A ransomware attack exposed the information of more than 3.3 million patients on Dec. 1, 2022. Multiple medical groups are affected under the Heritage Provider Network in California. These are: Lakeside Medical Organization Regal Medical Group ADOC Medical Group Greater Covina Medical Understanding Ransomware Ransomware is a malicious computer program that attempts to infect computers…
Google Fi users have received emails regarding a recent data breach at T-Mobile. From November 2022 through January 2023, hackers were able to obtain unauthorized access to data for 37 million T-Mobile customers. Google Fi, a wireless plan, uses T-Mobile networks to provide wireless service to customers. Google Fi wireless plan users also had information…
On January 23, 2023, GoTo released a statement detailing an update to the ongoing data breach investigation. Business owners should pay attention to this incident and its implications for their security practices. Details of the Hack: According to GoTo’s statement, the attack was first confirmed on November 30, 2022, involving unauthorized access to the company’s…
On December 20, 2022, PayPal, one of the most widely used online payment platforms, confirmed that 35,000 users’ accounts had been compromised due to a security breach. An unauthorized party viewed and potentially obtained some personal information of PayPal customers between December 6, 2022, and December 8, 2022. As soon as PayPal identified the breach,…
The mobile phone provider recently announced that a data breach had impacted 37 million T-Mobile accounts. In a Form 8-K filing with the US Securities and Exchange Commission, T-Mobile said they realized an authorized entity obtained data via a single API on January 5, 2023. Unlike other data breach cases where customer data is sometimes…
Norton LifeLock, a leading provider of identity protection and cybersecurity services, recently experienced a data breach caused by a credential stuffing attack. Credential stuffing is a cyberattack in which a hacker uses previously compromised information from one account to access another account, website, or service. This highlights the risks of reusing passwords across accounts, making…
Hackers are baiting their victims with stolen financial data in a clever phishing scheme. Over 400,000 data points, including identity numbers, names, phone numbers, and payment records, are used to persuade consumers to click on a malicious link. This link downloads a potent virus called BitRAT that can steal passwords, spy on users, and install…
A dataset purportedly comprising the email addresses and phone numbers of over 400 million Twitter users just a few weeks ago was listed for sale on the hacker forum Breached Forums. The information was initially released on December 23, 2022, by a hacker going by the handle “Ryushi.” The attacker demanded $200,000 for an “exclusive”…
LastPass, a popular password manager, announced that an unauthorized party accessed the company’s archived backups of its production data on a third-party cloud-based storage service. According to the company’s investigation, a threat actor accessed the cloud storage environment in August 2022 with information obtained from an earlier incident. Although the threat actor did not access…
In late November 2022, sports betting firm DraftKings announced that it had suffered a data breach affecting approximately 68,000 customers. The company stated that the breach resulted from a credential stuffing attack, in which attackers obtained credentials from a third-party source and attempted to use them to access DraftKings accounts. According to DraftKings, the attackers…