Data Breach Archives

T-Mobile reports bad actor accessed 37M customer records

Cybercrime, Data Breach, Data Privacy / By Frank Crast / January 21, 2023 January 21, 2023 / API, Data Breach, PCI, Privacy, SEC, T-Mobile

In a new 8-K report submitted to the SEC, T-Mobile acknowledged a bad actor accessed 37 million T-Mobile customer records via an API flaw without authorization checks.

LastPass provides an update on security breach

Cybersecurity Attacks, Data Breach, Data Privacy, Password Management / By Frank Crast / December 28, 2022 December 28, 2022 / Data Breach, LastPass, Password

LastPass has provided an update on a security breach of internal source code and sensitive documents previously disclosed this past August.

Rackspace suffers from security incident involving Hosted Exchange services

Cybersecurity Attacks, Data Breach, Messaging Security, Vulnerabilities & Exploits / By Frank Crast / December 4, 2022 December 4, 2022 / Exchange, Microsoft, Office365, ProxyNotShell, Rackspace, Zeroday

Cloud computing services company Rackspace has reported a security incident involving Hosted Exchange services.

Intel reports leak of Alder Lake BIOS source code

Application Security, Data Breach, Source Code Security / By Frank Crast / October 10, 2022 October 10, 2022 / Alder Lake, BIOS, Intel, Intel Core, Source Code, Vulnerabilities

Chipmaker Intel has confirmed a leak of its Alder Lake BIOS source code, as revealed on 4chan and GitHub. However, the hacker’s origin (or root cause) remains unknown.

Uber provides updates on cybersecurity incident

Authentication, Data Breach, Data Privacy / By Frank Crast / September 20, 2022 September 20, 2022 / Data Breach, hacking, Lapsus$, Privacy, Uber

Uber provided new details regarding a cybersecurity incident that resulted in a data breach of its network systems.

T-Mobile to pay $350 million over 2021 data breach

Cybersecurity Attacks, Data Breach, Data Privacy, Mobile Security / By Frank Crast / July 26, 2022 July 26, 2022 / Data Breach, Privacy, T-Mobile

T-Mobile has agreed to pay $350 million and invest another $150 million in data security improvements to settle litigation over the 2021 data breach that impacted over 76 million T-Mobile customers.

Okta investigating reports of data breach by Lapsus$ ransomware cybercriminal group (updated)

Authentication, Data Breach, Data Privacy, Identity & Access Management / By Frank Crast / March 22, 2022 March 23, 2022 / authentication, Breach, Data Breach, Okta

Identity and authentication services firm Okta is investigating reports that the firm has been breached by the Lapsus$ ransomware cybercriminal group.