Voici les incidents majeurs concernant des pertes ou des vols de données découverts la semaine passée.
Vous retrouvez ci-dessous les liens directs vers les articles les plus intéressants. Pour information, cette veille est préparée avec un vrai cerveau non artificiel, alors bonne lecture et merci de soutenir le Décodeur !
Les actus sélectionnées cette semaine
Hacker claims Giant Tiger data breach, leaks 2.8M records online
Canadian retail chain Giant Tiger disclosed a data breach in March 2024. A threat actor has now publicly claimed responsibility for the data breach and leaked 2.8 million records on a hacker forum that they claim are of Giant Tiger customers.
Hackers stole 340,000 Social Security numbers from government consulting firm | TechCrunch
The consultancy firm provides litigation support for companies and government agencies, including the Department of Justice.
AT&T notifies regulators after customer data breach | TechCrunch
The legally required disclosure came a week after AT&T confirmed a cache containing millions of customers’ data that leaked online was genuine.
US says Russian hackers stole federal government emails during Microsoft cyberattack | TechCrunch
CISA said the latest theft of government email – blamed on Russian government hackers – presents “a grave and unacceptable risk” to U.S. federal agencies.
Roku suffered another data breach, this time affecting 576,000 accounts
Roku has disclosed a second data breach in as many months. The company says that, this time around, 576,000 accounts were compromised.
Top Israeli spy exposes own identity in ebook email mistake
Plus: Another local government hobbled by ransomware; Huge rise in infostealing malware; and critical vulns
AT&T now says data breach impacted 51 million customers
AT&T is notifying 51 million former and current customers, warning them of a data breach that exposed their personal information on a hacking forum. However, the company has still not disclosed how the data was obtained.
Why CISA is Warning CISOs About a Breach at Sisense
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) said today it is investigating a breach at business intelligence company Sisense, whose products are designed to allow companies to view the status of multiple third-party online services in a single dashboard.
Data Breach Exposes 300k Taxi Passengers’ Information
These records belonged to Dublin-based iCabbi, a dispatch and fleet management technology provider
Hacker Leaks 8.5M U.S. Environmental Protection Agency (EPA) Contact Data
The EPA is experiencing a major data leak incident involving a known hacker using the alias USDoD. This issue involves a third-party company!
When a breach goes from 25 documents to 1.3 terabytes…
If 25 documents stolen is “very serious,” I’m not sure the words exist to describe the 1.3 terabytes of data that Leicester City Council now says it has had stolen by hackers.
Attack on Electronics Maker boAt Leaks Data on 7.5M
In a cyberattack more reminiscent of the mid-2010s, a seemingly lone hacker fleeced a major corporation for millions of open customer records.
CySecurity News – Latest Information Security and Hacking Incidents: Room for Error: Hotel Check-In Terminal Flaw Leads to Access Code Leak
Ibis Budget hotel check-in terminal flaw exposes room access codes, potentially impacting global hotels.
Home Depot confirms third-party data breach exposed employee info
Home Depot has confirmed that it suffered a data breach after one of its SaaS vendors mistakenly exposed a small sample of limited employee data, which could potentially be used in targeted phishing attacks.