The ShinyHunters ransomware group has claimed the theft of data containing 10 million records belonging to the Match Group and 14 million records from bakery-café chain Panera Bread.
The Match Group, that runs multiple popular online dating services like Tinder, Match.com, Meetic, OkCupid, and Hinge has confirmed a cyber incident and is investigating the data breach. Panera Bread also confirmed that an incident occurred and has alerted authorities. ShinyHunters seems to be gaining access through Single-Sign-On (SSO) platforms and using voice-cloning techniques, which has resulted in a growing number of breaches across different companies. However, not all of these breaches have the same impact.
Read more…
Source: Malwarebytes Labs
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Company insiders behind 1 in 4 data breaches – study
April 10, 2018
The admins among you will be unsurprised to discover that, more than a quarter of the time, data breaches across the world originated between the chair and the keyboard of organisation “insiders”. And no, we don’t mean they clicked on a dodgy link… The latest edition of Verizon’s Data Breach Investigations Report (DBIR) found that 25 ...
- Delta Confirms Breach Of Customer Payment Details
April 5, 2018
Hackers have had access to Delta customer payment data for over six months after third party breach US airline Delta Air Lines and American department store Sears Holding have both confirmed a data breach, after an incident involving a third party tech provider. Delta said that it was notified last week by 7.ai, a company that provides online chat ...
- Expedia’s Orbitz Says 880,000 Payment Cards Compromised in Security Breach
March 20, 2018
Chicago-based online travel booking company Orbitz, a subsidiary of Expedia, reveals that one of its old websites has been hacked, exposing nearly 880,000 payment card numbers of the people who made purchases online. The data breach incident, which was detected earlier this month, likely took place somewhere between October 2016 and December 2017, potentially exposing customers’ ...
- National Lottery: 10 million players told to change passwords as attackers hit online accounts
March 19, 2018
Millions of National Lottery players have been urged to change their passwords following what parent company Camelot describes as “suspicious activity” involving lottery accounts. Camelot, which runs the National Lottery, insists there’s been no access to core systems or databases that would affect lottery draws or prizes, but has recommended that its 10.5 million registered users ...
- Equifax hack just got worse for a lot more Americans
March 2, 2018
Equifax has confirmed more Americans are impacted by the cyberattack that targeted the credit rating giant last year than was first revealed. The company said in a statement Thursday that an ongoing analysis showed 2.4 million more Americans had their names and partial drivers’ license information stolen, but they were not previously thought to have been affected. The company ...
- Equifax Lost Even More Information on Consumers Than It Told the Public
February 14, 2018
Confidential documents filed with the US Senate Banking Committee suggest that Equifax could have lost considerably more personal information about over 145 million Americans to hackers than it’s publicly let on, CNN Money reported. While Equifax had disclosed that names, dates of birth, and Social Security numbers might have been compromised, as well as some drivers’ license ...