Mage Data strengthens its data security posture with the ISO 27001 certification. READ MORE >

About

Team

Partners

Data Privacy

Cross-Border Data Sharing

Data Security

Test Data Management

Database Security

Secure Digital Transformation

Overview

Sensitive Data Discovery

Static Data Masking

Dynamic Data Masking

Privacy Enhancing Technologies

Database Activity Monitoring

Data Subject Access Rights Automation

Datasheets

In the News

Business Use Cases

Whitepapers

Secure FactTM

Guides & E-Books

Blogs

Success Stories

Webinars

FAQ




CYBER SECURITY NEWS – WEEK OF JUNE 03, 2024


Snowflake cloud storage linked to Ticketmaster and Santender data breaches

  • A massive data breach potentially affecting 560 million Ticketmaster accounts and a confirmed breach at Santander Bank may have originated from attacks on Snowflake cloud storage accounts.
  • The breach allegedly involved a single Snowflake employee’s stolen credentials, which were used to bypass Okta authentication and generate session tokens.
  • The hacker, identified as ShinyHunters, gained access to a trove of information from Snowflake, including data from hundreds of other customers.
  • The stolen data includes full names, emails, addresses, phone numbers, hashed credit card numbers, and more.
  • The breach was confirmed by Ticketmaster and Santander, with the latter reporting that over 30 million customer records were compromised.
  • The Snowflake breach potentially affected hundreds of other companies, including major brands such as AT&T, HP, Instacart, DoorDash, NBCUniversal, and Mastercard, in addition to Ticketmaster and Santander

*Source

Ticketmaster faces major data breach, allegedly exposing 500 million customers’ Information

  • Ticketmaster, a leading ticketing platform, has faced a major data breach allegedly exposing the information of 500 million customers.
  • The breach was discovered in May 2024, when unauthorized activity was detected in a third-party cloud database primarily housing Ticketmaster data.
  • A criminal threat actor offered the stolen data for sale on the dark web, reportedly containing names, addresses, phone numbers, and some credit card details.
  •  Live Nation, Ticketmaster’s parent company, confirmed the breach in a filing with the U.S. Securities and Exchange Commission (SEC)

*Source

BBC suffers data breach impacting current, former employees

  • The BBC has disclosed a data security incident that occurred on May 2024, involving unauthorized access to files hosted on a cloud-based service.
  • The incident compromised the personal information of roughly 25,000 BBC Pension Scheme members, including current and former employees of the British public service broadcaster.
  • The compromised data includes full names, National Insurance numbers, dates of birth, sex, and home addresses.
  • The BBC has notified the UK’s Information Commissioner’s Office (ICO) and the Pensions Regulator about the incident.

*Source

Toshiba America Data Breach: Customers and State Authorities Notified

  • Toshiba America Business Solutions, an American subsidiary of Toshiba TEC Corporation, has notified customers of a potential data security incident where their personal information may have been compromised.
  • The breach occurred when an unauthorized actor gained access to sensitive personally identifiable information, including names and Social Security numbers, through the company’s email environment.
  • Toshiba America Business Solutions has offered credit monitoring services to affected individuals and has implemented additional security measures to prevent similar incidents in the future.

*Source

Johnson & Johnson Reports Data Breach Potentially Linked to Massive Cencora Breach

  • Johnson & Johnson (JNJ) recently reported a data breach incident involving the unauthorized access of sensitive patient information.
  • The breach was discovered on May 2024, and JNJ filed a notice of data breach with the Attorney General of Texas.
  • The incident affected the Johnson & Johnson Patient Assistance Foundation, Inc. and Johnson & Johnson Services, Inc., impacting the personal information of approximately 175,000 Texans. The total number of victims nationwide is likely much higher.
  • The compromised information includes names, addresses, birth dates, and medical information. No social security numbers or financial account information were exposed. JNJ offered a complimentary one-year credit monitoring service to individuals whose information was potentially affected.

*Source

Cooler Master hit by data breach exposing customer information

  • Cooler Master, a Taiwanese computer hardware manufacturer, has recently suffered a data breach. The breach occurred on May, 2024, when a threat actor known as “Ghostr” accessed the company’s Fanzone website and downloaded over 103 GB of data.
  • This data includes information on over 500,000 customers, including names, email addresses, phone numbers, physical addresses, and dates of birth.
  • Additionally, the data includes product information, employee details, and email communications with vendors. However, no credit card information was found in the samples shared by the threat actor
  • The breach was confirmed by Cooler Master, which stated that it immediately alerted the authorities and engaged top security experts to address the incident and implement new security measures.

*Source

First American December data breach impacts 44,000 people

  • First American Financial Corporation, a major title insurance company in the United States, suffered a data breach in December 2023 that impacted approximately 44,000 individuals.
  • The breach occurred after a cyberattack forced the company to take some of its systems offline.
  • An investigation concluded that the attackers gained unauthorized access to First American’s systems and were able to access sensitive personal information, including names, email addresses, physical addresses, dates of birth, and phone numbers.
  • The company will provide credit monitoring and identity protection services to the affected individuals.

*Source

SECUREFACT ARCHIVE >