Phishing Watchdog – Stay Safe with Instant Alerts


Superstar K-Pop Band’s TikTok Hacked

10th March 2021 | Target: (BTS) | Reported Here

South-Korean boy band BTS’ TikTok account with nearly 29.8 million followers was reportedly hacked. Apparently, the account featured a video titled “soon” and showed a hammer with background music akin to horror movies.


[above via Free Press Journal post] Update 1


Flagstar Bank hit by data breach exposing customer, employee data

8th March 2021 | Target: Flagstar Bank| Reported Here

Flagstar Bank has been added to a list of companies breached due to an Accellion software zero-day vulnerability.

The bank, headquartered in Michigan, is a Flagstar Bancorp, subsidiary and provides mortgages and other financial services to US customers.

In a statement posted on Flagstar Bank’s website, the organization says that Accellion first informed the company of a security issue on January 22, 2021.


[above via Zdnet post] Update 1


SITA data breach affects millions of travelers from major airlines

5th March 2021 | Target: SITA | Reported Here

The global information technology company SITA has suffered a data breach after hackers were able to gain access to its servers which contain passenger data from multiple airlines around the world.


[above via Techradar post] Update 1 / Update 2 


Cryptocurrency Fraudster Steals $16m

4th March 2021 | Target: Multiple Individuals and Businesses | Reported Here

A Swedish hotelier accused of using the proceeds of a $16 million investment scam to buy a resort in Thailand pled gulity wednesday to running the scheme and laundering money through various platforms, inculding popular cyrptocurrency exchange Coinbase


[above via Law360 post] Update 1


CompuCom MSP hit by DarkSide ransomware

4th March 2021 | Target: CompuCom MSP | Reported Here

US managed service provider CompuCom has suffered a DarkSide ransomware attack leading to service outages and customers disconnecting from the MSP’s network to prevent the spread of malware.

CompuCom is an IT managed services provider (MSP) that provides remote support, hardware and software repair, and other technology services to companies. CompuCom is a wholly-owned subsidiary of The ODP Corporation (Office Depot/Office Max) and employs approximately 8,000 people.


[above via Bleeping Computer post] Update 1


Oxfam Australia confirms data breach after stolen info sold online

2nd March 2021 | Target: Oxfam | Reported Here

Oxfam Australia has confirmed a data breach after a database belonging to the organization was leaked on an underground forum.

After being made aware of a suspected security incident by Bleeping Computer, the charity’s Australian arm has now confirmed that supporters of the charity have been impacted.


[above via Zdnet post] Update 1


Universal Health Services lost $67 million due to Ryuk ransomware attack

1st March 2021 | Target: Universal Health Services (UHS) | Reported Here

A ransomware attack last fall cost Universal Health Services $67 million in pre-tax losses, the healthcare provider confirmed in an earnings report released today.


[above via Dark Reading post] Update 1


Twitter scammers earned over $145k this week in Bitcoin

26th February 2021 | Target: Twitter accounts | Reported Here

If the technology these days have reached new heights, so has the ways of committing new crimes and deceiving people. Twitter has reported to have had scammers that earned around $145 recently by scamming people and tricking them into fake giveaways by hacking into high end company accounts and making it seem like they hosted them. This news first came out in the open through a site called Bleeping Computers that provides free computer help through its platform and covers such news that is related to technology.


[above via Digital Information World post]


T-Mobile discloses data breach after SIM swapping attacks

26th February 2021 | Target: T-Mobile | Reported Here

T-Mobile, the U.S. telco giant, has seen a steep rise in SIM swap attacks against its customers, and as confirmed through a notice of data breach, this was because of a security incident. The company alleges that they identified the malicious activity fairly quickly and took action to terminate it as well as prevent it from reoccurring in the future.


[above via Technadu post]


Dutch Research Council (NWO) confirms ransomware attack

25th February 2021 | Target: Dutch Research Council (NWO) | Reported Here

Hackers published a batch of internal documents from the Netherlands Organisation for Scientific Research (NWO) on the dark web yesterday, after the agency refused to pay up in a ransomware attack. The attack, which began on 8 February, has completely knocked out the agency’s grant application and review process and cut off NWO’s communication with applicants, grantees, and universities.


[above via Science Mag post] Update 1