Data security news & resources

On Thursday, April 4, an entity identified as IntelBroker disclosed personal data concerning 10,000 Home Depot employees on a dark web hacking forum. Five days following the breach, Home Depot issued a statement shedding light on the incident. Here’s what we know so far.  How did the Home Depot data leak happen?  In a media […]

This week, Fujitsu, a prominent IT company based in Japan, announced the discovery of malware on its corporate network, which may have been used to gain unauthorized access to personal information belonging to customers or other parties. This incident adds to Fujitsu’s recent controversies, including its involvement in the British Post Office scandal. Here’s what […]

Microsoft Teams is one of the most popular corporate messaging and file storage software platforms in the world, used by over one million organizations. But, like all software, Microsoft Teams is liable to vulnerabilities that threat actors can exploit.  Just a few months ago, security researchers discovered a bug in Microsoft’s software that allowed them […]

Telecommunications and media giant Verizon suffered a data breach impacting over 60,000 employees after one employee gained unauthorized access to sensitive files containing personally identifiable information.  How did the Verizon data breach happen? According to a data breach notification shared with the Office of the Maine Attorney General, a Verizon employee “inappropriately handled” a file […]

In January 2024, a security researcher uncovered a colossal database comprising 26 billion leaked records pertaining to millions, possible billions, of individuals. The breach is thought to be the largest in history and is being called the “mother of all breaches.” What happened & who is impacted in the massive leak? Security researcher Bob Diachenko […]

Microsoft has revealed that Russian state-sponsored threat actors successfully breached its corporate email system, stealing sensitive email attachments and messages from the senior leadership team.  This was not a sophisticated attack based on zero days or vulnerability exploits. The attackers leveraged simple cloud misconfigurations and poor password management practices to breach the company.  All companies […]

In a recent security lapse, Mercedes-Benz inadvertently exposed a wealth of internal data when a private key, providing “unrestricted access” to the company’s source code, was found in a public GitHub repository.  Details about the Mercedes-Benz data exposure During an internet scan in January 2024, a threat hunter at RedHunt Labs stumbled upon a Mercedes […]

This week, thousands of schools across the US became embroiled in a mass data leak, after the school safety software company—Raptor Technologies—accidentally left troves of sensitive data exposed on the internet.  What happened with the Raptor Technologies data breach?  On January 11, a cybersecurity researcher unearthed a concerning discovery: an unprotected database housing an estimated […]

It’s not a happy holiday for MongoDB after the company was the victim of a cyber attack involving the theft of sensitive customer information.  MongoDB offers an open source NoSQL database management program for over 46,000 customers as an alternative to traditional relational databases.  Here’s everything we know about the data breach so far, including […]

You might be confident in your cybersecurity posture, but if you don’t know how your suppliers approach data protection, you’re still at risk of a huge data breach.  That’s precisely what happened to Dollar Tree. Over the weekend, the well-known discount retailer hit the headlines after falling victim to a supply chain cyber attack. And, […]

Data breaches are never good news. But, they’re even worse news if the compromised information includes national security data. And, even worse news if your company found out about the breach through the media.  Unfortunately, that’s exactly what might have happened to General Electric (GE), after supposed DARPA (Defense Advanced Research Projects Agency) data stolen […]