Cloud app hosting giant Vercel this weekend said hackers had breached its internal systems and accessed customer data.
Hackers have claimed they have stolen sensitive customer credentials from Vercel’s systems and are selling the data online. In a statement on Sunday, Vercel said the breach originated from another software maker, Context AI. One of Vercel’s employees downloaded an app made by Context AI and connected it to their corporate account, which is hosted by Google. The hackers used that connection (known as OAuth) to take over the Vercel employee’s Google account and gain access to some of Vercel’s internal systems, including credentials that were not encrypted.
Read more…
Source: TechCrunch News
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- CoinGecko confirms email provider data breach, over 23,000 phishing emails sent
June 7, 2024
Cryptocurrency data aggregator CoinGecko has confirmed a data breach suffered by its third-party email management platform GetResponse. Following yesterday’s reports of a new wave of crypto airdrop scams, CoinGecko confirmed that GetResponse suffered a data breach on June 5, allowing attackers to export the contact information of over 1.9 million CoinGecko users. Read more… Source: CoinTelegraph Sign up for ...
- Philippines: Toyota, Robinsons Land confirm data breaches
June 6, 2024
Carmaker Toyota and real estate firm Robinsons Land have confirmed reports of data breaches in their company and are now under evaluation by the National Privacy Commission (NPC). In a statement Thursday, NPC Compliance and Monitoring Division chief Rainier Milanes said Robinsons Land notified the NPC of a breach on June 1 while Toyota made a ...
- Hundreds of Snowflake customer passwords found online are linked to info-stealing malware
June 5, 2024
Cloud data analysis company Snowflake is at the center of a recent spate of alleged data thefts, as its corporate customers scramble to understand if their stores of cloud data have been compromised. Snowflake helps some of the largest global corporations — including banks, healthcare providers and tech companies — store and analyze their vast amounts ...
- MediSecure put into administration weeks after massive data breach
June 5, 2024
Online prescription provider MediSecure has collapsed into administration and liquidation just weeks after a large-scale ransomware attack resulted in customer details being leaked on the dark web. The Melbourne-based health provider last month confirmed the massive data breach had taken place, with the personal information and some limited health information of people who used the service ...
- Are data breaches the new normal? Should we just assume our data isn’t safe?
June 5, 2024
In recent days, both Ticketek Australia and Ticketmaster have experienced breaches which have exposed customer details to hackers. They join a growing list of high-profile data breaches that have put the privacy of millions at risk. For example, in 2022, Optus disclosed a breach of 9.8 million records. In 2023, Latitude, the Australian financial services firm, ...
- Debt collection agency FBCS leaks information of 3 million US citizens
June 4, 2024
The US debt collection agency Financial Business and Consumer Solutions (FBCS) has filed a data breach notification, listing the the total number of people affected as 3,226,631. FBCS is a nationally licensed, third-party collection agency that collects commercial and consumer debts, with most of its activity involving the recovery of consumer debts on behalf of creditors. ...