Mitigate Baron SameEdit (CVE-2021-3156) vulnerability

Weekly Breach Report – Jul 13th

Jul 13, 2020By Shaina Raskin


A snapshot of last week’s reported cybersecurity breaches and vulnerabilities



European and British law enforcement agencies arrested hundreds of criminals after infiltrating into the encrypted communication app EncroChat. The Hacker News: 



Researchers discovered a data breach on Clubillion, a casino gambling app with millions of daily active players. European Gaming:


Microsoft users

A massive phishing campaign is targeting Microsoft Office 365 customers across 62 countries. The Seattle Times:



Brazilian health insurer announced it suffered a cyberattack that potentially involved customer personal information. Reuters:


Frost & Sullivan

The business consulting firm suffered a major data breach exposing personal data. Digital Journal:



A data breach hit a bus operator in Egypt, Kenya, and Pakistan. The Daily Swig:



A data breach at the Indonesian company Tokopedia exposed the personal data of 91M users. Coconuts Jakarta:



Facebook took down several networks based in Brazil, Canada, Ecuador, Ukraine, and the US that violated the social network’s policy against foreign interference. CyberWire:


Dark Web

A new audit of the Dark Web revealed 15bn stolen logins from 100,000 breaches. Forbes:


Magellan Health

An April ransomware attack on Magellan Health impacted over 365,000 patients’ data. HealthITSecurity:


Russian Hacker

A Russian hacker found guilty in California court for the Dropbox, LinkedIn, and Formspring breaches. ZDNet:



A hyperlocal Indian delivery service suffered a data breach that exposed customer emails and phone numbers. The Next Web:



Researchers discovered possible intentional backdoors in the firmware of 29 FIber-To-The-Home Optical Line Termination devices from Chinese vendor C-Data. ZDNet:



Hackers are scanning the internet looking for vulnerable Citrix installations after the company patched 11 security bugs in its network perimeter products. The Register:



KingComposer, creators of a popular WordPress plugin, patched the software because of a cross-site scripting vulnerability. ZDNet:

Like the report? Sign up below and get it in your inbox.

The registered trademark Linux® is used pursuant to a sublicense from the Linux Foundation, the exclusive licensee of Linus Torvalds, owner of the mark on a world­wide basis.