security breaches

Sumo Logic, a U.S.-based cloud data analytics and log analysis company, is urging users to reset API keys after discovering a security breach. In a security notice published this week,…

JumpCloud has told customers it reset their API keys to protect their organizations from an apparent security incident. The directory, identity and access management giant said in an email to…

Two weeks ago, Toyota said it exposed the data of more than two million customers to the internet for a decade. Today, the automotive giant said it recently discovered the…

Cerebral has revealed it shared the private health information, including mental health assessments, of more than 3.1 million patients in the United States with advertisers and social media giants like…

Electronics giant Samsung has confirmed a data breach affecting customers’ personal information. In a brief notice, Samsung said it discovered the security incident in late-July and that an “unauthorized third…

Hello hello! We’re back with another edition of Week in Review, the newsletter where we quickly recap the top stories to hit TechCrunch across the last seven days. Want it…

An ongoing cybercriminal operation is targeting digital marketing and human resources professionals in an effort to hijack Facebook Business accounts using a newly discovered data-stealing malware. Researchers at WithSecure, the…

Security researchers have linked the discovery of an actively exploited but since-fixed zero-day vulnerability in Google Chrome to an Israeli spyware maker targeting journalists in the Middle East. Cybersecurity company…

A ransomware attack on a little-known debt collection firm that serves hundreds of hospitals and medical facilities across the U.S. could be one of the biggest data breaches of personal…

AMD said it is investigating a potential data breach after RansomHouse, a relatively new data cybercrime operation, claims to have extorted data from the U.S. chipmaker. An AMD spokesperson told…

Flagstar Bank, one of the largest financial service providers in the United States, has notified more than 1.5 million customers of a data breach in which Social Security numbers were…

Paige Thompson, a former Amazon employee accused of stealing the personal information of 100 million customers by breaching banking giant CapitalOne in 2019, has been found guilty by a Seattle…

Kaiser Permanente, the largest nonprofit health plan provider in the United States, has disclosed a data breach that exposed the sensitive health information of almost 70,000 patients. In a notice…

China-backed hackers are exploiting an unpatched Microsoft Office zero-day vulnerability, known as “Follina”, to execute malicious code remotely on Windows systems. The high-severity vulnerability — tracked as CVE-2022-30190 — is being…

The U.S. has named a Venezuelan cardiologist as the alleged mastermind behind the notorious Thanos ransomware. According to the U.S. Justice Department, Moises Luis Zagala Gonzalez, 55, created and distributed…

Securing the software supply chain is admittedly somewhat of a dry topic, but knowing which components and code go into your everyday devices and appliances is a critical part of…

Germany-based rental car giant Sixt has confirmed it’s been hit by a cyberattack that has caused widespread disruption to its global operations. According to a statement from Sixt, which has…

myNurse, a healthcare startup that provides chronic care management and remote patient monitoring services, said it will shut down at the end of the month after reporting a data breach…

The Computer Emergency Response Team of Ukraine (CERT-UA) has disrupted an attempt by Sandworm, a hacking group known to work for Russia’s military intelligence, to take down a Ukrainian energy…

Japanese tech giant Panasonic has confirmed its Canadian operations were hit by a cyberattack, less than six months after the company last fell victim to hackers. In a statement provided…

The Federal Bureau of Investigation has disclosed it carried out an operation in March to target a massive botnet controlled by Russian intelligence. The operation was authorized by courts in California…

Just days after police in the U.K. arrested seven people over suspected connections to the now-infamous hacking and extortion group, Lapsus$ is claiming its latest victim. Lapsus$, whose recent victims…

The Lapsus$ hackers used compromised credentials to break into the network of customer service giant Sitel in January, days before subsequently accessing the internal systems of authentication giant Okta, according…

Okta says 366 corporate customers, or about 2.5% of its customer base, were impacted by a security breach that allowed hackers to access the company’s internal network. The authentication giant…

The U.S. Federal Trade Commission has proposed a settlement that will fine the former owner of U.S. custom clothing and merchandise retailer CafePress $500,000 for attempting to cover up a…

A notorious Android banking trojan designed to steal user data, like passwords and text messages, has been discovered in Google Play and downloaded thousands of times. The TeaBot banking trojan, also…