EncroChat
European and British law enforcement agencies arrested hundreds of criminals after infiltrating into the encrypted communication app EncroChat. The Hacker News: https://thehackernews.com/2020/07/encrochat-encrypted-phone.html
Clubillion
Researchers discovered a data breach on Clubillion, a casino gambling app with millions of daily active players. European Gaming: https://europeangaming.eu/portal/latest-news/2020/07/08/73747/popular-gambling-app-exposed-millions-of-users-in-massive-data-leak/
Microsoft users
A massive phishing campaign is targeting Microsoft Office 365 customers across 62 countries. The Seattle Times: https://www.seattletimes.com/business/vast-phishing-campaign-hits-microsoft-users-in-62-countries/
Hapvida
Brazilian health insurer announced it suffered a cyberattack that potentially involved customer personal information. Reuters: https://in.reuters.com/article/us-hapvida-cyber-attack/brazils-hapvida-discloses-cyber-breach-potential-client-data-leak-idINKBN2471IP
Frost & Sullivan
The business consulting firm suffered a major data breach exposing personal data. Digital Journal: http://www.digitaljournal.com/tech-and-science/technology/frost-sullivan-suffers-from-global-data-breach/article/574409
Swvl
A data breach hit a bus operator in Egypt, Kenya, and Pakistan. The Daily Swig: https://portswigger.net/daily-swig/egyptian-bus-operator-swvl-hit-by-data-breach
Tokopedia
A data breach at the Indonesian company Tokopedia exposed the personal data of 91M users. Coconuts Jakarta: https://coconuts.co/jakarta/news/private-data-of-91-million-tokopedia-users-openly-traded-online-cyber-security-firm/
Facebook took down several networks based in Brazil, Canada, Ecuador, Ukraine, and the US that violated the social network’s policy against foreign interference. CyberWire: https://thecyberwire.com/newsletters/daily-briefing/9/132
Dark Web
A new audit of the Dark Web revealed 15bn stolen logins from 100,000 breaches. Forbes:
Magellan Health
An April ransomware attack on Magellan Health impacted over 365,000 patients’ data. HealthITSecurity:
https://healthitsecurity.com/news/magellan-health-data-breach-victim-tally-reaches-365k-patients
Russian Hacker
A Russian hacker found guilty in California court for the Dropbox, LinkedIn, and Formspring breaches. ZDNet: https://www.zdnet.com/article/russian-hacker-found-guilty-for-dropbox-linkedin-and-formspring-breaches/
Dunzo
A hyperlocal Indian delivery service suffered a data breach that exposed customer emails and phone numbers. The Next Web: https://thenextweb.com/in/2020/07/11/google-backed-indian-delivery-startup-dunzo-suffers-data-breach/
C-Data
Researchers discovered possible intentional backdoors in the firmware of 29 FIber-To-The-Home Optical Line Termination devices from Chinese vendor C-Data. ZDNet: https://www.zdnet.com/article/backdoor-accounts-discovered-in-29-ftth-devices-from-chinese-vendor-c-data/
Citrix
Hackers are scanning the internet looking for vulnerable Citrix installations after the company patched 11 security bugs in its network perimeter products. The Register: https://www.theregister.com/2020/07/09/citrix_bugs_proof_of_concept_exploits/
KingComposer
KingComposer, creators of a popular WordPress plugin, patched the software because of a cross-site scripting vulnerability. ZDNet: https://www.zdnet.com/article/kingcomposer-wordpress-plugin-patches-xss-flaw-impacting-100000-websites/