Amtrak Loyalty Breach

Amtrak recently disclosed a breach affecting its Guest Rewards accounts, where attackers used previously compromised credentials to access sensitive user data from May 15-18. Although Amtrak’s systems were not hacked directly, the unauthorized access exposed personal information including names, contact details, partial payment information, and travel history. The attackers even …

Read More

Web Portal Exposes Insurance Customers

Major insurance provider Globe Life is reeling from a data breach after a security flaw in one of their web portals exposed customer information. The exact nature and scope of the breach are still under investigation. The company became aware of the problem after a state regulator raised concerns about …

Read More

Los Angeles Public Health data breach

Los Angeles County Department of Public Health (DPH) disclosed a data breach impacting over 200,000 individuals. The incident was caused by a phishing attack that compromised the login credentials of 53 employees. The stolen data includes personal, medical, and financial information. DPH has implemented security enhancements, such as disabling affected …

Read More

Eye Care Firm’s Data Breach

Nearly 400,000 individuals had sensitive information stolen during a 2023 cyberattack on Panorama Eyecare, a company supporting eye clinics. The breach exposed names, Social Security numbers, financial details, and medical data. The incident highlights the risks associated with third-party service providers in healthcare. Panorama Eyecare said it first discovered the …

Read More

Insecure credentials leads to Disney Data breach


A recent cyberattack targeted Disney’s internal servers, resulting in the theft of 2.5 GB of sensitive data. The breach included current information about Disney’s operations, including Disney+, corporate strategies, and advertising plans. Threat actors exploited previously exposed credentials to gain unauthorized access to Disney’s systems. This highlights the importance of …

Read More

Ransomware Targets Education


The Fog ransomware group is utilizing stolen VPN credentials and system vulnerabilities to access and encrypt data in virtual environments. Predominantly attacking the US education sector, Fog exploits the common cybersecurity weaknesses during summer vacations. Organizations should continue to educate employees and enforce practices related to secure credential management practices.

Massive Data Breach Exposed


A significant data breach involving a Florida-based firm specializing in background checks and personal information handling was reported today. Criminal group known as USDoD is allegedly selling a database containing 2.9 billion records, which includes sensitive information about US, Canadian, and British citizens. The database reportedly contains full names, addresses, …

Read More

Ticketmaster’s Massive Data Breach


Ticketmaster, a subsidiary of Live Nation, has suffered a significant cyber-attack.The breach potentially affects 560 million customers, compromising names, addresses, phone numbers, and partial payment details. The incident raises concerns about the security of third-party cloud databases; it highlights the growing trend of ransom demands in cyber-attacks; and has wider …

Read More

HHS Shifts Stance on Breach Notifications


The Department of Health and Human Services (HHS) has reversed its previous stance, now allowing Change Healthcare to file breach notifications on behalf of entities affected by the February ransomware attack. Initially, HHS required each impacted organization to individually report breaches, causing frustration among the thousands of affected healthcare providers. …

Read More