The data breach that hit blockchain-based lending giant Figure affected nearly a million customers, according to a security researcher. Last week, Figure confirmed a data breach allowed hackers to steal “a limited number of files” from its systems.
The company did not provide specifics on what kind of data was stolen nor say how many customers were affected. On Wednesday, Troy Hunt, a security researcher and creator of the data breach notification site Have I Been Pwned, analyzed the data allegedly taken from Figure and found it contained 967,200 unique email addresses associated with Figure customers.
Read more…
Source: TechCrunch News
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Ferrari reports cyber incident with ransom demand; no impact to operations
March 20, 2023
Italian luxury sports car maker Ferrari SpA said on Monday that a hacker recently demanded ransom from the company related to certain client contact details, adding that the breach had no impact on the company’s operations. Ferrari said it notified its customers of the potential data exposure and the nature of the incident. Read more… Source: Yahoo! News
- Significant hack potentially exposes US lawmakers’ personal data
March 9, 2023
A serious breach at a healthcare administrator serving the U.S. House of Representatives has potentially exposed the personal data of hundreds of lawmakers and their staff, top representatives and a senior Congressional official said in letters circulated on Wednesday. One of the letters, which the House’s Chief Administrative Officer Catherine Szpindor (CAO) sent to members of ...
- “Major” cyberattack compromised sensitive U.S. Marshals Service data
February 28, 2023
The U.S. Marshals Service is investigating a major ransomware attack that has compromised some of its most sensitive information, including law enforcement materials, and the personal information of employees and potential targets of federal investigations. The cyberattack was considered a “major incident” by officials, impacting a “stand-alone” system (meaning it is not connected to a larger ...
- LastPass: DevOps engineer hacked to steal password vault data in 2022 breach
February 27, 2023
LastPass revealed more information on a “coordinated second attack,” where a threat actor accessed and stole data from the Amazon AWS cloud storage servers for over two months. LastPass disclosed a breach in December where threat actors stole partially encrypted password vault data and customer information. Read more… Source: Bleeping Computer
- News Corp says state hackers were on its network for two years
February 24, 2023
Mass media and publishing giant News Corporation (News Corp) says that attackers behind a breach disclosed in 2022 first gained access to its systems two years before, in February 2020. This was revealed in data breach notification letters sent to employees affected by the data breach, who had some of their personal and health information accessed, ...
- Telus investigating sale of alleged code, employee information
February 23, 2023
Someone on a criminal forum is selling what they claim is data on all Telus employees, as well as the Canadian telecommunications company’s GitHub software code repositories. In response to an IT World Canada reporter’s query about the posting, Telus director of public affairs Richard Gilhooley said the company is looking into the allegation. Read more… Source: IT ...