The Wawa convenience store chain is facing a wave of lawsuits over a data breach that affected its 850 locations along the East Coast. Wawa Inc. discovered malware on its payment processing servers this month before stopping the breach Dec. 12, the company has said. Officials with the company, based in Wawa, Pennsylvania, believe the malware had been collecting card numbers, customer names and other data since as early as March.
Smart home tech maker Wyze Labs confirmed that the user data of over 2.4 million of its users were exposed by an unsecured database connected to an Elasticsearch cluster for over three weeks, from December 4 to December 26. The company discovered the incident after receiving an inquiry from an IPVM reporter via a "support ticket at 9:21 a.m. on December 26."
The U.S. Coast Guard (USCG) published a marine safety alert to inform of a Ryuk Ransomware attack that took down the entire corporate IT network of a Maritime Transportation Security Act (MTSA) regulated facility. While the incident is still currently being investigated, the USCG says that a phishing email is most likely the point of entry within the MTSA facility's network.