VRChat, Inc. has filed a data breach notice revealing that the information of more than 2.4 million users was involved in a data breach.
According to the notice, VRChat experienced unauthorized access to some account data between May 10 and May 12, 2026. The access happened in VRChat’s cloud environment and involved user profile and login-related data.
Read more…
Source: MalwareBytes Labs
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Bangkok Airways apologizes for passport info breach as LockBit ransomware group threatens data leak
August 30, 2021
Bangkok Airways has apologized for a data breach involving passport information and other personal data in a statement to customers. The company said that it discovered a “cybersecurity attack which resulted in unauthorized and unlawful access to its information system” on August 23. The statement said the company is “deeply sorry for the worry and inconvenience that ...
- Secret terrorist watchlist with 2 million records exposed online
August 16, 2021
A secret terrorist watchlist with 1.9 million records, including classified “no-fly” records was exposed on the internet. The list was left accessible on an Elasticsearch cluster that had no password on it. In July this year, Security Discovery researcher Bob Diachenko came across a plethora of JSON records in an exposed Elasticsearch cluster that piqued his interest. Read ...
- T-Mobile says hackers accessed user data but won’t confirm SSN breach of 100 million customers
August 16, 2021
T-Mobile is looking into allegations that a hacker stole 106GB of data containing the social security numbers, names, addresses and driver’s license information for more than 100 million people. In a statement to ZDNet, T-Mobile said it is “aware of claims made in an underground forum and have been actively investigating their validity.” Teams at T-Mobile ...
- Nearly one million credit cards offered on underground forum
August 10, 2021
Researchers with D3Lab have discovered the data of almost one million credit card holders being sold on an underground forum, according to a blog post released this week. In a sample of 980,930 files acquired by D3Lab analysts on Monday, the batch contained names, addresses, credit card numbers, expirations and CVVs. Read more… Source: ZDNet
- DOJ: SolarWinds hackers breached emails from 27 US Attorneys’ offices
July 30, 2021
The US Department of Justice says that the Microsoft Office 365 email accounts of employees at 27 US Attorneys’ offices were breached by the Russian Foreign Intelligence Service (SVR) during the SolarWinds global hacking spree. “The APT is believed to have access to compromised accounts from approximately May 7 to December 27, 2020,” the DOJ said ...
- Northern Ireland’s COVID certification service suspended after data leak
July 28, 2021
Northern Ireland’s Department of Health (DoH) has temporarily halted its COVID-19 vaccine certification online service following a data exposure incident. Some users of COVIDCert NI app were presented with data of other users, under certain circumstances, says the Department. As seen by BleepingComputer, neither the web service nor the mobile app functionality is accessible at the time ...