Conduent warns January breach impacted a 'significant' number of people
Conduent Inc. warned in an April 14 regulatory filing with the Securities and Exchange Commission that a "significant" number of people had their personal data stolen in a January cyberattack that affected a limited number of the company's clients. The company, a major government payments technology vendor for social services and transit systems, was targeted in a Jan. 13 attack that disrupted certain operations. READ MORE...
Data Breach at Onsite Mammography Impacts 350,000
Massachusetts medical services provider Onsite Mammography is notifying over 350,000 people that their personal and health information was compromised in a data breach. The incident was discovered in October 2024 and involved unauthorized access to an employee's email account, the firm reveals in a notification letter mailed to the impacted individuals. Some of the emails in the compromised account's inbox exposed both personally identifiable information and protected health information. READ MORE...
Kelly Benefits Data Breach Impacts 260,000 People
Maryland-based benefits and payroll solutions provider Kelly & Associates Insurance Group (dba Kelly Benefits) has disclosed a data breach impacting more than 260,000 people. Kelly Benefits provides benefits administration and technology, broker and consulting services, and payroll solutions in Maryland and surrounding states. A data security notice posted on its website reveals that the company recently detected suspicious activity on its network. READ MORE...
Cyberattack Hits British Retailer Marks & Spencer
Iconic British retailer Marks & Spencer (M&S) is scrambling to restore services impacted by a cybersecurity incident that occurred over the Easter holiday. While the company's online services remained operational, the incident impacted certain store operations, causing delays and frustration among customers. The company says it has engaged with cybersecurity experts to investigate the incident and relevant authorities have been notified. READ MORE...
Who needs phishing when your login's already in the wild?
Criminals used stolen credentials more frequently than email phishing to gain access into their victims' IT systems last year, marking the first time that compromised login details claimed the number two spot in Mandiant's list of most common initial infection vectors. "Credential stealers have been and are a major issue, but we have seen a resurgence recently," Mandiant Consulting VP Jurgen Kutscher said in an interview with The Register. READ MORE...
Verizon discovers spike in ransomware and exploited vulnerabilities
Cybercriminals and state-sponsored threat groups exploited vulnerabilities and initiated ransomware attacks with vigor last year, escalating the scope of their impact by hitting more victims and outmaneuvering defenses with speed. The rate of ransomware detected in data breaches jumped 37%, occurring in 44% of the 12,195 data breaches reviewed in Verizon's 2025 Data Breach Investigations Report released Wednesday. READ MORE...
'Cookie Bite' Entra ID Attack Exposes Microsoft 365
Attackers could exploit two key authentication cookies used by Azure Entra ID to bypass MFA and hijack legitimate user sessions - thus gaining persistent access to Entra ID-protected resources in Microsoft 365 like Outlook and Teams. From there, they could engage in a range of malicious activities, including reconnaissance and privilege escalation that can lead to cyberattacks on the system. The exploitation vector affects millions of organizations that rely on Azure Entra ID. READ MORE...
Hackers abuse Zoom remote control feature for crypto-theft attacks
A hacking group dubbed 'Elusive Comet' targets cryptocurrency users in social engineering attacks that exploit Zoom's remote control feature to trick users into granting them access to their machines. Zoom's remote control feature allows meeting participants to take control of another participant's computer. According to cybersecurity firm Trail of Bits, which encountered this social engineering campaign, the perpetrators mirror techniques used by the Lazarus hacking group. READ MORE...
- ...in 1858, German physicist and Nobel laureate Max Planck, the originator of quantum theory, is born in Kiel, Germany.
- ...in 1914, Weeghman Park in Chicago hosts its first-ever baseball game. Thirteen years later, the park was renamed Wrigley Field.
- ...in 1936, early rock singer/songwriter Roy Orbison ("Only the Lonely", "Oh, Pretty Woman") is born in Vernon, TX.
- ...in 1985, Coca-Cola releases the ill-fated "New Coke" to a negative response from consumers; three months later, the old formula is back in stores.
