T-Mobile has disclosed a new, enormous breach that occurred in November, which was the result of the compromise of a single application programming interface (API). The result? The exposure of the personal data of more than 37 million prepaid and postpaid customer accounts. For those keeping track, this latest disclosure marks the second sprawling T-Mobile data breach in two years and more than a half-dozen in the past five years. READ MORE...
The important thing to realise about the (most recently) reported data breach at email newsletter service Mailchimp is that it's not just Mailchimp's customer data that was put at risk. Even if you're not personally a customer of Mailchimp, even if you've never even heard of Mailchimp, you may be affected. That's a realisation that should be dawning on customers of sportsbook and betting website FanDuel, as they receive warnings that their names and email addresses were exposed earlier this month. READ MORE...
Threat actors now use OneNote attachments in phishing emails that infect victims with remote access malware which can be used to install further malware, steal passwords, or even cryptocurrency wallets. This comes after attackers have been distributing malware in emails using malicious Word and Excel attachments that launch macros to download and install malware for years. However, in July, Microsoft finally disabled macros by default in Office documents, making this method unreliable for distributing malware. READ MORE...
Fast food provider Yum! Brands disclosed a ransomware attack forced the company to shut down almost 300 restaurants in the U.K., the company said in a Wednesday filing with the Securities and Exchange Commission. After detecting the incident, it immediately took containment measures, which included taking certain systems offline and enhancing its monitoring technology, according to the filing. The firm is actively working to restore affected systems and expects that process to be completed in the coming days. READ MORE...
Companies affected by the recent Mailchimp data breach have started notifying customers. The list includes WooCommerce, FanDuel, Yuga Labs and the Solana Foundation. Marketing automation platform Mailchimp revealed recently that its security team discovered unauthorized access to one of its tools on January 11. The tool is used by the company's customer-facing teams for support and account administration. READ MORE...