Cell phone carrier T-Mobile reported in January 2023 that there was unauthorized access to some customer data for a certain time period. T-Mobile is in the process of contacting those customers.
Category Archives: Data Breaches
LastPass Security Incident
LastPass issued a security advisory to its customers regarding an incident where there was unauthorized access to customer data. LastPass states that their products are functional and they will continue to investigate the issue.
Rackspace ransomware incident for Hosted Exchange environment
Rackspace reported a ransomware incident for Hosted Exchange environment in December 2022 which is causing service disruptions. Rackspace has contained the issue and is investigating the incident. More information is available at their status page.
Twitter private account name may have been released for some users
Twitter revealed that an earlier security vulnerability that allowed someone to enter a phone number or email address to verify if that information was tied to an existing Twitter account. The Twitter user account name was returned if a match was found. Twitter fixed this issue and is in the process of contacting only those users that were affected by this incident.
Samsung cybersecurity incident affected some U.S. customers
Samsung has reported a cybersecurity incident that affected the data of some of its U.S. customers in September 2022. Samsung is in the process of contacting these customers by email. More information is at the Samsung FAQ page.
Equifax Data Breach Settlement and free credit monitoring
People who filed valid claims as part of the earlier Equifax data breach can request free credit monitoring. Equifax has emailed activation codes to these claimants and these codes must be used by June 27, 2022. More information about this legal settlement can be found at www.equifaxbreachsettlement.com.
Apache Java logging library security alert for servers
The Apache Software Foundation has released a security advisory for Java logging library Apache Log4j. This flaw is also known as Log4Shell. This vulnerability may be exploited over a network without the need for a username and password. This is logged in the National Vulnerability Database (NVD) as CVE-2021-44228. Multiple server and cloud software vendors will be releasing security updates.
Robinhood financial app data security incident
Robinhood has reported that some of its financial app’s customer data was leaked in November 2021. This includes at least two million full names and 5 million email addresses. A much smaller amount of customers had additional data leaked. Social security numbers and bank account numbers were not affected.
T-Mobile security incident in August 2021
T-Mobile has notified its customers that there was unauthorized access to some of its company data in August of 2021, and that the entry point for the intrusion was closed. The company is still researching this event.
Update: T-Mobile has released more details as well as recommendations for its customers, as well as former and prospective customers.
Western Digital reports data security issue with some My Book Live devices
Western Digital has reported a security issue with two of its devices: My Book Live and My Book Live Duo. Some of these devices have lost user data. These device should be disconnected from the internet.