All articles tagged with #breach
A new data dump has exposed 48 million Gmail usernames and passwords, underscoring ongoing risks from credential stuffing and password reuse; users should enable two-factor authentication, rotate compromised passwords, and monitor accounts for suspicious activity.
The FIA has completed a seven-month review of 2024 F1 cost cap compliance, finding Aston Martin as the only team with a minor procedural breach related to unsigned documentation, while other teams and engine manufacturers are cleared; Aston Martin's breach was deemed minor and did not confer any advantage.
Aston Martin admitted to a minor procedural breach related to missing signatures in their F1 cost cap submission, accepted an Accepted Breach Agreement, and faced no penalties, with the FIA expected to announce the final review results soon.
F5, a networking software company, disclosed a long-term breach that poses an imminent threat of cyberattacks on thousands of networks, including those operated by the US government and Fortune 500 companies, potentially due to a nation-state hacking group.
F5, a U.S. cybersecurity firm, saw its stock drop 10% after revealing a sophisticated nation-state hacking incident attributed to China, which compromised its systems for over a year using malware called Brickstorm, prompting urgent security updates and warnings from U.S. and UK cybersecurity agencies.
Google has reassured users that Gmail's security remains strong and effective, dismissing reports of a major breach. The recent security concerns stem from a limited June breach on Google's corporate servers and a subsequent increase in phishing attacks, but no private user data was compromised. Google emphasizes that the fears of a widespread Gmail hack are unfounded.
Google has denied reports of a massive security breach affecting 2.5 billion Gmail users, clarifying that the incident was overstated and only involved a smaller, unrelated security issue with Salesforce. The company emphasized its strong security measures and encouraged users to remain vigilant against phishing, reassuring that their Gmail accounts are secure.
The Premier League and Manchester City have agreed on a sanction after the club admitted to breaching rules related to kick-off and re-start obligations in nine matches during the 2024/25 season, ensuring the competition's professional standards and scheduling integrity.
The UN nuclear watchdog has reported Iran for the first time in 20 years for not complying with its nuclear obligations, potentially increasing regional tensions and leading to the reimposition of sanctions.
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is investigating a breach at business intelligence company Sisense, urging all Sisense customers to reset any credentials and secrets shared with the company. The breach, which involved attackers gaining access to Sisense's code repository at Gitlab, resulted in the exfiltration of several terabytes of customer data, including access tokens, email account passwords, and SSL certificates. This incident raises concerns about data protection and encryption practices, as well as the potential impact on Sisense customers' security.
A federal Cyber Safety Review Board report has blamed Microsoft for "a cascade of security failures" that led to the 2023 Exchange breach, citing inadequate security culture and preventable errors. The report details critical failures in Microsoft's response to the breach and highlights inaccurate public statements and unsolved mysteries. Microsoft has acknowledged the need to adopt a new culture of engineering security and plans to review the report for additional recommendations.
AT&T acknowledged a data leak affecting 73 million current and former subscribers, with leaked information including names, email addresses, phone numbers, Social Security numbers, and more. The company reset passcodes for impacted customers and is offering credit monitoring. The leaked data, which may have originated from AT&T or a vendor, appeared on the dark web and a public hacking forum, with security researcher Troy Hunt noting that it's easily accessible. The incident is related to a 2021 data leak, and the company is still investigating the source of the data.
An official probe revealed that medical records at the London Clinic were "easily available" to doctors and nurses, leading to an alleged breach of Kate Middleton's personal data during her stay at the hospital. The Care Quality Commission's report praised staff for treating patients with compassion and dignity but also raised concerns about safety and quality of services, leading to an investigation. The hospital's CEO stated that regulatory and disciplinary steps would be taken, and it's believed that Middleton has been made aware of the situation.
France has fined Google €250 million for breaching an agreement with news publishers, marking one of the first instances of a regulator using new European Union rules to curb the power of big tech companies. The French competition authority found that Google had not negotiated in good faith with publishers to use their content on its platform, and had not presented a fair offer for remuneration. This move comes as regulators around the world are increasing scrutiny on tech giants' dominance in the digital advertising and news industries.
The Cybersecurity and Infrastructure Security Agency (CISA) confirmed that hackers breached two of its systems in February through vulnerabilities in Ivanti products, prompting the agency to take the systems offline. The affected systems reportedly had critical ties to U.S. infrastructure, including the Infrastructure Protection Gateway and the Chemical Security Assessment Tool. While CISA has not confirmed whether these specific systems were taken offline, the breach highlights the importance of having an incident response plan in place to address cyber vulnerabilities.