Featured Article
Two Santa Cruz students uncover security bug that could let millions do their laundry for free
CSC ServiceWorks provides laundry machines to thousands of residential homes and universities, but the company ignored requests to fix a security bug.
3 days ago
Featured Article
‘Got that boomer!’: How cybercriminals steal one-time passcodes for SIM swap attacks and raiding bank accounts
Estate is an invite-only website that has helped hundreds of attackers make thousands of phone calls aimed at stealing account passcodes, according to its leaked database.
5:05 am PDT • May 13, 2024
Security
US Patent and Trademark Office confirms another leak of filers’ address data
12:44 pm PDT • May 8, 2024
The federal government agency responsible for granting patents and trademarks is alerting thousands of filers whose private addresses were exposed following a second data spill in as many years. The…
U.S. realty trust giant Brandywine Realty Trust has confirmed a cyberattack that resulted in the theft of data from its network. In a filing with regulators on Tuesday, the Philadelphia-based…
Security
Change Healthcare hackers broke in using stolen credentials — and no MFA, says UHG CEO
4:25 am PDT • April 30, 2024
UnitedHealth’s CEO said in congressional testimony that the portal used by the hackers to break into Change Healthcare was not protected with a basic security feature.
Security
Health insurance giant Kaiser will notify millions of a data breach after sharing patients’ data with advertisers
12:42 pm PDT • April 25, 2024
Kaiser, one of the largest healthcare organizations in the United States, said it was notifying 13.4 million members of a data breach earlier in April.
Featured Article
Security bugs in popular phone-tracking app iSharing exposed users’ precise locations
The location-sharing app iSharing, which has 35 million users, fixed vulnerabilities that exposed users’ personal information and precise location data.
7:01 am PDT • April 24, 2024
Featured Article
UnitedHealth says Change hackers stole health data on ‘substantial proportion of people in America’
The health tech giant processes 15 billion health transactions a year, and handles health information for about half of all Americans.
3:35 pm PDT • April 22, 2024
Security
US government downgrades bug in Chirp Systems app that contained hardcoded password
12:05 pm PDT • April 22, 2024
CISA said Chirp Systems ignored the federal agency and the reporting security researcher.
Security
Lawmakers vote to reauthorize US spying law that critics say expands government surveillance
6:00 am PDT • April 20, 2024
House and Senate lawmakers passed a bill reauthorizing the controversial Section 702 powers under FISA, which allows U.S. spy agencies to conduct warrantless searches of Americans’ communications.
Featured Article
Your Android phone could have stalkerware — here’s how to remove it
This simple guide helps you identify and remove common consumer-grade spyware apps from your Android phone.
2:15 pm PDT • April 19, 2024
Featured Article
Hackers are threatening to leak World-Check, a huge sanctions and financial crimes watchlist
The hackers say they have stolen 5.3 million records from the World-Check database, used by companies and banks for screening potential customers.
10:05 am PDT • April 18, 2024
Security
Palo Alto Networks’ firewall bug under attack brings fresh havoc to thousands of companies
9:10 am PDT • April 17, 2024
Organizations are urged to patch their Palo Alto firewalls after researchers discover evidence of malicious exploitation dating back to late March.
Security
Omni Hotels says customers’ personal data stolen in ransomware attack
7:19 am PDT • April 16, 2024
A ransomware gang called Daixin has taken credit for the breach, and claimed to steal millions of customer records dating back to 2017.
Security
Change Healthcare stolen patient data leaked by ransomware gang
12:38 pm PDT • April 15, 2024
This is the second group to demand a ransom payment from Change Healthcare to prevent the release of stolen patient data in as many months.
Spyware makers are reportedly working on targeting individuals with stealthy data-stealing malware using online banner ads.
Security
Roku says 576,000 user accounts hacked after second security incident
9:04 am PDT • April 12, 2024
Roku said it discovered malicious hackers compromised more than half a million user accounts while investigating an earlier spate of account hacks.
Founded in 1973, the Washington DC-based Heritage Foundation and supports and lobbies on conservative issues.
Security
US says Russian hackers stole federal government emails during Microsoft cyberattack
12:02 pm PDT • April 11, 2024
CISA said the latest theft of government email — blamed on Russian government hackers — presents “a grave and unacceptable risk” to U.S. federal agencies.
Security
US government urges Sisense customers to reset credentials after hack
6:17 am PDT • April 11, 2024
The U.S. cybersecurity agency said it was responding to a “recent compromise” at the data analytics giant, which provides business intelligence to critical infrastructure companies.
The legally required disclosure came a week after AT&T confirmed a cache containing millions of customers’ data that leaked online was genuine.
Security
Microsoft employees exposed internal passwords in security lapse
11:11 am PDT • April 9, 2024
The tech giant secured a cloud storage server that was inadvertently spilling Microsoft internal data and credentials to the open internet.
Targus’ parent company, B. Riley Financial, said it discovered “a threat actor gained unauthorized access to certain of Targus’ file systems.”
Featured Article
‘Reverse’ searches: The sneaky ways that police tap tech companies for your private data
Reverse searches cast a digital dragnet over a tech company’s store of user data to catch the information that police are looking for.
8:05 am PDT • April 2, 2024
Featured Article
AT&T resets account passcodes after millions of customer records leak online
A security researcher told TechCrunch that leaked AT&T customer data contained encrypted account passcodes that can be easily unscrambled.
7:10 am PDT • March 30, 2024
The government’s reward for information now extends to ALPHV’s affiliates, which claimed responsibility for a massive weekslong healthcare cyberattack.
It’s the first time the United Kingdom has attributed the massive breach of millions of citizens’ voter data since the cyberattack was first disclosed in 2023.
Customers say their leaked AT&T customer data — names, addresses, phone numbers and Social Security numbers — is accurate.
Security
DOT to investigate data security and privacy practices of top US airlines
6:30 am PDT • March 21, 2024
The U.S. Department of Transportation announced its first industry-wide review of data security and privacy policies across the largest U.S. airlines. The DOT said in a press release Thursday that…
Featured Article
Users say Glassdoor added real names to user profiles without their consent
One user said Glassdoor pulled her full name from an email and added it to her profile. Another user said it wasn’t clear how Glassdoor got his data.
2:45 pm PDT • March 20, 2024
