  • The breach stemmed from a compromised third-party vendor account that had access to some of HealthEquity’s SharePoint data.
  • The breach comes amid a broader wave of cyberattacks across various industries, including recent high-profile incidents at companies like Change Healthcare, CDK Global, Neiman Marcus, and Evolve Bank & Trust.

*Source

SECUREFACT ARCHIVE >