Phishing Watchdog – Stay Safe with Instant Alerts

 

Domino’s India discloses data breach after hackers sell data online

25th May 2021 | Target: Domino’s India | Reported Here
 

Domino’s India brand owner Jubilant Foodworks has informed its customers about the data breach incident that took place on March 24 and leaked its customer data, including their personal details such as mailing addresses and mobile numbers, among others. The latest development comes just days after hackers created a search engine on the dark Web to let anyone look at the customer details of Domino’s India by using their phone numbers or email addresses. The company initially confirmed its data breach to the media in April.


 

[above via Gadgets post] Update 1 / Update 2

 

Audio maker Bose discloses data breach after ransomware attack

24th May 2021 | Target: Bose | Reported Here
 

Audio experts Bose suffered a ransomware attack earlier this year in March, according to an incident notification letter sent to New Hampshire’s Office of the Attorney General, by a counsel on behalf of the company.

In the letter, accessed and shared by BleepingComputer, the counsel notes that during investigation of the cyber-incident, the company discovered that data related to six former employees was “accessed and potentially exfiltrated.”

Although the letter doesn’t mention the ransomware that was deployed, or the ransom demanded, it does refer to the incident as a sophisticated attack.


 

[above via Techradar post] Update 1 / Update 2

 

Air India cyber-attack: Data of millions of customers compromised

22nd May 2021 | Target: Air India | Reported Here
 

Air India disclosed a data breach after personal information belonging to roughly 4.5 million of its customers was leaked two months following the hack of Passenger Service System provider SITA in February 2021.

The Indian national carrier first informed passengers that SITA was the victim of a cyberattack on March 19.


 

[above via Bleeping Computer post] Update 1 / Update 2

 

Amex fined £90,000 for sending 4 million spam emails in a year

23rd May 2021 | Target: American Express (Amex) | Reported Here
 

American Express Services Europe has been fined £90,000 ($127,377) by a U.K. regulator, which found the company illegally blasted out 4 million marketing emails to customers who had opted out of receiving them.

Critics said the fine, which is nominal for the multi-national financial brand, isn’t likely to do much to deter Amex, or any other company, from engaging in the practice


 

[above via Threatpost post] Update 1 / Update 2

 

Man pleads guilty to stealing UPMC employee data, selling it on dark web

20th May 2021 | Target: UPMC | Reported Here
 

Justin Sean Johnson, a 30-year-old from Detroit, Michigan, has pleaded guilty to stealing the personally identifiable information (PII) of 65,000 employees of health care provider and insurer University of Pittsburgh Medical Center (UPMC) and selling it on the dark web.

UPMC is Pennsylvania’s largest health care provider that employs more than 90,000 employees in 40 hospitals and 700 doctors’ offices and outpatient sites.


 

[above via Bleeping Computer post] Update 1 

 

70 Banks Targeted By Bizarro Banking malware

19th May 2021 | Target: Multiple Banks | Reported Here
 

Internet banking has made our lives simpler, but sometimes we become soft targets of the hackers who are on the lookout for vulnerable users. The cybercriminals send malware through SMSes that look authentic and then gain illegal access to your private information. One such trojan called Bizarro Banking Trojan has been found and that is stealing financial information and crypto wallets of users.


 

[above via India-Today post] Update 1 

 

Guard.me suffers a data breach

17th May 2021 | Target: Guard.me | Reported Here
 

Student health insurance company guard.me has taken its website offline after a vulnerability allowed a threat actor to access policyholders’ personal information.

guard.me is one of the largest insurance companies in the world that specializes in providing medical insurance to students while traveling or studying in another country.

On May 12, Guard.me discovered suspicious activity on their website that led them to remove their website. When visiting the website, visitors are automatically redirected to a maintenance page that warns that the site is down while the insurance provider increases security on the site.


 

[above via News-Block post] Update 1 

 

Insurer AXA hit by ransomware

16th May 2021 | Target: Axa Insurance | Reported Here
 

A subsidiary of French insurance giant Axa has been hit by a ransomware attack affecting operations in several Asian countries, the company said on Sunday (May 16), confirming a Financial Times report.

“Asia Assistance was recently the victim of a targeted ransomware attack which impacted its IT operations in Thailand, Malaysia, Hong Kong, and the Philippines,” Axa Partners said in a statement.


 

[above via Channel News Asia post] Update 1 

 

Irish healthcare shuts down IT systems after Conti ransomware attack

14th May 2021 | Target: Health and Safety Executive | Reported Here
 

Ireland’s public healthcare system said it shut down major technology systems Friday after a ransomware attack, causing disruption at hospitals and Covid-19 testing centers.

Paul Reid, director-general of the Health Service Executive, told Irish radio Friday the attack was sophisticated and used ransomware known as Conti. He said Ireland’s Covid-19 vaccination services will continue normally because they use different technology than the country’s other healthcare operations.


 

[above via Wsj post] Update 1 

 

Chemical distributor pays $4.4 million to DarkSide ransomware

13th May 2021 | Target: Brenntag | Reported Here
 

Colonial Pipeline, which suffered a crippling ransomware attack on its infrastructure on May 7, 2021, just recently announced that it has recovered quickly from the attack just a week ago and expects all its infrastructure to be fully operational soon.


 

[above via neowin post]