Data Breach

Pierluigi Paganini October 11, 2023
Air Europa data breach exposed customers’ credit cards

Airline Air Europa disclosed a data breach and warned customers to cancel their credit cards after threat actors accessed their card information. Air Europa is a Spanish airline and a subsidiary of the Globalia Corporation. It operates as a full-service carrier, providing passenger and cargo services to various destinations, both domestic and international. Air Europa […]

Pierluigi Paganini October 09, 2023
Flagstar Bank suffered a data breach once again

Flagstar Bank announced a data breach suffered by a third-party service provider exposed the personal information of over 800,000 US customers. Flagstar Bank is warning 837,390 US customers that their personal information was exposed after threat actors breached the third-party service provider Fiserv. Flagstar Bank is an American commercial bank headquartered in Troy, Michigan, it is a […]

Pierluigi Paganini October 06, 2023
Ransomware attack on MGM Resorts costs $110 Million

Hospitality and entertainment company MGM Resorts announced that the costs of the recent ransomware attack costs exceeded $110 million. In September the hospitality and entertainment company MGM Resorts was hit by a ransomware attack that shut down its systems at MGM Hotels and Casinos. The incident affected hotel reservation systems in the United States and […]

Pierluigi Paganini October 05, 2023
NATO is investigating a new cyber attack claimed by the SiegedSec group

NATO is investigating claims that a group called SiegedSec has breached its systems and leaked a cache of unclassified documents online. NATO announced it is investigating claims that a politically motivated threat actor called SiegedSec has breached its systems and leaked unclassified documents online. “NATO cyber experts are actively addressing incidents affecting some unclassified NATO […]

Pierluigi Paganini October 05, 2023
Global CRM Provider Exposed Millions of Clients’ Files Online

Researcher discovered that global B2B CRM provider Really Simple Systems exposed online a non-password-protected database with million records. Cybersecurity Researcher, Jeremiah Fowler, discovered and reported to vpnMentor about a non-password protected database that contained over 3 million records. The documents appeared to be associated with internal invoices, communications, and customer’s stored CRM files. Upon further research, records […]

Pierluigi Paganini October 05, 2023
Sony sent data breach notifications to about 6,800 individuals

Sony Interactive Entertainment has notified current and former employees and their family members about a data breach. Sony Interactive Entertainment (SIE) has notified current and former employees and their family members about a data breach that exposed their personal information. Sony notified about 6,800 individuals, it confirmed that the security breach was the result of the […]

Pierluigi Paganini October 03, 2023
San Francisco’s transport agency exposes drivers’ parking permits and addresses

A misconfiguration in the Metropolitan Transportation Commission (MTC) systems caused a leak of over 26K files, exposing clients’ parking permits and home addresses. The MTC is a governmental agency responsible for regional transportation planning and financing in the San Francisco Bay Area. The latest research by Cybernews shows that the agency left public access to […]

Pierluigi Paganini October 03, 2023
European Telecommunications Standards Institute (ETSI) suffered a data breach

The European Telecommunications Standards Institute (ETSI) disclosed a data breach, threat actors had access to a database of its users. Threat actors stole a database containing the list of users of the portal of the European Telecommunications Standards Institute (ETSI). The European Telecommunications Standards Institute is an independent, not-for-profit organization based in Europe. The organization […]

Pierluigi Paganini October 02, 2023
National Logistics Portal (NLP) data leak: seaports in India were left vulnerable to takeover by hackers

The National Logistics Portal (NLP), a newly launched platform to manage all port operations in India, left public access to sensitive data, posing the risk of a potential takeover by threat actors. On September 24th, researchers discovered that the NLP platform was exposing sensitive credentials, secrets, and encryption keys via publicly available JS files. In […]

Pierluigi Paganini October 02, 2023
Ransomware attack on Johnson Controls may have exposed sensitive DHS data

Experts warn that the recent attack on building automation giant Johnson Controls may have exposed data of the Department of Homeland Security (DHS). Johnson Controls International plc is a multinational conglomerate with a diversified portfolio of products and services primarily focused on building technologies and solutions. The company provides HVAC (heating, ventilation, and air conditioning), […]