When T-Mobile compromised the sensitive personal information of more than 76 million current, former, and prospective customers in 2021, plaintiffs involved in a class action lawsuit complained that the company continued profiting off their data while attempting to cover up "one of the largest and most consequential data breaches in US history." Now, T-Mobile has admitted no guilt but has agreed to pay a $500 million settlement (pending a judge's approval). READ MORE...
Entrust suffered a data breach last month and the security company has confirmed that the attackers have stolen some files. The breach was discovered on June 18 and the firm started notifying customers on July 6. However, the intrusion came to light only on July 21 when security researcher Dominic Alvieri came across a copy of the notification sent by Entrust to customers. READ MORE...
Italian authorities are investigating the theft of roughly 78 gigabytes of data stolen from Italy's tax agency, l'Agenzia delle Entrate, the Italian news agency ANSA reported Monday. Earlier Monday, LockBit 3.0, one of the most active and prolific ransomware groups going, posted a notice to its website claiming it had stolen "100GB: company documents, scans, financial reports, contracts" from the agency, along with six screenshots purporting to show a sample of the files. READ MORE...
A dangerous malware variant called "Amadey Bot" that has been largely dormant for the past two years has surfaced again with new features that make it stealthier, more persistent, and much more dangerous than previous versions - including antivirus bypasses. Amadey Bot first appeared in 2018 and is primarily designed to steal data from infected systems. However, various threat actors - such as Russia's infamous TA505 advanced persistent threat (APT) group. READ MORE...
Criminal hackers have been able to steal at least 50,000 credit cards from 300 restaurants in the US, after launching two Magecart campaigns that target the MenuDrive, Harbortouch, and InTouchPOS online payment platforms: Magecart is a web-skimmer-malware that is injected onto a vulnerable website so it can steal credit card information as it's entered into the site's checkout. READ MORE...
Hackers are targeting websites using the PrestaShop platform, leveraging a previously unknown vulnerability chain to perform code execution and potentially steal customers' payment information. The PrestaShop team issued an urgent warning last Friday, urging the admins of 300,000 shops using its software to review their security stance after cyberattacks were discovered targeting the platform. READ MORE...