A notorious predominantly English-speaking hacking group has launched a website to extort its victims, threatening to release about a billion records stolen from companies who store their customers’ data in cloud databases hosted by Salesforce.
The loosely organized group, which has been known as Lapsus$, Scattered Spider, and ShinyHunters, has published a dedicated data leak site on the dark web, called Scattered LAPSUS$ Hunters. The website, first spotted by threat intelligence researchers on Friday and seen by TechCrunch, aims to pressure victims into paying the hackers to avoid having their stolen data published online.
Read more…
Source: TechCrunch News
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- GoDaddy’s Latest Breach Affects 1.2M Customers
November 22, 2021
Web-hosting giant GoDaddy has confirmed another data breach, this time affecting at least 1.2 million of its customers. On Monday, the world’s largest domain registrar said in a public filing to the SEC that an “unauthorized third party” managed to infiltrate its systems on Sept. 6 – and that the person(s) had continued access for almost ...
- 200M Adult Cam Model, User Records Exposed in Stripchat Breach
November 16, 2021
A database containing the highly sensitive information on both users and models on the popular adult cam site StripChat were discovered online, left completely unprotected. The data exposure puts models and users at risk of extortion, violence and more. Stripchat is a popular site founded in 2016 and based in Cyprus that sells live access to ...
- Robinhood Trading Platform Data Breach Hits 7M Customers
November 9, 2021
Investor trading app company Robinhood Markets has confirmed a data breach that affects the personal information of about 7 million customers – roughly a third of its user base. A cyberattacker made off with emails and more, which could lead to follow-on attacks for Robinhood customers. The trading platform, which found itself in the middle of ...
- UK Labour Party data breach: Supporters’ details affected in cyberattack
November 3, 2021
The Labour Party has confirmed that details of its members and supporters is among information affected by a “cyber incident” at a company which handles the party’s data. In a statement sent to all party members on Wednesday, Labour said the “significant” attack was on “‘a third party that handles data on our behalf” and that ...
- Third-party data breach in Singapore hits healthcare provider
October 26, 2021
Another third-party security breach has been reported in Singapore, this time, affecting patients of Fullerton Health and compromising personal data that included bank account details in “a few cases”. The affected vendor Agape Connecting People, which platform facilitates appointment booking, first detected the breach on October 19 and appeared to affect only Fullerton Health. The healthcare ...
- Hacker sells the data for millions of Moscow drivers for $800
October 23, 2021
Hackers are selling a stolen database containing 50 million records of Moscow driver data on an underground forum for only $800. According to Russian media outlets that purchased the database, the data appears to be valid and contains records collected between 2006 and 2019 Russian news publisher Kommersant called a small sample of the exposed individuals and ...