Cloud app hosting giant Vercel this weekend said hackers had breached its internal systems and accessed customer data.
Hackers have claimed they have stolen sensitive customer credentials from Vercel’s systems and are selling the data online. In a statement on Sunday, Vercel said the breach originated from another software maker, Context AI. One of Vercel’s employees downloaded an app made by Context AI and connected it to their corporate account, which is hosted by Google. The hackers used that connection (known as OAuth) to take over the Vercel employee’s Google account and gain access to some of Vercel’s internal systems, including credentials that were not encrypted.
Read more…
Source: TechCrunch News
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- T-Mobile Fined $60 Million to Settle Alleged National Security Violations
August 15, 2024
Wireless company T-Mobile US has agreed to pay about $60 million to settle allegations it failed to promptly report incidents of unauthorized data access in violation of a national security agreement that allowed its merger with rival Sprint, according to senior U.S. government officials. The civil penalty, announced Wednesday by the Committee on Foreign Investment in ...
- Hong Kong urged to fast-track privacy law reforms amid surge in data breaches
August 15, 2024
Hong Kong should speed up privacy law reforms aimed at penalising companies over data breaches, a cybersecurity expert and a lawmaker have said after hundreds of thousands of residents had their personal information exposed amid a spate of leaks. The calls were made on Thursday, a day after the city’s privacy watchdog launched an investigation into ...
- Kootenai Health cyber attack impacts 464,000 patients
August 15, 2024
US healthcare provider Kootenai Health has revealed that data belonging to 464,000 patients has been compromised following a cyber attack. The non-profit health system, based in Coeur d’Alene, Idaho, said it was alerted to a potential data breach in March 2024 after noticing “unusual activity that disrupted access to certain IT systems”. Following an investigation, Kootenai ...
- Cyber attack on councils across Greater Manchester leaves thousands vulnerable to phishing scam
August 14, 2024
A cyber attack on councils across Greater Manchester has left thousands of residents vulnerable to a phishing scam. The attack, which initially hit one borough last week and spread over the weekend, on software company Locata downed the housing websites for Manchester, Salford and Bolton councils. It has also led to thousands of users being sent ...
- Enzo Biochem ordered to cough up $4.5 million over lousy security that led to ransomware disaster
August 14, 2024
Biotech biz Enzo Biochem is being forced to pay three state attorneys general a $4.5 million penalty following a 2023 ransomware attack that compromised the data of more than 2.4 million people. New York’s attorney general Letitia James announced the news on Tuesday after an investigation into Enzo’s incident concluded, finding various cybersecurity malpractices that led ...
- 5G network flaws could be abused to let hackers spy on your phone
August 12, 2024
5G basebands could be exploited by attackers to allow them to send fake messages to your contacts, or even hand over your credentials using a very real-looking website, experts have warned. Unveiled at the Black Hat cybersecurity conference, a research group from Pennsylvania State University presented their vulnerability sniffing tool 5GBaseChecker. Read more… Source: MSN News Sign up for ...