Category: data breach

A Cyber Attack that took place on Twitter is now being considered more serious than what was reported in the 3Q of this year. Going by the details, a hacker reported in July this year that he/she has access to data related to 5 million accounts of Twitter users and includes phone numbers and email ids.

FYI, both these details are enough to access the twitter ID of a user just by sieving the database.

But an independent security researcher named Chad Loder announced through his twitter handle on November 23rd,2022 that there was a similar massive breach on the servers of the social networking giant that took place last year and the data set that was stolen containing sensitive info was now being sold on the dark web.

Chad claims the data sets revealed a couple of days back differed from what was leaked last year and added in the twitter statement that multiple hackers were involved in infiltrating the computer network of the company that was newly bought by Tesla Chief Elon Musk for $44 billion.

It is worth noting that the allegations come just a few days after Elon faced sharp criticism for firing most of the C-level employees of his company and contract staff.

NOTE- Musk’s ownership of Twitter is being disliked by most of the staff who haven’t been fired yet. And for reasons, some have given their voluntary resignation, before they could face any hardships from the new management. And the latest to add to this list is Lea Kissner, the Chief Information Security Officer of the microblogging giant who reported having lost interest in the job, after former CEO Parag Agarwal and legal chief Vijaya Gadde were removed from their posts, respectively.

 

The post Twitter data breach leaking phone numbers and email ID were seriously concerning appeared first on Cybersecurity Insiders.

A UK police force has apologised after it published the names and addresses of victims of sexual assault on its website. Suffolk Police says that it has launched an investigation into how victims' names, addresses, dates of birth, and details of reportedly hundreds of alleged offences were left on public view. Read more in my article on the Hot for Security blog.

HaveIBeenPwned serves as a platform for those who can search for their email address to find whether it was accessed by hackers via a data breach. But what if the platform itself gets infiltrated and leaks the whole of its database to cyber crooks?

Well, unconfirmed reports state that the entire database owned by the Microsoft Regional Director Troy Hunt was hacked by cyber criminals through an unknown vulnerability. And the whole of the data is in hands of threat actors who are now indulging in an extortion campaign threatening to leak the information if their demand for Bitcoins remains unheeded.

Troy is yet to confirm the incident, but one of his social media posts acknowledged it to a certain extent!

Hackers have released a news update that they now own the database filled with millions of email addresses that will be later sold to the highest bidder if the non-profit organization doesn’t bow to their demands.

Wait, the threat doesn’t end here! As the threat, actors added to their statement that they will start informing customers and business partners of the website about the hack to tarnish the image of the website on an international note.

The hackers seem to work with a vengeance, as they are threatening to use black hat SEO techniques to de-index the website in all countries, so that the website loses traffic forever.

A demand for $2500 BTC has been made by the criminals and if Troy and his staff miss the payment within a time frame of 72 hours, all the above stated threat tactics are sure to be implemented.

New hacking group named ‘Team Montesano’ has taken the claim of the attack and is apparently being linked to Lapsus$ Ransomware group.

 

The post Cyber Attack on HaveIBeenPwned leaks email data to hackers appeared first on Cybersecurity Insiders.

A ransomware gang has begun to publish data on the dark web stolen from Australia's largest health insurer Medibank. Curiously, the hackers have released details of insured customers, sorted into two files bearing the label "naughty-list" and "good-list." Read more in my article on the Hot for Security blog.

Data of Australian Victorian Populace appears to be exposed, as a technology company managing and serving was infiltrated by hackers on Wednesday last week. PNORS Technology Group, is the company that witnessed a compromise of its computer network recently, apparently spilling sensitive details to hackers.

PNORS owns about 5-companies and information is out that hackers launched a cyber attack on two of its companies- Netway Networks and Datatime Services on November 2nd -3rd of this year.

As the latter deals with Digi-document management and the former serves as management IT services provider, the damage seems to be more than expected.

Paul Gallo, the CEO of PNORS, acknowledged the news as true and assured that it will reveal more details after a thorough investigation gets concluded.

On Sunday last week, criminals leaked some information to prove that they are in hold of sensitive details gained from the hack and the threat actors targeted Department of Education and Training in Victoria (one among the victims) and are threatening to sell the details of a health questionnaire on the dark web if their demands aren’t met.

NOTE- The questionnaire contains a link to database where personal information of primary school students, including their drug abuse history, development and behavioral issues and their family alcohol details, were recorded along with their demographics.

Victorian populace data breach comes just within weeks after the revelation of Optus, SingTel and Medibank data breach.

So, the government seems to have taken a serious note of the situation and launched a national level formal inquiry with a specialized team of forensic security experts.

 

The post Data Breach of Victorian Populace in Australia taken seriously appeared first on Cybersecurity Insiders.