Voici les incidents majeurs concernant des pertes ou des vols de données découverts la semaine passée.
Vous retrouvez ci-dessous les liens directs vers les articles les plus intéressants. Pour information, cette veille est préparée avec un vrai cerveau non artificiel, alors bonne lecture et merci de soutenir le Décodeur !
Les actus sélectionnées cette semaine
Dell admits data breach of over 49 million customers via Cyber Attack – Cybersecurity Insiders
Dell, a leading technology services provider, has publicly announced that it is actively investigating allegations raised by a threat actor known as
US Patent and Trademark Office confirms another leak of filers’ address data | TechCrunch
The federal agency took blame for the incident, saying the addresses were « inadvertently exposed as we transitioned to a new IT system. »
Brandywine Realty Trust says data stolen in ransomware attack | TechCrunch
U.S. realty trust giant Brandywine Realty Trust has confirmed a cyberattack that resulted in the theft of data from its network. In a filing with
Leaked FBI email stresses need for warrantless surveillance of Americans
FBI must use surveillance tools to demonstrate their importance, email says.
El Salvador suffered a massive leak of biometric data
Resecurity found a massive leak involving the exposure of personally identifiable information (PII) of over 5M citizens of El Salvador.
Zscaler takes « test environment » offline after rumors of a breach
Zscaler says that they discovered an exposed « test environment » that was taken offline for analysis after rumors circulated that a threat actor was selling access to the company’s systems.
UK confirms Ministry of Defence payroll data exposed in data breach
The UK Government confirmed today that a threat actor recently breached the country’s Ministry of Defence and gained access to part of the Armed Forces payment network.
Ohio Lottery ransomware attack impacts over 538,000 individuals
The Ohio Lottery is sending data breach notification letters to over 538,000 individuals affected by a cyberattack that hit the organization’s systems on Christmas Eve.
BlackBasta claims Synlab attack, leaks some stolen documents – Help Net Security
The BlackBasta ransomware gang is behind the recent cyber attack that resulted in the temporary shutdown of operations at Synlab Italia.
IntelBroker Hacker Leaks Alleged HSBC & Barclays Bank Data
IntelBroker hacker claims to have breached a 3rd-party contractor and stolen data belonging to 2 banks in the United Kingdom: HSBC and Barclays.
Major UK Security Provider Leaks Trove of Guard and Suspect Data
Amberstone Security LTD., a security provider in the United Kingdom linked to the Argenbright Group has suffered a major cybersecurity incident.
Hackers Leak COVID-19 Data of 820K Dominicans, Including Vaccination Info
A massive data leak of 820,000 Dominican Republic individuals’ PII on Breach Forums, including their COVID-19 vaccination status, has been identified by Resecurity.
Cancer patients’ sensitive information accessed by « unidentified parties » after being left exposed by screening lab for years
A medical lab that specialises in cancer screenings has admitted to an alarming data breach that left sensitive patient information exposed for years – and accessible by unauthorised parties.
DocGo Confirms Cyber Attack: Hackers Steal Patients Data
DocGo Inc., a prominent healthcare and ambulance transportation service provider, has confirmed a cybersecurity incident.
U.K. Armed Forces’ Data Is Exposed in Hostile Cyberattack
A payroll system used by Britain’s Ministry of Defense was targeted in a cyberattack that some lawmakers alleged was orchestrated by China.
BetterHelp to pay $7.8 million to 800,000 in health data sharing settlement
BetterHelp has agreed to pay $7.8 million in a settlement agreement with the U.S. Federal Trade Commission (FTC) over allegations of misusing and sharing consumer health data for advertising purposes.
University System of Georgia: 800K exposed in 2023 MOVEit attack
The University System of Georgia (USG) is sending data breach notifications to 800,000 individuals whose data was exposed in the 2023 Clop MOVEit attacks.
Des pirates affiliés à l’Iran dérobent des identifiants de compte cloud – Le Monde Informatique
Intrusion, Hacking et Pare-feu : L’équipe de chercheurs en sécurité de Mandiant a observé des campagnes malveillantes par social engineering mené par des pirates affiliés à l’Iran….
