#unauthorized access

[ follow ]
#unauthorized-access
TechCrunch
22 hours ago
Information security

Hugging Face says it detected 'unauthorized access' to its AI model hosting platform | TechCrunch

Hugging Face AI startup announced unauthorized access to its Spaces platform, prompting token revocation and security policy review. [ more ]
TechCrunch
1 week ago
Information security

Spyware found on US hotel check-in computers | TechCrunch

Consumer-grade spyware pcTattletale exposed Wyndham hotel guest details due to a security flaw, highlighting risks of unauthorized data access. [ more ]
Quartz
2 weeks ago
Digital life

Don't want people stealing your home WiFi? Here's how to to keep them off

Regularly audit your WiFi connections to prevent unauthorized access. [ more ]
ComputerWeekly.com
4 weeks ago
Information security

Dropbox Sign user information accessed in data breach | Computer Weekly

Dropbox Sign (formerly HelloSign) faced a data breach leading to unauthorized access to customer data, prompting security measures and notifications to impacted users. [ more ]
Theregister
1 month ago
DevOps

AWS customer faces staggering charges over S3 bucket misfire

AWS S3 bucket owners can face high charges due to misconfigurations beyond their control. [ more ]
www.theguardian.com
2 months ago
Privacy professionals

Kate: watchdog investigating if hospital delayed data breach report

The ICO is investigating delayed reporting of privacy breach at the London Clinic
Unauthorized access to medical records can lead to fines and prosecutions [ more ]
moreunauthorized-access
SecurityWeek
6 months ago
Information security

Critical Vulnerability Found in Ray AI Framework

A critical vulnerability in the Ray compute framework for AI allows unauthorized access to all nodes.
The vulnerability allows attackers to submit or delete jobs without authentication and retrieve sensitive information.
Ray does not enforce authentication by default and does not support any type of authorization model. [ more ]
#data breach
Databreaches
6 months ago
Privacy professionals

Mission Community Hospital issues notification for May 1 ransomware attack

Deanco Healthcare LLC, also known as Mission Community Hospital, has issued a breach notification about a ransomware attack it discovered in early May.
The unauthorized party accessed files containing patient information, including addresses, dates of birth, Social Security numbers, and financial account information.
The hospital did not detect the ransomware attackers in their network until it was too late. [ more ]
BleepingComputer
6 months ago
Privacy professionals

Toyota confirms breach after Medusa ransomware threatens to leak data

Toyota Financial Services detected unauthorized access on its systems in Europe and Africa after being targeted by the Medusa ransomware.
The hackers are demanding $8 million from Toyota and threaten to leak stolen data if the ransom is not paid.
Toyota Financial Services has taken systems offline to investigate the incident and is working with law enforcement. [ more ]
moredata breach
 @OttLegalRebels1 year ago
T-Mobile discloses its second data breach of 2023
The Verge
1 year ago
Privacy professionals

T-Mobile has suffered yet another data breach

T-Mobile has experienced another data breach, reporting that personal information belonging to hundreds of account holders was exposed in an attack between late February and March 2023.The company disclosed in notification letters issued to impacted customers on April 28th that a hacker managed to access information such as full names, dates of birth, addresses, contact information, government IDs, social security numbers, and T-Mobile account pins.
 @micshasan1 year ago
Much larger scale than we realized.
Theregister
1 year ago
Privacy professionals

Twilio, Cloudflare among 135 Oktapus phishing targets

Criminals behind the cyberattacks on Twilio and Cloudflare earlier this month had cast a much wider net in their phishing expedition, targeting as many as 135 organizations - primarily IT, software development and cloud services providers based in the US.The gang went after the employees of Okta customers, sending victims text messages with malicious links to sites spoofing their company's authentication page to harvest their work login credentials and multi-factor authentication codes.Because of this, Group-IB analysts named the campaign Oktapus.In research published Thursday, the threat intel team revealed the Oktapus phishing trip, which began in March, snaffled 9,931 user credentials and 5,441 multi-factor authentication codes.
[ Load more ]