The exposed contracts contained information such as full name, address, mobile number, and signature of customers.It also included the model and the serial number of the device brought by customers. A series of vulnerabilities discovered in Verizon Wireless systems could have been exploited by hackers to gain access to 2 million customer contracts. What’s the matter? The issue came to the light while UK-based researcher Daley Bee was analyzing a subdomain of Verizon Wireless systems....

BRUSSELS — The United Nations children’s agency, UNICEF, has inadvertently leaked personal information belonging to thousands of users of its online learning portal Agora. The website offers free training courses to UNICEF staff and members of the public on issues such as child rights, humanitarian action, research, and data. On Aug. 26, an email containing personal details of 8,253 users enrolled in courses on immunization went out to nearly 20,000 Agora users. Asked about the incident, UNICEF’s...

The attack was launched on September 6, 2019 (Friday) and targeted several countries including the U.K., France, Germany, Italy, the Netherlands, Poland, and parts of the Middle East.The organization’s site reliability engineering team has taken the necessary steps to stop the attack and restore access to the website. What is the issue? Attackers have launched a massive DDoS attack against Wikipedia and successfully managed to take down its website across various countries. What is a...

The exposed records included users’ unique Facebook ID and their associated phone numbers.A spokesperson for Facebook said that the exposed records are old and had been scraped before Facebook disabled access to user phone numbers. What’s the matter? Security researcher Sanyam Jain uncovered an unguarded server that was left publicly accessible without any password protection. Who all are impacted? The server contained at least 419 million records linked to several Facebook users including celebrities. Out...

Dehashed login details for customers of Poshmark, an online marketplace for buying and selling used clothes and accessories, have been circulating online following the data breach a few months ago. At the beginning of the year, Poshmark announced that it had 40 million community members. According to data breach platform Have I Been Pwned, login details of more than 36 million customers were acquired by an unauthorized party. The data includes email addresses, hashed passwords, gender,...

Security researchers at Google say they’ve found a number of malicious websites which, when visited, could quietly hack into a victim’s iPhone by exploiting a set of previously undisclosed software flaws. Google’s Project Zero said in a deep-dive blog post published late on Thursday that the websites were visited thousands of times per week by unsuspecting victims, in what they described as an “indiscriminate” attack. “Simply visiting the hacked site was enough for the exploit server to...

The exposed information includes customers’ names, dates of birth, gender, email addresses, phone numbers, home addresses, payment card numbers, and the time of first registration with Priceless Specials.Mastercard suspended the German Priceless Specials loyalty program and took down its website, leaving a message that says “This issue has no connection to MasterCard’s payment network.” What’s the matter? Mastercard exposed Microsoft Excel spreadsheets containing lists of roughly 90,000 and 84,000 rows of customer data on the...

Two of the impacted municipalities, the City of Borger, and the City of Keene, have publicly disclosed that they’ve been impacted by the coordinated ransomware attack.Keene Mayor Gary Heinrich said that the threat actor infiltrated into the city’s IT software, which is managed by a managed service provider (MSP). The attacker who hit over 22 local government entities in Texas with a coordinated ransomware attack has demanded a collective ransom payment of $2.5 million. Update...

The exposed records consisted of more than 160 million personal credit card details and over 50,000 MoviePass customers’ card numbers.Personal credit card records and MoviePass debit card details belonging to customers were left exposed. Thousands of personal credit-card numbers and customer card information belonging to the popular movie-ticket subscription service, MoviePass was found unprotected in a critical server database. The exposed online database was left without any password protection or data encryption. The exposed records...

A new bug has infiltrated Instagram and spread like wildfire. It is a hack that has spread from user account to user account undetected so far.  Over this past weekend, I was using Instagram when I was direct messaged by a friend of mine with the message titled, “Lindsay, I made this for you.”  Underneath was a link to what it seemed was a login landing page for Instagram. Being in the cybersecurity field, I...