This week’s cybersecurity news recap contains highly important information about a recent data breach that is being called the largest data breach ever. Check out this story and other news from the week below:
TOP STORY:
In what is being called the largest data breach ever, 16 billion new, undocumented login credentials have been exposed.
Cybersecurity researcher Vilius Petkauskas revealed that, together with his team, they have spent months digging through the mess of exposed data. These login credentials belong to popular social media platforms, government portals, and more including Apple, Google, Facebook, GitHub, Telegram, and even VPN accounts.
(–Source: Cryptopolitan on MSN
Read More: More than 16 billion Apple, Facebook, Google passwords leaked in largest data breach ever )
Erie Insurance in Illinois is being faced with two legal challenges claiming that the company failed to implement adequate cybersecurity protections to keep customer and employee data secure.
The lawsuits refer to an outage that affected the company earlier this month. This incident was described by the company as an “information security event” and left customers locked out of their online accounts.
The full nature of the incident has not yet been revealed, but the insurance company is working with law enforcement.
(–Source: Erie Times-News on MSN
Read More: Erie Insurance sued a second time over claims it failed to prevent data breach )
Despite a hacking group claiming responsibility for the theft of 64 million T-Mobile customer records, the popular mobile carrier is denying that any breach has occurred.
Cybernews cited a dataset, which is currently unconfirmed, on a popular data breach forum. This data supposedly contains 64 million lines of T-Mobile customer sensitive data including names, birthdates, tax ID numbers, contact information, mailing addresses, device and cookie IDs, and IP addresses.
Amid concerns of hackers being able to use this kind of data for sophisticated attacks, T-Mobile says the data has nothing to do with the company or its customers.
(–Source: Tom’s Guide on MSN
Read More: T-Mobile denies new breach of 64 million records — is your data safe? )
A handful of reporters for The Washington Post were hit by a cyberattack via email over the weekend. The attack has reportedly been contained and investigation is ongoing.
(–Source: The Hill on MSN
Read More: Washington Post hit with cyberattack )
The world’s largest optical software solutions provider Ocuco based in Dublin, Ireland experienced a data breach that exposed the sensitive information of over 240,000 people.
It appears that the ransomware group Killsec is responsible for this attack, as the information stolen from Ocuco has been posted on the group’s dark web leak site for download. Little is known about this attack, but it is currently under investigation.
(–Source: The HIPAA Journal
Read More: Optical Software Solution Provider Ocuco Reports 241K-Record Data Breach )
On of Canada’s biggest airlines, WestJet, appears to have been hit with a cyberattack that has disrupted the company’s app and website.
Not much information has been released about this incident, but the company has assured its guests that their operations “remain safe and stable and are not impacted by the situation.”
(–Source: TechRadar Pro
Read More: WestJet investigating possible cyberattack – make sure your data is safe | TechRadar )
The large 2023 data breach which affected thousands of 23andMe customers has left the DNA testing firm faced with a fine of £2.31m by a UK watchdog.
The Information Commissioner’s Office said the company did not have adequate security measures in place to secure user data prior to the credential stuffing incident in late 2023.
(–Source: BBC on MSN
Read More: UK watchdog fines 23andMe for ‘profoundly damaging’ data breach )
Due to the adaptive tactics, techniques and procedures often used by Iranian threat actors, The Information Technology — Information Sharing and Analysis Centeer (IT-SAC) and the Food and Agriculture Information Sharing and Analysis Center (Food and Ag-ISAC) are urging businesses in America to take proactive steps to “assess their cyber preparedness, enhance their defenses, and prepare for a range of cyber activity, some of which could potentially be disruptive” as Iran and Israel are engaged in hostilities.
(–Source: New York Post
Read More: US businesses warned to brace for Iranian cyberattacks amid war with Israel )
Episource confirmed a data breach that occurred in February of this year and impacted an estimated 5.4 million people. The medical coding and risk assessment firm detected unusual activity on its computers, promptly reported it, and began investigation with law enforcement and security professionals.
Upon investigation, the company discovered that the attacker viewed and took copies of data over a period of 8 days. Compromised data differs per person, but includes contact information, birthdates, SSNs, health insurance data, and health data.
(–Source: Mashable on MSN
Read More: Healthcare data breach impacts over five million Americans )
