The US State Department has confirmed a data breach which has led to the exposure of employee data. As reported by Politico, the personally identifiable information (PII) of some of the State Department’s workforce has been exposed, however, the data breach is not thought to impact more than one percent of the staff roster.
No technical details of the security incident have been released to the public, nor who may be responsible. The State Department says it is currently investigating the incident.
Read more about the US State Department data breach on ZDNet.
The Equifax breach last September was huge breach and will take several years to sort out. When the dust settled earlier this year, Equifax finally disclosed that 147.9 million people were affected in some way. Sensitive personal information was stolen, including the names, Social Security numbers, phone numbers and email addresses.
To make things worse, consumers and companies not directly affected by the Equifax breach are still at risk because all that personal data still resides on the Dark Web and can be used for future account fraud, synthetic identity attacks and credential re-use.
Read what organizations can do to mitigate these risks on DarkReading.
Data breaches, successful cyberattacks, and hacking events are often shrouded in silence. Beyond the bare-bones facts, it is often difficult for companies which have become victims of such crimes — as well as the external cybersecurity experts which perform forensics and damage control after — to admit to more than they have to.
If we are going learn how to better defend corporate networks from cyberattacks in the present and the future, communication and being able to learn from each others’ mistakes are key. While anonymized, Verizon’s new 2018 Data Breach Digest (DBD) contributes towards this goal and also gives us a look into how cyberforensics teams tackle data breaches.
Read more about the new report that gives us a glimpse of the tactics hackers are using today in the name of data exfiltration, on ZDNet.
British Airways is investigating the theft of customer data from its website and app over a two-week period and has urged customers affected to contact their banks or credit card providers. The airline said around 380,000 payment cards had been compromised and it had notified the police.
In a statement it said: “The stolen data did not include travel or passport details. From 22.58 BST August 21 2018 until 21.45 BST September 5 2018 inclusive, the personal and financial details of customers making bookings on ba.com and the airline’s app were compromised. The breach has been resolved and our website is working normally.”
Read more about the massive British Airways data breach on The Guardian.
When a data breach occurs it’s not just confidential information that’s attacked: According to a new report, stock prices take a hit, too.
Comparitech analyzed 28 breaches suffered by 24 companies with shares listed on the New York Stock Exchange. While they found wide variations in share performance in the weeks and months following a breach, on average companies that suffered a breach under-performed the NASDAQ by -3.7% after one year. According to the report, the most significant impact from a breach was felt 14 days after the event. After a month, share prices tended to catch up with the NASDAQ.
Read more about the findings of the Comparitech report on DarkReading.
Air Canada has alerted users of its mobile app of a data breach that exposed personal information – including stored passport numbers – of some 20,000 users.
The airline said after noticing “unusual login behavior” on the Mobile+ app from Aug. 22 to 24, it blocked that traffic and locked all Air Canada mobile app accounts. Customers now must reactivate their accounts on the app, which is back up and running.
Read more about the data breach, in which account-holder names, email addresses, and telephone numbers were exposed, as well as passport numbers of those users who stored that information in their profiles, on DarkReading.
A hacker is selling the personal details of over 130 million hotel guests for 8 Bitcoin ($56,000) on a Chinese Dark Web forum. The breach was reported today by Chinese media after several cyber-security firms spotted the forum ad [1, 2, 3, 4].
The seller said he obtained the data from Huazhu Hotels Group Ltd, one of China’s largest hotel chains, which operates 13 hotel brands across 5,162 hotels in 1,119 Chinese cities. According to a description posted by the hacker online, the stolen data is 141.5GB in size and contains 240 million records, with information on roughly 130 million Huazhu hotel guests.
Wireless carrier T-Mobile has notified its 2.3 million subscribers via text message that their personal account information may have been exposed. The warnings accompanied a customer advisory posted to the T-Mobile website alerting all its 77 million customers of the breach. Affected were about 3 percent of subscribers, the company said.
According to the advisory, on August 20 T-Mobile’s cybersecurity team “discovered and shut down… unauthorized access to certain information.” Exposed were customers’ “name, billing zip code, phone number, email address, account number and account type (prepaid or postpaid),” the company wrote. T-Mobile said that no credit card data, social security numbers or passwords were part of the breach.
Read more about the T-Mobile data breach on Threatpost.
More than 50.55 million user accounts of GOMO apps, which are popular amongst children, have been exposed after a port was left opened in an administrative oversight. The incident is reported to have potentially compromised personal data such as user names, passwords, mobile numbers, and unique device information.
The apps were produced by Guangzhou-based developer Sungy Mobile, and included GOMO Reading, GO Launcher, and GO Keyboard. The Chinese developer said on its website that its app portfolio clocked more than 2 billion downloads and were available in more than 200 countries and 48 languages.
Read more about the GOMO apps data breach on ZDNet.
Customers of Cheddar’s Scratch Kitchen restaurants in 23 states are being warned that their credit card information may have been exposed in a suspected data breach. Federal authorities warned the company of a security incident on August 16.
Information belonging to guests of Cheddar’s Scratch Kitchen visiting between November 3, 2017, and January 2, 2018, may have been compromised. The leak potentially includes payment card information and card numbers. In total, 567,000 customers are believed to be affected.
Read more about the data breach, which may have occurred due to old, legacy point-of-sale (PoS) systems, on ZDNet.