Jump to content

Search the Community

Showing results for tags 'security breach'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Site Related
    • News & Updates
    • Site / Forum Feedback
    • Member Introduction
  • News
    • General News
    • FileSharing News
    • Mobile News
    • Software News
    • Security & Privacy News
    • Technology News
  • Downloads
    • nsane.down
  • General Discussions & Support
    • Filesharing Chat
    • Security & Privacy Center
    • Software Chat
    • Mobile Mania
    • Technology Talk
    • Entertainment Exchange
    • Guides & Tutorials
  • Off-Topic Chat
    • The Chat Bar
    • Jokes & Funny Stuff
    • Polling Station

Categories

  • Drivers
  • Filesharing
    • BitTorrent
    • eDonkey & Direct Connect (DC)
    • NewsReaders (Usenet)
    • Other P2P Clients & Tools
  • Internet
    • Download Managers & FTP Clients
    • Messengers
    • Web Browsers
    • Other Internet Tools
  • Multimedia
    • Codecs & Converters
    • Image Viewers & Editors
    • Media Players
    • Other Multimedia Software
  • Security
    • Anti-Malware
    • Firewalls
    • Other Security Tools
  • System
    • Benchmarking & System Info
    • Customization
    • Defrag Tools
    • Disc & Registry Cleaners
    • Management Suites
    • Other System Tools
  • Other Apps
    • Burning & Imaging
    • Document Viewers & Editors
    • File Managers & Archivers
    • Miscellaneous Applications
  • Linux Distributions

Categories

  • General News
  • File Sharing News
  • Mobile News
  • Software News
  • Security & Privacy News
  • Technology News

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Found 9 results

  1. Australian securities regulator discloses security breach Image: Pat Whelen The Australian Securities and Investments Commission (ASIC) has revealed that one of its servers has been accessed by an unknown threat actor following a security breach. ASIC is an independent Australian government commission tasked with the regulation of insurance, securities, and financial services, as well with consumer protection as Australia's national corporate regulator. The commission also maintains a searchable database of business information for several types of organizations. The stored data includes both current and historical info including but not limited to addresses and office locations. A single server affected by the breach As ASIC disclosed the incident that took place on January 15th, 2021, is related to Accellion software the commission uses to transfer information. "It involved unauthorised access to a server which contained documents associated with recent Australian credit licence applications," ASIC said. "While the investigation is ongoing, it appears that there is some risk that some limited information may have been viewed by the threat actor. "At this time ASIC has not seen evidence that any Australian credit licence application forms or any attachments were opened or downloaded." In response to the security breach, ASIC has disabled access to the impacted server and is working on providing an alternative credit application submission channel. The Australian securities regulator is working on bringing the impacted systems back online and on a forensic investigation of the attack with the help of external cybersecurity experts. The commission said that no other systems besides the affected server have been reached or impacted in the incident. ASIC is working with Accellion and has notified the relevant agencies as well as impacted parties to respond to and manage the incident. - ASIC Other Accellion customers breached or exposed to attacks The New Zealand Reserve Bank also disclosed earlier this month that they suffered a data breach after an attacker compromised a file sharing service containing sensitive data, powered by Accellion's FTA (File Transfer Application). This is a legacy service deployed on-premise to allow users to share large and sensitive files with external recipients securely. The vulnerability used to hack New Zealand Reserve Bank's file sharing service was patched by Accellion on Christmas Eve. "Accellion resolved the vulnerability and released a patch within 72 hours to the less than 50 customers affected," the company said in a press release. Based on these numbers, dozens of other targets might have been compromised by exploiting the same vulnerability. According to BleepingComputer's cybersecurity industry sources, Accellion released the patch on December 24th, and the Reserve Bank of New Zealand suffered the breach on December 25th. Even though Accellion still provides support for the legacy FTA service, it has also been urging customers to migrate to the new Kiteworks platform since at least December 2019. Source: Australian securities regulator discloses security breach
  2. Kawasaki Says Data Possibly Stolen in Security Breach Kawasaki Heavy Industries on Monday revealed that information from its overseas offices might have been stolen following a security breach that occurred earlier this year. Based in Japan, Kawasaki Heavy Industries is a multinational corporation best known for the manufacturing of motorcycles, heavy equipment, engines, ships, rolling stock, and aerospace and defense equipment. On June 11, 2020, the company discovered that unknown actors breached its network. It immediately launched an investigation into the matter but, because the unauthorized access spanned multiple offices, it had no information to share publicly until now. The thorough investigation, Kawasaki says, revealed that “some information from overseas offices may have been leaked to external parties.” Kawasaki explained that the incident was discovered during an internal audit, which revealed “a connection to a server in Japan from an overseas office (Thailand) that should not have occurred.” The company terminated communications between the affected office and its Japan headquarters and started an investigation that revealed additional unauthorized access to its servers in Japan, originating from overseas sites located in Indonesia, the Philippines, and the United States. “We have enhanced monitoring operations to accesses from overseas offices and tightened access restrictions to block unauthorized accesses. Since then, we have continued to strengthen company-wide security measures,” the company announced. During its investigation, the company conducted a security assessment of roughly 29,000 terminals in Japan and in overseas office networks where incidents possibly occurred. Kawasaki also says that no further unauthorized access to its network has been observed since August, and that communications between the affected overseas offices and the Japan office have been restored at the end of November. “Because Kawasaki handles important sensitive information such as personal information and social infrastructure-related information, information security measures have been a top priority for the company. However, the unauthorized access in question had been carried out with advanced technology that did not leave a trace,” the company reveals. Although the investigation revealed that data might have been leaked, the company could not determine what information may have been compromised. However, it says no personal information was impacted. Regardless, the company is contacting potentially affected customers. On November 1, 2020, Kawasaki established a Cyber Security Group, which the company says will continue to tighten monitoring and access controls between offices, and will also strengthen security measures, to ensure no similar incidents occur. Source: Kawasaki Says Data Possibly Stolen in Security Breach
  3. Parents alerted to NurseryCam security breach COPYRIGHTNURSERYCAM/GETTY IMAGES A webcam system that lets parents drop in and watch their children while at nursery school has written to families to tell them of a data breach. NurseryCam said it did not believe the incident had involved any youngsters or staff being watched without their permission, but had shut down its server as a precautionary measure. The Guildford-based company told the BBC its service was used by about 40 nurseries across the UK. It said it had also notified the ICO. Under UK rules, the Information Commissioner's Office must be told of a breach if it has "significant impact" within 24 hours. NurseryCam said it first became aware of the incident shortly after 17:00GMT on Friday. It added the service would remain suspended until a security fix was in place. Logins exposed The firm said that a "loophole" in its systems had been used to obtain data from parents' viewing accounts including: usernames passwords names email addresses "The person who identified the loophole has so far acted responsibly," said NurseryCam's director Dr Melissa Kao. "He stated he has no intention to use this to do any harm [and] wants to see NurseryCam raise the overall standards of our security measures." Public apology The company had earlier been involved in a public spat with a cyber-security consultant who had claimed to have found problems in its systems, which the company had played down. The consultant, Andrew Tierney, told the BBC he had also been contacted by the hacker, who had passed on a redacted copy of the stolen data. Mr Tierney said he had made follow-up checks with some of the parents involved to check the details were real, and had contacted NurseryCam to offer his help. "I don't know who this guy is," he said. "But what I've done is send NurseryCam the weak points in its system that I had spotted over the last couple of weeks." He added that ex-users of the system had not been included on the list he had seen. Ms Kao told the BBC she did not believe the breach had been related to the previous alleged flaws that Mr Tierney had sought to bring to her attention. "NurseryCam sincerely apologises to all our parent users and nurseries for the incident. We are very sorry," she added. Source: Parents alerted to NurseryCam security breach
  4. After hackers blackmailed their clients, Finnish therapy firm declares bankruptcy Highly sensitive notes from therapy sessions were published online in an attempt to blackmail patients Hackers bragged about the poor state of firm’s security Vastaamo, the Finnish psychotherapy practice that covered up a horrific security breach which resulted in patients receiving blackmail threats, has declared itself bankrupt. Vastaamo’s problems first began in 2018, when it discovered that a database of customer details and – most shockingly – notes from therapy sessions had been accessed by hackers. You would like to think that security would then be tightened up, but in March 2019, Vastaamo CEO Ville Tapio knew that hackers had in the months since continued to access the chain of private psychotherapy clinics’ systems. Astonishingly, Tapio did not share that critical information with the appropriate authorities or with other members of Vastaamo’s board – perhaps because he had been responsible for setting up the database’s security himself. It was only in October 2020 that the truth finally came out, and the criminals published batches of the sensitive records on the dark web. The hackers initially demanded a ransom payment from Vastaamo of about 450,000 euros, before inviting patients to pay approximately 500 euros if they wanted their data taken down. An estimated 40,000 patients were affected by the breach. In online posts, the hackers bragged about the poor state of Vastaamo’s security. Tapio was subsequently fired, and replaced as the company’s CEO. The damage, however, was too much for Vastaamo, which has clinics across Finland, to take. The harm caused by the criminal hackers and the subsequent damage done to Vastaamo brand was simply too great, and the company announced this week that it had been placed in liquidation. The company has come to an agreement with Verve, another psychotherapy practice based in Finland, that patients can continue to make appointments through them with their therapist or psychiatrist. In the meantime, patients are being urged not to give in to the ransom demands, and report any communications they receive from the extortionists with the police. In January, Finland’s social insurance institution Kela said that it was terminating its contract with Vastaamo – not because of the security breach, but due to an inspection discovering that some of the firm’s therapists were not adequately qualified. According to data collected by security researcher Adrian Sanabria, Vastaamo is one of less than two dozen companies to have been ruined by a data breach, and “is the largest so far, at 400 employees.” Source: After hackers blackmailed their clients, Finnish therapy firm declares bankruptcy
  5. Fastway data breach: Security incident at Irish courier impacts more than 440,000 parcel recipients Cyber-attack compromises delivery data The personal data of more than 440,000 parcel recipients has been compromised by a cyber-attack on Irish delivery firm Fastway Couriers. “Used for the purposes of delivery”, the compromised data includes names, addresses, and contact details including email and phone numbers, according to a prominently positioned breach notification posted to the Fastway website on March 11. “The data compromised relates to Fastway deliveries, in-flight or undelivered parcels over a period of approximately 30 days from mid-January onwards,” continued the alert. Some 446,143 parcel recipients were affected in all. Fastway emphasized that “no financial data or other personal data has been compromised, nor is this stored on any Fastway system”. The firm said that one of its IT systems was hit by a cyber-attack that was detected by a third-party IT contractor on February 25 and “fully mitigated by 9am” the following day (February 26). Fastway said it notified law enforcement and Ireland’s Data Protection Commission upon being notified of the breach by the contractor on March 2. ‘Distressing’ “It is distressing that our IT system was compromised by a malicious hack as we are exceptionally careful in every aspect of our data protection obligations,” said Danny Hughes, CEO of Fastway Couriers, in the statement. “I deeply regret that people’s personal data has been compromised and I apologise to our clients and their customers. “I want to stress that nobody’s financial data was at risk and the issue is limited to delivery information only. We will continue to work closely with the DPC, the Gardai and our clients to manage this situation in line with best practice.” Fastway says incident response and an “independent review” of the incident are ongoing. Fastway Couriers also operates in Northern Ireland, South Africa, Australia, and New Zealand, where it is headquartered, and was acquired by logistics multinational Aramex in 2016. As of October 2020, The franchised brand’s Irish arm had enjoyed a 70% rise in delivery volumes as a result of the online shopping boom precipitated by the Covid-19 pandemic. The Daily Swig has contacted Fastway Couriers for further comment. We will update the article if we receive a reply. Source: Fastway data breach: Security incident at Irish courier impacts more than 440,000 parcel recipients
  6. Five servers storing customer support analytics were accidentally exposed online in December 2019. Microsoft disclosed today a security breach that took place last month in December 2019. In a blog post today, the OS maker said that an internal customer support database that was storing anonymized user analytics was accidentally exposed online without proper protections between December 5 and December 31. The database was spotted and reported to Microsoft by Bob Diachenko, a security researcher with Security Discovery. The leaky customer support database consisted of a cluster of five Elasticsearch servers, a technology used to simplify search operations, Diachenko told ZDNet today. All five servers stored the same data, appearing to be mirrors of each other. Diachenko said Microsoft secured the exposed database on the same day he reported the issue to the OS maker, despite being New Year's Eve. "I have been in touch with the Microsoft team helping and supporting them to properly investigate it," Diachenko told ZDNet. The servers contained roughly 250 million entries. Microsoft says that most of the records didn't contain any personal user information. "As part of Microsoft's standard operating procedures, data stored in the support case analytics database is redacted using automated tools to remove personal information," Microsoft said. However, in cases where users filed customer support requests using non-standard formatted data such as ("name surname @ emaildomain com" instead of "[email protected]") the data was not detected and redacted, and remained in the exposed database. For these cases, Microsoft said it began notifying impacted customers today, although it also added that it "found no malicious use" of the data. Microsoft blamed the accidental server exposure on misconfigured Azure security rules it deployed on December 5, which it now fixed. Following the leak, Microsoft says it is now: Auditing the established network security rules for internal resources. Expanding the scope of the mechanisms that detect security rule misconfigurations. Adding additional alerting to service teams when security rule misconfigurations are detected. Implementing additional redaction automation. Source
  7. The US branch of telecommunications giant T-Mobile disclosed a security breach today that impacted a small number of customers of its prepaid service. The company said its cybersecurity team "discovered and shut down malicious, unauthorized access to some information related to your T-Mobile prepaid wireless account." Exposed data included details such as customer names, billing addresses, phone numbers, account numbers, rate plans, and plan features. T-Mobile said hackers didn't access any sensitive information such as passwords, financial information, or social security numbers. The telco said it notified law enforcement of the incident, and is now reaching out to customers. Impacted users should have received an SMS today, but if users have changed numbers or have switched to other provides and would like to find out if they've been impacted, they can contact and ask the company for confirmation at [email protected] T-Mobile said all impacted users should change account passwords and PIN codes. Additional details are available in a T-Mobile support page. T-Mobile joins Sprint as the second major US telco to disclose a security breach this year. In July, Sprint said hackers accessed some customer data via the Samsung official website. Earlier this year, in May, Sprint also disclosed another breach when it said hackers used Boost phone numbers and Boost.com PIN codes to access users' Sprint accounts. T-Mobile did not return a request for comment seeking additional details about the incident. Source
  8. Foxit Software said hackers breached website accounts and stole user information. Foxit Software, the company behind the Foxit PDF reader app, said today that hackers breached its servers and have made off with some user information. ZDNet learned of the breach from a Foxit customer who shared a copy of the email the company is sending out to affected users, asking them to choose new passwords when logging in the next time. According to this email, the security breach impacted the company's website, and, namely, information stored in the My Account section. Foxit web accounts are how the company manages its existing customers and is where users can access trial software, download purchased products, and access order histories. Foxit said hackers managed to access MyAccount data such as email addresses, passwords, real names, phone numbers, company names, and IP addresses from which users logged into their accounts. Due to the presence of IP addresses in the data hackers managed to access, this is believed to be a breach of Foxit's backend infrastructure, rather than a credential stuffing attack. A Foxit spokesperson could not be reached for additional clarification. Were the passwords hashed or in plaintext? The biggest mystery is if Foxit had protected customer passwords through a process called hashing and salting. Hashing and salting a password string prevents an attacker from being able to read it in plaintext. The email sent to customers and a security advisory posted on the Foxit Software website did not mention if passwords were either hashed and salted. The software maker said it invalidated all passwords for customers who it believed were impacted by the security breach. However, if the passwords were available in cleartext, then attackers can use them to gain access to users' accounts on other websites if users made the mistake of reusing passwords. Foxit also didn't date the security incident, and it's currently unknown if the breach occurred this week, last month, or in previous years. If this is an old breach that has only been recently discovered, than hackers might have had a huge head start in abusing the stolen data. The company did say, however, that hackers didn't access any financial information. It also said it's working with a forensic firm to investigate further, and that it notified law enforcement and data protection authorities. Foxit Software should not be confused with Fox-IT, a cyber-security firm with a similar name, which had its own cyber-security incident in December 2017. Source
  9. Later today, eBay will begin asking all of its 112 million customers to change their passwords, in the wake of a newly discovered database breach. The breach compromised a database containing a list of encrypted passwords that, once released in the wild, could potentially be decrypted through publicly available tools. As a result, eBay is asking users to change passwords as soon as possible. Officials say no financial data was implicated, and the company hasn't found any evidence of unauthorized activity resulting from breach. The attack itself took place some time between late February and early March, when attackers obtained a group of employee log-in credentials, allowing access to the larger database. Even after the attack, eBay wasn't aware of the compromise until two weeks ago, and it took detailed forensic analysis to implicate the password database, resulting in today's announcement. In addition to passwords, the database contained basic login information like name, email, phone number, address and date of birth, but officials stressed that no confidential or personal information was included in the breach. Paypal was not involved in the breach, as PayPal data is kept on a separate network with higher levels of encryption. Still, a site-wide password reset is generally seen as the best response to this kind of breach. eBay also reminded users to make the change at any other sites where they had used the same password, a bad security practice that is nonetheless widespread. Source
×
×
  • Create New...