data breach

Link

(Update) T-Mobile Customer Data for Sale Affecting Over 100 Million People

Andrew Orr ·

A person in an online forum is offering data for sale that they claim comes from T-Mobile servers. The carrier says it is investigating the accuracy of this alleged breach.

The data includes social security numbers, phone numbers, names, physical addresses, unique IMEI numbers, and driver licenses information, the seller said. Motherboard has seen samples of the data, and confirmed they contained accurate information on T-Mobile customers.

Update: T-Mobile has issued a statement confirming the breach.

Link

Hackers Leak FIFA 21 Source Code After Extortion Attempt

Andrew Orr ·

After a failed extortion attempt, hackers have leaked a 751GB cache of data stolen from Electronic Arts. The files include the source code for FIFA 21.

While initially, the hackers hoped to earn a big payday from the EA hack, they failed to find any buyers on the underground market, as the stolen data was mostly source code that lacked any value for other cybercrime groups, most of which are interested in user personal or financial data primarily.

After failing to find a buyer, the hackers tried to extort EA, asking the company to pay an undisclosed sum and avoid having the data leaked online.

Link

Gaming Company ‘EA’ Suffers Data Breach of Game Code

Andrew Orr ·

Electronic Arts is the latest company to have information stolen in a data breach. It includes the source code for FIFA 21, the Frostbite engine, and proprietary frameworks and SDKs.

We are investigating a recent incident of intrusion into our network where a limited amount of game source code and related tools were stolen. No player data was accessed, and we have no reason to believe there is any risk to player privacy.

Following the incident, we’ve already made security improvements and do not expect an impact on our games or our business. We are actively working with law enforcement officials and other experts as part of this ongoing criminal investigation.

Link

Geico Data Breach Exposed Driver’s Licenses in Early 2021

Andrew Orr ·

Geico revealed a data breach that occurred on its systems and hackers accessed driver’s licenses.

The insurance giant did not say how many customers were affected by the breach but said the fraudsters accessed customer driver’s license numbers between January 21 and March 1. Companies are required to alert the state’s attorney general’s office when more than 500 state residents are affected by a security incident.

Geico said it had “reason to believe that this information could be used to fraudulently apply for unemployment benefits in your name.”

Link

Verkada Security Breach Exposes 150,000 Surveillance Cameras

Andrew Orr ·

Hackers have breached the systems of Verkada, a startup that sells security cameras. The group says it was done to expose how widespread video surveillance is.

A person with knowledge of the matter said Verkada’s chief information security officer, an internal team and an external security firm are investigating the incident. The company is working to notify customers and set up a support line to address questions, said the person, who requested anonymity to discuss an ongoing investigation.

Link

Washington State Suffers Data Breach due to Contractor ‘Accellion’

Andrew Orr ·

Washington’s state government reported a data breach on Monday that could affect over 1.6 million people. The breach is connected to Accellion, a contractor involved with the state auditor’s office.

During the week of January 25, 2021, Accellion confirmed that an unauthorized person gained access to SAO files by exploiting a vulnerability in Accellion’s file transfer service. Some of the SAO data files contained personal information of Washington state residents who filed unemployment insurance claims in 2020 […] may also include the personal information of other Washington residents who have not yet been identified but whose information was in state agency or local government files under review by the SAO.

Link

Latest T-Mobile Data Breach Exposes Customer Data

Andrew Orr ·

The latest T-Mobile data breach (this is the third time and the second breach in 2020) has affected an estimated 200,000 people.

The data accessed did NOT include any names associated with the account, financial data, credit card information, social security numbers, passwords, PINs or physical or email addresses. The information that was accessed may have included phone numbers, number of lines subscribed to and in a small number of cases some call-related information collected as part of normal operation and service.

Link

‘GetSchooled’ Charity Data Breach Exposes Data of 900,000 Kids

Andrew Orr ·

GetSchooled, a charity run by the Bill & Melinda Gates Foundation, has leaked the details of over 900,000 children in a data breach.

The breached information contains extensive personal details of children, teenagers and young adults including: full addresses, schools, full student PII including student phone numbers and emails, graduation details, ages, genders and more…

Full everything. What could be “and more”, medical records? GetSchooled got schooled.

Link

Vertafore Data Breach Affects 27.7 Million Texan Drivers

Andrew Orr ·

Insurance software company Vertafore disclosed a data breach in which an unknown third-party accessed the personal information of 27.7 million drivers in Texas.

The incident is believed to have taken place sometime between March 11 and August 1, and happened as a result of human error when three data files were inadvertently stored in an unsecured external storage service.

Exposed data included Texas driver license numbers, names, dates of birth, addresses, and vehicle registration histories.