data breaches

data breaches | May 12, 2023

Toyota spewed vehicle location data for millions onto unsecured cloud databases for 10 years

No lessons learned from last year's T-Connect source code exposure?

data breaches | Apr 14, 2023

Pentagon leaks by a junior sysadmin put the spotlight back on insider threat

A High School diploma and "normal colour vision" get you a lot of access...

Security | Feb 28, 2023

New LastPass breach post-mortem raises questions

Attackers targeted DevOps engineers' home devices...

data breaches | Jan 20, 2023

T-Mobile hacked again, just six months after settling a $500m class action lawsuit

"It's getting expensive/being on the other side of the courtroom/on the defensive"

Security | Jan 16, 2023

CircleCI hackers grabbed customer tokens and keys, CTO admits, amid warning on SaaS secrets

Infiltrators dodged antivirus, stole encryption keys from a running process

Security | Jan 05, 2023

CircleCI warns users to "immediately rotate all secrets" amid credential abuse evidence

Updated January 6, 11:00 BST: CircleCI has updated its advisory which deserves revisiting. CircleCI is calling on customers to “immediately rotate any and all secrets” after a security incident. The breach appears to have occurred around December 21 and to have gone unnoticed over the Christmas period. Credentials stolen

Security | Nov 18, 2022

Infosys leak: IT firm left “god mode” AWS S3 key exposed on PyPi

"Our infrastructure has not been impacted by this incident and there is no loss of data."

Security | Oct 20, 2022

Microsoft data breach "BlueBleed" exposes 2.4TB of customer data

Customers being told GDPR disclosure unnecessary

Security | Oct 13, 2022

Advanced confirms attack was LockBit 3.0 ransomware, legitimate creds used

No insight into how credentials were obtained...

document.currentScript.parentNode.innerHTML = (parseInt(document.currentScript.closest('.iteration-container').dataset.length)).toString();