Cloud app hosting giant Vercel this weekend said hackers had breached its internal systems and accessed customer data.
Hackers have claimed they have stolen sensitive customer credentials from Vercel’s systems and are selling the data online. In a statement on Sunday, Vercel said the breach originated from another software maker, Context AI. One of Vercel’s employees downloaded an app made by Context AI and connected it to their corporate account, which is hosted by Google. The hackers used that connection (known as OAuth) to take over the Vercel employee’s Google account and gain access to some of Vercel’s internal systems, including credentials that were not encrypted.
Read more…
Source: TechCrunch News
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- European government systems hit by air-gap malware attack
October 9, 2024
In the last five years, hackers managed to steal sensitive information from air-gapped systems belonging to different European governments on at least three separate occasions. An air-gapped system is a computer or network that is physically isolated from unsecured networks, such as the internet, to prevent unauthorized access and enhance security. Still, crooks managed to steal ...
- MoneyGram data breach included Social Security numbers, government documents, bank and other sensitive data
October 9, 2024
MoneyGram is back online after a cybersecurity breach disrupted services and compromised personal information. Between September 20 and 22, an “unauthorized third party” accessed and acquired the personal data of certain MoneyGram customers, the company said, leaving users unable to access their accounts. The money-sending service provided an update this past Monday, confirming that systems are ...
- Casio Faces Cyberattack: Service Disruptions and Delayed G-Shock Releases
October 9, 2024
Casio, a well-known Japanese electronics company, experienced a significant cyberattack on October 5th. The company reported that an unidentified third party illegally accessed its network, causing system failures and service disruptions. In a statement on October 8th, Casio expressed regret for the inconvenience this has caused to its customers and stakeholders. The company is actively investigating ...
- British Columbia: Clients of Indigenous health authority react to ransomware attack
October 9, 2024
The First Nations Health Authority (FNHA) in British Columbia says it has concluded its investigation into a ransomware attack in May, but some clients remain concerned about the theft of their medical and personal information. The FNHA said it “uncovered evidence that health insurance plan billing data, procurement contracts, business contracts, FNHA budgets, cheques, information on ...
- Awareness of Cyber Risks to Healthcare Organizations is not Always Translating to Adequate Protections
October 8, 2024
Despite growing awareness and widespread acknowledgment of the impact of cyber threats facing the healthcare industry, many within it are still struggling to keep them at bay. The third annual Ponemon Institute Report, commissioned by Proofpoint, found that 92% of US healthcare organizations surveyed experienced at least one cyber attack in the past 12 month, with ...
- About a quarter million Comcast subscribers had their data stolen from debt collector
October 4, 2024
Comcast says data on 237,703 of its customers was in fact stolen in a cyberattack on a debt collector it was using, contrary to previous assurances it was given that it was unaffected by that intrusion. That collections agency, Financial Business and Consumer Solutions aka FBCS, was compromised in February, and according to a filing with ...