Hacking, Security & Privacy News - Page 1

A member of a hacking group is selling the personal Social Security numbers and other sensitive data to ALL Americans, with 2.9 billion records available online... for free.

In a report from BleepingComputer, a hacking forum became active after a user posted on the forum saying they had a massive collection of documents from the data brokerage National Public Data (NPD). NPD, which doesn't disclose how it collects data on its website, reportedly gathers information from publicly available records to create individual profiles that are usually used by private investigators for things like background and criminal record checks.

It's not just US residents that have to worry, but the hack of 2.9 billion files includes private information on citizens living in the United Kingdom and Canada, including personal information from all three of those countries. 2.9 billion files is a LOT of data, we don't need to underline that, but we will.

An Arizona tech school has informed Maine's attorney general in a recently filed report that nearly 209,000 individuals' data was potentially compromised in a hacking incident earlier in the year.

The tech school is East Valley Institute of Technology (EVIT), and according to the filing, the data of the 209,000 individuals is of current and former students, parents, guardians, and faculty. As for what data was leaked, reports indicate the compromised data included personal, health, and financial information.

The Register reports that nearly 50 types of personal information were stolen, such as student ID numbers, date of birth, race/ethnicity, grades, home phone numbers, email addresses, driver's license, health insurance information, medical information, allergy information, medical record number, passport numbers, prescription information and more.

Elon Musk teased an upcoming interview with former US President Donald Trump in X Spaces, and according to Musk the social media platform has been hit with a DDOS attack ahead of the interview going live.

Ahead of the historic interview, Musk said he was performing system scaling tests to ensure that X servers could host all of the expected listeners. The interview is currently live at the time of writing, but it didn't go live until 40 minutes after the scheduled time of 8 pm ET, as the site was showing "not available" even though Musk said X tested its servers for 8 million concurrent listeners earlier in the day.

It was presumed that X went down from the massive traffic spike for the interview, but Musk, less than 10 minutes later, posted that X was experiencing a DDOS (distributed denial-of-service) attack. Musk said the interview would continue but with a "smaller number of concurrent listeners." It appears X was a victim of a targeted DDOS attack to prevent Musk and Trump from having their conversation. At the moment, there are 1.2 million people listening in on the conversation.

The Office of the Maine Attorney General has been informed of a data breach that has exposed sensitive data of 4.3 million customers.

According to HealthEquity, the data breach exposed the below sensitive data that of millions of Americans, with the fintech firm saying that not all of the categories listed contained data for every person. Reports indicate the breach occurred on March 9, 2024, and that it was detected on March 25. After the breach was discovered HealthEquity conducted an internal investigation on the origin of the hack, tracing it back to an online data storage location that became compromised.

The compromised location led to the unauthorized party gaining access to a "limited amount of data stored in a storage location outside our core systems." HealthEquity doesn't believe the stolen customer information has been used nefariously, and as compensation to affected customers, HealthEquity is offering a two-year complimentary credit identity, monitoring, insurance, and restoration services.

It started with Intel... then AMD... and now Qualcomm has been hit with multiple vulnerabilities inside of its Adreno GPU.

Google researchers have found vulnerabilities inside Qualcomm's Adreno GPU, which is the integrated GPU inside of its Snapdragon processors. The GPU has kernel privileges, which means the security flaws found could be significant, as it would allow hackers full control over your Qualcomm-powered device.

The researchers focused on GPU drivers because untrusted apps can access them without additional permissions, making them an easy target for hackers. The drivers complexity with the operating system makes things worse for users, but great (and easier) for hackers.

Since 2019, Russian-affiliated hackers have hijacked an estimated 30,000 domains since 2019, with the cybercriminals exploiting a flaw in DNS.

The vulnerability was detailed by security researcher Matt Bryant in 2016, who looked at how the vulnerability led to the hijacking of 120,000 domains. The same problem reared its head again in 2019 with GoDaddy, an internet domain registry, domain registrar, and web hosting company. The 2019 issue led to sextortion attempts and bomb threats.

The technique being used is called Sitting Ducks. It essentially exploits gaps in administrative privileges, enabling cybercriminals to alter domain records without any validation from the owner. Unfortunately, the hijacked domain isn't just damaging for the owner of the domain but also for any visitor to that domain, as hijacked domains are commonly used for phishing, scams, spam, and other illegal activity.

Microsoft confirmed via an update on its Azure Status website that a 9-hour outage was a result of a DDoS attack that affected its Microsoft 365 and Azure services.

The distributed denial-of-service (DDoS) attack affected the services globally, and within the blog post, Microsoft didn't specify where or who the attack came from. More specifically, the post states that while the initial DDoS attack did trigger the event, it was responded to by Microsoft's protection mechanisms, but following investigations, Redmond discovered "the implementation of our defenses amplified the impact of the attack rather than mitigating it."

Furthermore, Microsoft said that customer impact began at 11:45 UTC, and by 14:10 UTC, the fix was already rolled out, and the majority of the impact was successfully mitigated. The only details we have on how the outage occurred was Microsoft's description of the outage being caused by an "unexpected usage spike" that "resulted in Azure Front Door (AFD) and Azure Content Delivery Network (CDN) components performing below acceptable thresholds, leading to intermittent errors, timeout, and latency spikes."

Hackers have leaked internal documents stolen from one of the largest IT services providers to the US government, Leidos Holdings.

Leidos Holdings recently learned of the hack, believing that the documents stolen were in a previously disclosed breach of a Diligent Corp. system it used, according to Bloomberg's sources, who asked not to be identified because the information isn't public. Leidos is reportedly investigating the issue now, the person added.

A non-password-protected database containing 769 million records was discovered to be exposed to the public, revealing critical information such as secret keys, bank account numbers, tax identification numbers, and email addresses.

Cybersecurity researcher Jeremiah Fowler discovered and reported on the database through a post on Website Planet, where he explained the database was owned by ClickBalance, one of Mexico's largest enterprise resource planning (ERP) technology providers. The database contained access tokens, API keys, secret keys, bank account numbers, tax identification numbers, and 381,224 email addresses. After informing ClickBalance about the database exposure, it promptly implemented restrictions.

Notably, ClickBalance is a software company that offers ERPs as a suite of cloud-based applications to enterprise organizations that enable those organizations to access those applications whenever they like across any device. These ERPs are typically used to manage different processes of an enterprise, such as finance, human resources, supply chains, manufacturing, sales, and other business operations.

One industry that experienced the brunt of the recent CrowdStrike global IT outage, which put millions of Windows systems into a Blue Screen of Death loop, was air travel. In the U.S., nearly every flight was grounded once systems began to fail; however, one major airline was unaffected.

According to reports, Southwest Airlines systems were untouched by the CrowdStrike error because its various systems run on outdated versions of Windows.

Outdated is putting it mildly. Most of Southwest Airlines' systems run on Windows 3.1 - a version of Microsoft's operating system from 1992. Not only that, but the airline's most advanced system, its staff scheduling system, runs on Windows 95 - so it, too, was unaffected.