Between February 7th and March 7th 2023, hackers were able to breach over the personal information of almost 9 million individuals in the United States from a major dental insurance company, MCNA. The information stolen includes a trove of patients’ personal data, including names, addresses, dates of birth, phone numbers, email addresses, social security numbers … Read more
Zacks Investment Research Data, a major stock market data research provider, revealed a major breach in their network allowing attackers to expose 820,000 individual’s data. This data included names, phone numbers, passwords and email addresses. Such information is especially useful for malicious actors running phishing campaigns, credential stuffing attacks and other popular social-engineering scams. Threat … Read more
In May 2023, a managed file transfer program named MOVEit, used by a wide range of private businesses and government agencies experienced major data breach from an SQL injection attack on public facing servers. The transfers were facilitated via a tailor-made C# web shell nicknamed LemurLoot. This was transferred to target systems via MOVEit legitimately … Read more
TMX Finance, parent company of TitleMax, TitleBucks and InstaLoan experienced a major breach of their network, resulting in nearly 5 million customer accounts’ data being siphoned out by malicious actors over a period of 11 days in mid-February 2023. The data stolen included driver’s license numbers, federal/state IDs, tax IDs, social security numbers and other … Read more
23&Me, a California-based genetic testing company, experienced a major breach in early October 2023, of around 7 million customer records. Prior to the major breach, regulatory filing revealed that around 14,000 user accounts had been accessed by ‘threat actors’ and that hackers we’re also able to access ‘a significant number of files containing profile information … Read more