Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
|
Description: UnitedHealth Group has disclosed that the February 2024 ransomware attack on its Change Healthcare subsidiary affected approximately 190 million individuals, nearly double its initial estimate of 100 million. The confirmation, provided to TechCrunch late Friday, makes this the largest medical data breach in U.S. history. In a statement, UnitedHealth spokesperson Tyler Mason acknowledged the staggering …
The post UnitedHealth Data Breach Tally Upped to 190 Million Americans appeared first on CyberInsider.
January 27th, 2025 (3 months ago)
|
|
|
Description: UnitedHealth has revealed that 190 million Americans had their personal and healthcare data stolen in the Change Healthcare ransomware attack, nearly doubling the previously disclosed figure. [...]
January 26th, 2025 (3 months ago)
|
|
|
Description: UK telecommunications company TalkTalk is investigating a third-party supplier data breach after a threat actor began selling alleged customer data on a hacking forum. [...]
January 25th, 2025 (3 months ago)
|
|
|
Description: New York State has announced a $2,000,000 settlement with PayPal over charges it failed to comply with the state's cybersecurity regulations, leading to a 2022 data breach. [...]
January 25th, 2025 (3 months ago)
|
|
|
Description: PayPal, Inc. has agreed to pay a $2 million penalty to the New York State Department of Financial Services (DFS) after an investigation found that cybersecurity failures led to the exposure of sensitive customer information, including Social Security Numbers (SSNs). The breach stemmed from a December 2022 cybersecurity event in which unmasked customer data was …
The post PayPal Fined $2M for Cybersecurity Lapse Exposing User Data appeared first on CyberInsider.
January 24th, 2025 (3 months ago)
|
|
|
Description: CISA and the FBI warned today that attackers are still exploiting Ivanti Cloud Service Appliances (CSA) security flaws patched since September to breach vulnerable networks. [...]
January 23rd, 2025 (3 months ago)
|
|
|
Description: Despite significant investments in advanced technologies and employee training programs, credential and user-based attacks remain alarmingly prevalent, accounting for 50-80% of enterprise breaches[1],[2]. While identity-based attacks continue to dominate as the leading cause of security incidents, the common approach to identity security threats is still threat reduction, implementing layers of
January 23rd, 2025 (3 months ago)
|
|
|
Description: The hacker who breached education tech giant PowerSchool claimed in an extortion demand that they've stolen the personal data of 62.4 million students and 9.5 million teachers, BleepingComputer has learned. [...]
January 22nd, 2025 (3 months ago)
|
|
|
Description: A China-aligned APT group dubbed PlushDaemon has executed a supply-chain attack on IPany, a South Korean VPN provider, by embedding a sophisticated backdoor named SlowStepper into its installer. According to ESET researchers, the attack, which began in late 2023, targeted users across South Korea, Japan, and China, with particular focus on industries like semiconductors and …
The post IPany VPN Breached by Hackers Planting Backdoor on Installer appeared first on CyberInsider.
January 22nd, 2025 (3 months ago)
|
|
|
Description: South Korean VPN provider IPany was breached in a supply chain attack by the "PlushDaemon" China-aligned hacking group, who compromised the company's VPN installer to deploy the custom 'SlowStepper' malware. [...]
January 22nd, 2025 (3 months ago)
|