Latest security breaches
The Land Registry agency in Greece experienced a limited data breach targeting its IT infrastructure involving the compromise of employee terminals and the theft of 1.2 GB of administrative documents.
The Superior Court of Los Angeles County closed 36 courthouse locations due to a ransomware attack, affecting both internal and external systems. The attack, unrelated to a Windows systems outage, led to the immediate disabling of all network systems to contain the breach.
In another data breach, a threat actor leaked personal information of over 442,000 Life360 customers by exploiting a flaw in the login API, exposing names, phone numbers, and email addresses. Life360 faced an extortion attempt after attackers breached a Tile customer support platform, leading to the theft of sensitive customer information, although no financial or login credentials were compromised.
The Walt Disney company experienced a data breach, with sensitive information from their internal communications on Slack being leaked by hacker group NullBulge. Cybersecurity experts speculate that the breach may have occurred due to security misconfigurations, weak passwords, or vulnerabilities in third-party integrations with Slack.
AT&T suffered a massive data breach where threat actors stole call and text records of nearly all its mobile customers; however, the stolen data does not include sensitive personal information such as names or Social Security numbers. The data theft was conducted through compromised credentials on AT&T's Snowflake account, which is part of a recent wave of attacks targeting Snowflake customers. This has led to mandatory multi-factor authentication enforcement to prevent future breaches.
Evolve Bank & Trust suffered a data breach affecting 7.6 million Americans after an employee clicked on a malicious link, leading to unauthorised access to their database. Evolve is providing credit monitoring and identity protection services to affected individuals and advises vigilance against unsolicited communications.
In another data breach, TeamViewer, a popular remote access software company, has reported a breach in its internal corporate IT environment. The cybersecurity firm NCC Group claims the breach was carried out by a Russian state-sponsored hacking group called Midnight Blizzard. Despite TeamViewer's assurance that its product environment and customer data are unaffected, concerns remain due to the widespread use of its software.
In another significant data breach, India's leading cryptocurrency exchange WazirX faced alleged transfer of about $234 million worth of digital assets to a different address, as crypto exchanges continue to face the regulatory heat. The cyber-attack stemmed from a discrepancy between the data displayed on Liminal’s interface and the transaction’s actual contents.
A cyberattack in the Ukrainian city of Lviv caused a two-day heating outage for over 600 apartment buildings, highlighting the vulnerability of critical infrastructure to malicious hackers. The FrostyGoop malware targeted industrial control systems, demonstrating a growing effort to disrupt essential services using sophisticated cyber tactics.