infosec
Yieldstreet says some of its customers were affected by the Evolve Bank data breach
Evolve, a popular financial institution for fintech startups, announced that a cyberattack affected “the data and personal information of some Evolve retail bank customers and financial technology partners’ customers.”
The news highlights that the fallout from the Evolve data breach on third-party companies — and their customers and users — is still unclear.
The company “identified a security incident that involved bad actors targeting a limited number of HubSpot customers and attempting to gain unauthorized access to their accounts” on June 22.
Startups scramble to assess fallout from Evolve Bank data breach
Fintech-friendly Evolve Bank disclosed a data breach, saying it may have impacted customers and partners.
Featured Article
Kaspersky resellers deride US government ban: ‘Complete bulls—t’
“It’s just a lot of time lost for nothing,” a U.S.-based Kaspersky reseller told TechCrunch, following the news of a US sales ban.
The U.S. government announced sanctions against 12 executives and senior leaders of the Russia-based cybersecurity giant Kaspersky. In a press release, the Department of the Treasury’s Office of Foreign Assets…
Japanese crypto exchange DMM Bitcoin confirmed on Friday that it had been the victim of a hack resulting in the theft of 4,502.9 bitcoin, or about $305 million. According to…
U.S. cell carrier Patriot Mobile experienced a data breach that included subscribers’ personal information, including full names, email addresses, home ZIP codes and account PINs, TechCrunch has learned. Patriot Mobile,…
Ireland privacy watchdog confirms Dell data breach investigation
A top European privacy watchdog is investigating following the recent breaches of Dell customers’ personal information, TechCrunch has learned. Ireland’s Data Protection Commission (DPC) deputy commissioner Graham Doyle confirmed to…
Threat actor scraped Dell support tickets, including customer phone numbers
The person who claimed to have stolen the physical addresses of 49 million Dell customers appears to have taken more data from a different Dell portal, TechCrunch has learned. The…
Threat actor says he scraped 49M Dell customer addresses before the company found out
The person who claims to have 49 million Dell customer records told TechCrunch that he brute-forced an online company portal and scraped customer data, including physical addresses, directly from Dell’s…
Technology giant Dell notified customers on Thursday that it experienced a data breach involving customers’ names and physical addresses. In an email seen by TechCrunch and shared by several people…
UnitedHealthcare CEO says ‘maybe a third’ of US citizens were affected by recent hack
Two months after hackers broke into Change Healthcare systems stealing and then encrypting company data, it’s still unclear how many Americans were impacted by the cyberattack. Last month, Andrew Witty,…
UnitedHealth CEO tells Senate all systems now have multi-factor authentication after hack
UnitedHealth Group Chief Executive Officer Andrew Witty told senators on Wednesday that the company has now enabled multi-factor authentication on all the company’s systems exposed to the internet in response…
Ex-NSA hacker and ex-Apple researcher launch startup to protect Apple devices
Two veteran security experts are launching a startup that aims to help other makers of cybersecurity products to up their game in protecting Apple devices. Their startup is called DoubleYou,…
Apex Legends hacker says game developers patched exploit used on streamers
Last month, a hacker wreaked havoc during an esports tournament of the popular shooter game Apex Legends, hacking two well-known streamers mid-game to make it look like they were using…
A crypto wallet maker’s warning about an iMessage bug sounds like a false alarm
A crypto wallet maker claimed this week that hackers may be targeting people with an iMessage “zero-day” exploit — but all signs point to an exaggerated threat, if not a…
Shakeeb Ahmed, a cybersecurity engineer convicted of stealing around $12 million in crypto, was sentenced on Friday to three years in prison. In a press release, the U.S. Attorney for…
Featured Article
How Ukraine’s cyber police fights back against Russia’s hackers
On February 24, 2022, Russian forces invaded Ukraine. Since then, life in the country has changed for everyone. For the Ukrainian forces who had to defend their country, for the regular citizens who had to withstand invading forces and constant shelling, and for the Cyberpolice of Ukraine, which had to…
Ransomware gangs are increasingly calling up victim organizations to extort and intimidate rank-and-file employees.
Hackers stole 340,000 Social Security numbers from government consulting firm
U.S. consulting firm Greylock McKinnon Associates (GMA) disclosed a data breach in which hackers stole as many as 341,650 Social Security numbers. The data breach was disclosed on Friday on…
Featured Article
Price of zero-day exploits rises as companies harden products against hackers
Tools that allow government hackers to break into iPhones and Android phones, popular software like the Chrome and Safari browsers, and chat apps like WhatsApp and iMessage, are now worth millions of dollars — and their price has multiplied in the last few years as these products get harder to…
Featured Article
Investors’ pledge to fight spyware undercut by past investments in US malware maker
On Monday, the Biden administration announced that six new countries had joined an international coalition to fight the proliferation of commercial spyware, sold by companies such as NSO Group or Intellexa. Now, some investors have announced that they too are committed to fighting spyware. But at least one of those…
A government watchdog hacked a US federal agency to stress-test its cloud security
A U.S. government watchdog stole more than 1GB of seemingly sensitive personal data from the cloud systems of the U.S. Department of the Interior. The good news: The data was…
Featured Article
Spyware startup Variston is losing staff — some say it’s closing
In July 2022, someone sent Google a batch of malicious code that could be used to hack Chrome, Firefox, and PCs running Microsoft Defender. That code was part of an exploitation framework called Heliconia. And at the time, the exploits used to target those applications were zero-days, meaning the software…
Government hackers targeted iPhone owners with zero-days, Google says
Government hackers last year exploited three unknown vulnerabilities in Apple’s iPhone operating system to target victims with spyware developed by a European startup, according to Google. On Tuesday, Google’s Threat…
On Tuesday, hackers stole around $112 million of the Ripple-focused cryptocurrency XRP from a crypto wallet, Ripple’s co-founder and executive chairman has disclosed. Ripple’s Chris Larsen said on Wednesday that…
In a data breach notification letter filed with regulators this weekend, 23andMe revealed that hackers started breaking into customers’ accounts in April 2023 and continued through most of September. In…
Hackers breached Microsoft to find out what Microsoft knows about them
Wouldn’t you want to know what tech giants know about you? That’s exactly what Russian government hackers want, too. On Friday, Microsoft disclosed that the hacking group it calls Midnight…
You’re watching a movie. A criminal is trying to evade a crime scene in a sports car on the highway. A helicopter is following the car from above. The car…