Search This Blog
Powered by Blogger.

Blog Archive

Labels

About Me

Load More
Trendy Right Now

Popular Posts

Showing posts with label User Data Leak. Show all posts
User Data Leak
Data Breach Financial Credentials phishing ShinyHunters Ticketmaster User Data Leak

Ticketmaster Data Breach Affects Over 500 Million Customers


 


We are all music fans at heart, and recently the most eye-catching tour is the three-hour Taylor Swift concert. The platform that sells tickets for these in-demand tours, Ticketmaster, has taken a hit. In a substantial blow to one of the world’s largest ticketing services, Ticketmaster has reportedly suffered a massive data breach impacting over half a billion customers. According to Mashable, the hacker group known as ShinyHunters claims responsibility for stealing customer data from nearly 560 million users. Although Ticketmaster has yet to confirm the breach, ShinyHunters has a history of high-profile hacks and is now selling the stolen data on a popular hacking forum for $500,000.


Details of the Stolen Data

ShinyHunters alleges they have obtained a substantial 1.3 terabytes of data, including sensitive information such as full names, addresses, and phone numbers. Additionally, the breach encompasses detailed order histories, which reveal ticket purchase details and event information. Alarmingly, partial payment information, including names, the last four digits, and expiration dates of credit cards, is also among the compromised data.


While waiting for Ticketmaster's official response, it is crucial for affected customers to take proactive steps to protect themselves. The stolen data could be used for targeted phishing attacks, making it essential to remain vigilant when checking emails, messages, or mail. Cybercriminals may impersonate reputable companies to trick individuals into revealing passwords or financial information.


To mitigate risks, users should avoid clicking on links or downloading attachments from unknown senders and always verify the legitimacy of the sender’s email address. Implementing robust cybersecurity measures, such as using the best antivirus software for PCs, Macs, and Android devices, can provide additional protection against potential malware infections.


Steps to Take Following a Data Breach

In the wake of a data breach, companies typically offer guidance and access to identity theft protection services. However, Ticketmaster has not yet confirmed the breach or announced any support for affected customers. Until more information is available, individuals should monitor their accounts for suspicious activity and consider changing passwords for any online accounts associated with the compromised email addresses.


Given ShinyHunters' notorious track record, including the 2021 leak of 70 million AT&T subscribers’ information, the claims warrant serious attention.


This incident surfaces the importance of cybersecurity and the potential vulnerabilities even large companies face. As the situation develops, staying informed and cautious will be key for those potentially affected by this breach. We will continue to provide updates as more information becomes available from Ticketmaster and other reliable sources.



Read more »
User Data Leak
App security Apple criticism Apple Security Data Breach Data Privacy iPhone iPhone Features Personal Data User Data Leak

Is iPhone’s Journal App Sharing Your Personal Data Without Permission?

 

In the digital age, where convenience often comes at the cost of privacy, the Journal app stands as a prime example of the fine line between utility and intrusion. Marketed as a tool for reflection and journaling, its functionality may appeal to many, but for some, the constant stream of notifications and data access raises legitimate concerns. 

While the Journal app offers a seemingly innocuous service, allowing users to jot down thoughts and reflections, its behind-the-scenes operations paint a different picture. Upon installation, users unwittingly grant access to a wealth of personal data, including location, contacts, photos, and more. This data serves as fodder for the app's suggestions feature, which prompts users to reflect on their daily activities. For those who engage with the app regularly, these suggestions may prove helpful, fostering a habit of mindfulness and self-reflection. 

However, for others who have no interest in journaling or who simply prefer to keep their personal data private, the constant barrage of notifications can quickly become overwhelming. The issue extends beyond mere annoyance; it touches on fundamental questions of privacy and consent in the digital realm. Users may find themselves grappling with the realisation that their every move is being tracked and analyzed by an app they never intended to use beyond a cursory exploration. 

Moreover, the implications of this data collection extend beyond the confines of the Journal app itself. As Apple's Journaling Suggestions feature allows for data sharing between journaling apps, users may inadvertently find their personal information circulating within a broader ecosystem, with potential consequences for their privacy and security. 

Fortunately, there are steps that users can take to regain control over their digital lives and mitigate the impact of unwanted notifications from the Journal app. Disabling Journaling Suggestions and revoking the app's access to sensitive data are simple yet effective measures that can help restore a sense of privacy and autonomy. Additionally, users may wish to reconsider their relationship with technology more broadly, adopting a more discerning approach to app permissions and data sharing. 

By scrutinising the terms of service and privacy policies of the apps they use, individuals can make more informed decisions about which aspects of their digital lives they are comfortable surrendering to third-party developers. Ultimately, the Journal app serves as a poignant reminder of the complex interplay between convenience and privacy in the digital age. While its intentions may be benign, its implementation raises important questions about the boundaries of personal data and the need for greater transparency and control over how that data is used. 

As users continue to grapple with these issues, it is incumbent upon developers and policymakers alike to prioritize user privacy and empower individuals to make informed choices about their digital identities. Only through concerted effort and collaboration can we ensure that technology remains a force for good, rather than a source of concern, in our increasingly connected world.
Read more »
WhatsApp
2FA Android App Bogus Apps Data Breach Pre-installed apps Signal User Data Leak User Privacy WhatsApp

Fake Android App Enables Hackers to Steal Signal and WhatsApp User Data

Cybercriminals have recently developed a highly sophisticated approach to breach the security of both WhatsApp and Signal users, which is concerning. By using a phony Android conversation app, cybercriminals have been able to obtain user information from gullible individuals. There are significant worries regarding the vulnerability of widely used messaging services in light of this new threat.

Cybersecurity experts have reported that hackers have been exploiting a spoof Android messaging software to obtain users' personal information without authorization, specifically from Signal and WhatsApp users. With its slick layout and promises of improved functionality, the malicious app lures users in, only to stealthily collect their personal information.

Using a traditional bait-and-switch technique, the phony software fools users into thinking they are utilizing a reliable chat service while secretly collecting their personal data. According to reports, the software misuses the required rights that users are requested to provide during installation, giving it access to media files, contacts, messages, and other app-related data.

Professionals in cybersecurity have remarked that this technique highlights the growing cunning of cybercriminals in taking advantage of consumers' trust and the weaknesses in mobile app ecosystems. It is emphasized that consumers should exercise caution even when they download programs from official app stores because harmful apps can occasionally evade detection due to evolving evasion strategies.

Researchers studying security issues advise consumers to protect their data right away by taking preventative measures. It is advised to carefully examine user reviews and ratings, confirm the app's permissions before installing, and exercise caution when dealing with unapproved sources. Moreover, setting two-factor authentication (2FA) on messaging apps can provide an additional degree of security against unwanted access.

Signal and WhatsApp have reaffirmed their commitment to user privacy and security in response to this new threat. Users are encouraged to report any suspicious behavior and to remain alert. The event serves as a reminder that users and platform providers alike share responsibility for cybersecurity.

Dr. Emily Carter, a cybersecurity specialist, has stressed that a proactive approach to digital security is crucial in light of the hackers' increasing strategies. Users must be aware of potential risks and exercise caution when interacting with third-party apps, particularly those that request an excessive amount of permissions."

The necessity for ongoing caution in the digital sphere is highlighted by the recent usage of a phony Android chat app to steal user data from Signal and WhatsApp. To avoid becoming a victim of these nefarious actions, consumers need to stay informed and take precautions as hackers continue to improve their techniques. People can contribute to the creation of a safer online environment by keeping up with the most recent cybersecurity trends and best practices.

Read more »
User Privacy
Data Breach Healthcare Ransomware Attacks. US Hospital User Data Leak User Privacy

Cyberattack Targets US Hospital in Texas

Just several weeks following one of the largest healthcare cyberattacks in the US, another hospital system was taken down by a ransomware attack. 

According to a report, OakBend discovered that cybercriminals had accessed its network and encrypted parts of its system on September 1, 2022. In reaction, OakBend started working on network restoration before getting in touch with a third-party data security organization to help with the business's investigation into the event.

The investigation revealed that OakBend Medical Center's computer system had been accessed without authorization and that the hackers had been able to delete some of the material that was accessible.

OakBend Medical Center started looking through the affected files after learning that private customer information had been made available to an unauthorized entity, in order to ascertain what information had been hacked and whose customers were impacted.

On October 28, the medical system notified the Department of Health and Human Services (HHS) of a data breach affecting approximately 500,000 people. The attack has been linked to the ransomware and data extortion gang Daixin Team.

The group, which was formed in June of this year, has financial motivations. Fitzgibbon Hospital in Missouri was its prior victim, and the gang claims to have stolen 40GB of confidential data, including personnel and patient records.

Additionally, CommonSpirit, which manages over 140 hospitals in the US, decided not to reveal the precise number of its locations that were experiencing delays. However, a number of hospitals have reported being impacted, including CHI Memorial Hospital in Tennessee, some St. Luke's hospitals in Texas, and Virginia Mason Franciscan Health in Seattle.

According to Brett Callow, a cybersecurity specialist at Emsisoft, ransomware has been used to breach 19 significant hospital chains in the United States this year.

OakBend stated: "Our analysis shows that only a small quantity of data was really transported outside of the OakBend computing environment, even though we are aware that the hackers had access to OakBend's servers to encrypt our data. However, it does seem that the cybercriminals were able to access or remove several employee data sets and some reports that contained the private and medical information pertaining to our present and past patients, employees, and connected individuals."

To all those whose information was affected as a result of the current data breach, OakBend Medical Center handed out data breach notifications on October 31, 2022.

Read more »
User Data Leak
API Data Breach Data Breaches Data Safety data security User Data User Data Leak

Optus Data Breach: Australia’s Telco Giant Confirms Data of Millions of Users Compromised

 

Australia’s second largest Telecom Company, Optus has recently become a victim of a cyberattack that attack apparently led to the exposure of personal data of its current as well as former customers. According to Trevor Long, a Sydney-based tech analyst, the attack is the biggest breach of personal data from any Australian firm. 

The firm states that as soon as the attack was detected, it worked towards containing the attack, subsequently shutting it down before customers could suffer any harm. The company believes that one of the networks was still exposed to the test network with internet access. 

The data breach notification read, “Following a cyberattack, Optus is investigating the possible unauthorized access of current and former customer [..] Upon discovering this, Optus immediately shut down the attack.” 

In the wake of the attack, the firm confirmed that its customers' private data could be compromised since the attackers had an access to the customer identity database and opened it to other systems via Application Programming Interface (API). The firm further told that its network was accessed from an external source.  

The exposed data, as per the firm’s statement in a press release included customers’ names, dates of birth, contact numbers, email addresses, residential addresses, and identity documents numbers such as passport and driving licenses. The company’s services on the other hand, including mobile and home internet, have not been compromised and the attackers were void of access to messages and phone calls. 

Is Human Error Responsible For The Breach? 

At a media briefing, when asked about the possibility of a human error being responsible for the breach, Optus CEO Kelly Bayers Rosemarin stated that “I know people are hungry for details about the exact specificity of how this attack could occur, but it is the subject of criminal proceedings and so will not be divulging details about that.” 

The company has denied any claims of a human error that could execute this data breach. The CEO also apologized to the firm’s customers, stating it was challenging to offer immediate advice unless the case investigation was complete. 

The CEO also mentioned the strong cyber defense softwares invested in Telco pertaining to the attacks. She further said that this attack should be a wake-up call for all organizations in order to avoid becoming a victim of a data breach. 
Read more »
User Security
Data Breach Data Leak User Data User Data Leak User Security

California Gun Permit Website Exposes User Data

 

About the Data Leak

A state website in California disclosed private information of any user who registered for CCP (concealed Carry Weapons) permits during 2011-2021. The California Department of Justice says the incident happened last week, in the blunder, the US state's firearms dashboard portal was overwhelmed. 

Besides the portal breach, the data was also leaked on various other online dashboards like- Assault Weapon Registery, Dealer Record of Sale, Firearm Safety Certificate, Certified for Sale, Dealer Record of Sale, Gun Violence Restraining Order, and Firearm Safety Certificate dashboards. 

What are the experts saying?

"The California cyber-gaffe comes at a time when data privacy is at the forefront of the national debate, in large part because of the US Supreme Court's recent decision to overturn Roe vs. Wade, which has called into question what personal data is collected, retained — and potentially sold or shared," reports the Register. 

California Department of Justice says that data and dashboards were accessible to the public for 24 hours. The data leaked include Gender, Race, Date of Birth, driver's license info, criminal histories, and addresses. However, it didn't expose financial information and social security numbers. 

Info exposed in the Data Leak 

But still, some personal information may have been leaked on social media websites, says Fresno County Sheriff's Office, which found the data leak. The state DOJ will inform California users whose data was leaked and will give additional info and details about soon. It also includes credit monitoring services for impacted users. 

"I immediately launched an investigation into how this occurred at the California Department of Justice and will take strong corrective measures where necessary," said Rob Bonta, California Attorney General, in a statement. He also said that he was deeply sorry and unsettled by the incident. 

The office didn't address the issue immediately, denying to provide info about the number of users affected and a number of California residents that apply for concealed weapons permit every year but are denied. 

Tim Marley, VP for audit, risk, and compliance at Cerberus Sentinel said that "the failure to keep stakeholders' sensitive data confidential is coming with greater consequences for organizations in the United States."
Read more »
WastedLocker
Cyber Attacks DoppelPaymer Dridex Evil Corp Microsoft Excel Phoenix CryptoLocker User Data Leak WastedLocker

NRA Reacts to Allegations of a Ransomware Campaign

 

Last year, the National Rifle Association — champion of gun-toting maniacs worldwide, admitted it was hacked by cybercriminals. The organization's political action committee (PAC) confirmed the attack in a filing to the Federal Election Commission on Friday. 

Last October, a ransomware group known as "Grief" boasted to the digital underworld about hacking into the gun lobby's networks and stealing critical internal papers. It released screenshots of documents it claimed to be stolen during the event. The NRA did not confirm or deny it had been hacked at the time. 

"The National Rifle Association does not talk about its physical or electronic security. The NRA, on the other hand, takes exceptional precautions to safeguard information about its members, funders, and operations, and is extremely cautious in doing so." Andrew Arulanandam, managing director of NRA Public Affairs. 

The NRA was added as a new victim on the ransomware gang's data site today, along with pictures of Excel spreadsheets revealing US tax information and transaction amounts. The threat actors also published a 2.7 MB archive called 'National Grants.zip,' which comprises bogus NRA grant applications. After Grief claimed it obtained 13 files supposedly from the NRA's databases, security researchers began posting about the breach on Wednesday. According to an analysis of the documents supplied, it included records from a recent NRA board meeting as well as grant documents. If the NRA did not pay an undisclosed ransom, it threatened to release more files. 

The Grief ransomware group is believed to be linked to Evil Corp, a Russian hacking group. Evil Corp has been active since 2009 and has been involved in a variety of destructive cyber activities, including the spread of the Dridex trojan, which was used to steal online banking credentials and money. 

In 2017, the hacking gang published BitPaymer, ransomware which was later renamed DoppelPaymer in 2019. The US Department of Justice charged members of the Evil Corp with stealing more than $100 million and adding the cyber group to the Office of Foreign Assets Control (OFAC) sanction list after years of attacking US interests. 

Soon after, the US Treasury cautioned ransomware negotiators may face civil penalties if anyone helped gangs on the blacklisted list get ransom payments. To avoid US sanctions, Evil Corp has been spreading new ransomware strains under different identities on a regular basis since then.WastedLocker, Hades, Phoenix CryptoLocker, PayLoadBin, and, quite recently, the Macaw Locker are among the ransomware families.

NRA members should take precautions to protect themselves from any penalties which may occur as a result of this breach, according to Paul Bischoff, a privacy advocate at Comparitech. With the Grief ransomware group emerging, security researchers believe it is another version of DoppelPaymer due to the code similarities. Because Grief is related to Evil Corp, ransomware negotiators are unlikely to allow ransom payments unless the victim first obtains OFAC certification.
Read more »
User Privacy
Data Breach Facebook Google User Data Leak User Privacy

Doxy.me is Resolving a Data Leak that Exposed Patient Information to Facebook and Google

 

Doxy.me, a telehealth platform, is correcting an issue that allowed three third-party firms to obtain the names of some patients' providers. After examining the platform, privacy researcher Zach Edwards discovered that the company, which self-reports as having 30% of the growing US telemedicine market and is currently used by over 1 million providers worldwide, appeared to be sharing IP addresses and unique device identification numbers with Google, Facebook, and the marketing software company HubSpot. 

When patients clicked on a link to the platform's "virtual waiting room" service, which connects patients with medical professionals, the sensitive user data became available. According to Edwards, Doxy.me appears to have attempted to remove the doctor name from URLs given to third parties, but the three companies used particular technical loopholes to obtain the complete URL, which included the doctor names. There was no breach of patient health information.

Working with third parties like Google and Facebook to maximize data analytics and marketing poses dangers that are distinct from encrypting patient sessions or requiring strong passwords for Doxy.me. Regulators and lawmakers have shown a desire to address the privacy concerns raised by telehealth apps. In September, the Federal Trade Commission issued guidelines that would punish health applications for failing to tell consumers about the sharing of personal information without their permission. 

“As soon as you start sharing data, networks, there are some things that are out of your control and much of the responsibility here is on the ad networks themselves,” said Rykov, of the Mozilla Foundation. “They operate like a black box, we don’t really know what their algorithm is doing and what they’re capable of.” 

The problem raises broader concerns about data security in the telehealth industry. Google and Facebook use metadata gathered from throughout the web to categorize people into "audiences." Companies employ metadata collected across websites to construct audience groups, sometimes known as "lookalike" or "similar" audiences, to assist advertising customers target audiences they are attempting to reach. A marketing customer can then utilize this technique to increase the size of its own audience list. 

Such data sharing puts users in danger of being inadvertently grouped with other patients by Google and Facebook's advertising platforms, potentially providing sensitive information about a patient's condition to the companies' algorithms. Advertisers could therefore target individuals with adverts that were personalised to their specific medical issues.
Read more »
Subscribe to: Posts (Atom)