SolarLeaks site claims to sell data stolen in SolarWinds attacks

A website named 'SolarLeaks' is selling data they claim was stolen from companies confirmed to have been breached in the SolarWinds attack. Last month, it was disclosed that network management company SolarWinds suffered a sophisticated cyberattack that led to a supply chain attack affecting 18,000 customers. According to a joint statement issued by the FBI, … Continue reading SolarLeaks site claims to sell data stolen in SolarWinds attacks

Hackers leak stolen Pfizer COVID-19 vaccine data online

The European Medicines Agency (EMA) today revealed that some of the Pfizer/BioNTech COVID-19 vaccine data stolen from its servers in December was leaked online. EMA is a decentralized agency responsible for reviewing and approving COVID-19 vaccines, as well as for evaluating, monitoring, and supervising any new medicines introduced to the EU. "The ongoing investigation of … Continue reading Hackers leak stolen Pfizer COVID-19 vaccine data online

United Nations data breach exposed over 100k UNEP staff records

Today, researchers have responsibly disclosed a security vulnerability by exploiting which they could access over 100,000 private employee records of United Nations Environmental Programme (UNEP). The data breach stemmed from exposed Git directories and credentials, which allowed the researchers to clone Git repositories and gather a large amount of personally identifiable information (PII) associated with … Continue reading United Nations data breach exposed over 100k UNEP staff records

New Zealand Reserve Bank suffers data breach via hacked storage partner

The Reserve Bank of New Zealand, known as Te PÅ«tea Matua, has suffered a data breach after threat actors hacked a third-party hosting partner. The Reserve Bank is the central bank of New Zealand and is responsible for creating monetary policy to stabilize prices in the country. On January 10th, the Reserve Bank disclosed that … Continue reading New Zealand Reserve Bank suffers data breach via hacked storage partner

T-Mobile data breach exposed phone numbers, call records

T-Mobile has announced a data breach exposing customers' proprietary network information (CPNI), including phone numbers and call records. Starting yesterday, T-Mobile began texting customers that a "security incident" exposed their account's information. According to T-Mobile, its security team recently discovered "malicious, unauthorized access" to their systems. After bringing in a cybersecurity firm to perform an … Continue reading T-Mobile data breach exposed phone numbers, call records