Voici les incidents majeurs concernant des pertes et des vols de données découverts durant ce dernier tour de veille hebdomadaire.
Bonne lecture et merci pour le café car cette veille est produite avec un vrai cerveau non artificiel 😉
NSA and FBI: Kimsuky hackers pose as journalists to steal intel
State-sponsored North Korean hacker group Kimsuky (a.ka. APT43) has been impersonating journalists and academics for spear-phishing campaigns to collect intelligence from think tanks, research centers, academic institutions, and various media organizations.
Ransomware attack on US dental insurance giant exposes data of 9 million patients
Millions of patients will be notified following a suspected ransomware attack on one of America’s largest dental insurers.
Enzo Biochem says ransomware attack exposed clinical test data of 2.5 million patients
Heathcare company Enzo Biochem has confirmed that a ransomware attack exposed the clinical test information of almost 2.5 million patients.
8000 passeports publiés en ligne après une cyberattaque contre Voyageurs du monde
L'agence de voyages a refusé de verser la rançon réclamée par le groupe de pirates Lockbit. 8000 passeports français sont désormais…-Cybersécurité
Hacking forum hacked, user database leaked online
RaidForums, the notorious hacking and data leak forum seized and shut down by the authorities back in April 2022, is – perhaps surprisingly – at the centre of another cybersecurity breach.
SimpleTire Database Leak: Over 2.8 Million Records Exposed
Security researcher Jeremiah Fowler made a concerning discovery: a non-password-protected database belonging to SimpleTire.
Toyota finds more misconfigured servers leaking customer info
Toyota Motor Corporation has discovered two additional misconfigured cloud services that leaked car owners’ personal information for over seven years.
Burton Snowboards discloses data breach after February attack
Leading snowboard maker Burton Snowboards notified customers of a data breach after some of their sensitive information was « potentially » accessed or stolen during what the company described in February as a « cyber incident. »
Salesforce ‘Ghost Sites’ Expose Sensitive Corporate Data
Some companies have moved on from using Salesforce. But without remembering to fully deactivate their clouds, Salesforce won’t move on from them.
Retailer Database Error Leaks Over One Million Customer Records
SimpleTire snafu has now been remediated
ABB confirms data stolen in Black Basta ransomware attack
Global industrial automation company ABB says the incident has been contained, but it hasn’t disclosed whether it paid a ransom.