A hacker claims to breach HSBC USA and alleges to possess a large database of sensitive customer personal information and financial details. The hacker shared screenshots and data samples on a dark web forum, claiming that the breach was a result of coordinated efforts to access the bank’s records. The …
Read More »Volkswagen Allegedly Hit by Ransomware Attack
Volkswagen Group has responded to claims from the ransomware group 8Base, which says it has stolen and leaked sensitive data from the company. The German carmaker maintains that its core IT infrastructure remains unaffected; however, the company’s vague response leaves questions about the full scope of the incident and raises …
Read More »Pet Insurer “Rainwalk” Exposed 158 GB PII of Humans and Pets in Data Breach
Cybersecurity researcher Jeremiah Fowler found an unprotected database containing 158 GB of sensitive data, including pet insurance claims, veterinary bills, and customer communications with personal details like names, addresses, phone numbers, and partial credit card numbers. The exposed database lacked password protection and encryption, containing 85,361 files and 158 GB …
Read More »US based Archer Health Exposed 23 GB patient health data
Archer Health, a US provider of in-home and palliative care, left an unsecured database online, exposing sensitive personal and health information to anyone who could find it, experts say. Cybersecurity researcher Jeremiah Fowler alerted WebsitePlanet after discovering the database and assisting in securing it. Fowler discovered an unprotected database with …
Read More »Auto Insurance Platform Exposed Over 5 Million Records
Cybersecurity researcher Jeremiah Fowler discovered a large, unprotected database with sensitive insurance and vehicle information. It contained over 5.1 million files, totaling 10TB, including powers of attorney, vehicle registrations, repair invoices, and images of damaged vehicles showing license plates and VIN numbers. According to Fowler, “The publicly exposed database was …
Read More »Hacker claim to breach Link3; 189,000 Users data up for sale
A threat actor claims to have breached Link3, a major IT solutions and internet service provider based in Bangladesh. The data has been put up for sale on a dark web forum. According to the forum post: Link3 is the largest ISP in the country by active subscribers, offering essential …
Read More »1.6M fitness phone call recordings exposed online
Security researcher Jeremiah Fowler discovered a database containing sensitive information from gym customers and staff, including names, financial details, and possible phone call, left unencrypted and unprotected. Jeremiah Fowler claims he discovered the wide-open AWS repository managed by HelloGym in late July. The database was open for a week, and …
Read More »Palo Alto Networks data breach exposes customer info via Salesforce Instances
Palo Alto Networks suffered a data breach that exposed customer data and support cases after attackers abused compromised OAuth tokens from the Salesloft Drift breach to access its Salesforce instance. The company states that it was one of hundreds of companies affected by a supply-chain attack disclosed last week, in …
Read More »“SikkahBot” Malware targets “bKash” “Nagad” “MYGP” “DBBL” with banking users in Bangladesh
A new Android malware called SikkahBot is targeting students in Bangladesh by pretending to be official apps from the Bangladesh Education Board. Cyble Research and Intelligence Labs (CRIL) found that this malware has been active since July 2024. According to CRIL, the SikkahBot malware is distributed through shortened URLs, including …
Read More »Storm-0501 Deletes Data and Backups Post-Exfiltration on Azure in Hybrid Cloud Attacks
Storm-0501 has erased data and backups after stealing information from a victim’s Microsoft Azure environment in a new cloud based ransomware attack. Microsoft Threat Intelligence recently provided details of the tactics deployed by the actor tracked as Storm-0501 in a blog published on August 27. Sherrod DeGrippo, director of Microsoft …
Read More »
InfoSecBulletin Cybersecurity for mankind