Keytronic confirms data breach after ransomware gang leaks stolen files
PCBA manufacturing giant Keytronic is warning it suffered a data breach after the Black Basta ransomware gang leaked 530GB of the company's stolen data two weeks ago. [...]
Theft in cybersecurity covers stolen data, credentials, devices, and funds, often creating risks of unauthorized access, fraud, and privacy loss.
Search across headline titles and summaries.
Background for this topic.
Unauthorized taking or copying of information, credentials, intellectual property, or digital assets is cyber theft. News under this tag may involve stolen passwords, payment data, personal information, source code, cloud tokens, cryptocurrency, or sensitive business files. Theft can result from phishing, malware, compromised accounts, insider access, exposed storage, or the loss of an unencrypted device; the relevant issue is the unauthorized acquisition or control of an asset, whether or not the attacker also alters systems.
Security teams should identify where valuable data and credentials are stored, restrict access by role, require strong authentication, encrypt data at rest and in transit, and monitor unusual downloads or transfers. Vulnerability management matters when flaws expose databases, endpoints, or cloud services to unauthorized retrieval. After suspected theft, preserving logs, revoking tokens and credentials, determining what was accessed or copied, and assessing privacy or notification obligations are central to containing the incident and measuring its impact.
PCBA manufacturing giant Keytronic is warning it suffered a data breach after the Black Basta ransomware gang leaked 530GB of the company's stolen data two weeks ago. [...]
The Scattered Spider gang has started to steal data from software-as-a-service (SaaS) applications and establish persistence through creating new virtual machines. [...]
An analysis of a hybrid biometric access system from Chinese manufacturer ZKTeco has uncovered two dozen security flaws that could be used by attackers to defeat authentication, steal biometric data, and even deploy malicious backdoors
Also: Personal Data Theft From OKX; Terraform-SEC Settlement TermsThis week, the Norwegian government froze funds from the Ronin hack, a hacker stole personal data of OKX users, Terraform Labs' SEC released settlement terms, "Ethereum's most secure wallet" was breached, Orbit Chain spoke about its hacked funds and scammers exploited AI hype.
Leading U.S. commercial bank Truist confirmed its systems were breached in an October 2023 cyberattack after a threat actor posted some of the company's data for sale on a hacking forum. [...]
The New York Times notified an undisclosed number of contributors that some of their sensitive personal information was stolen and leaked after its GitHub repositories were breached in January 2024. [...]
Experiment demonstrates how AI can turn the tables on cybercriminals, capturing bank account details of how scammers move stolen funds around the world.
A new phishing kit has been released that allows red teamers and cybercriminals to create progressive web Apps (PWAs) that display convincing corporate login forms to steal credentials. [...]
Perry Johnson & Associates' 2023 Data Theft Breach Affected About 14 MillionThe 2023 hack at medical transcription firm Perry Johnson & Associates, which affected dozens of clients and about 14 million individuals, triggered the largest health data breach reported to regulators last year. Now the incident appears to be under federal criminal investigation.
6.9 Million Individuals' Genetic Details Stolen via 2023 Credential-Stuffing AttackPrivacy regulators in the U.K. and Canada have launched a joint investigation into 23andMe following the direct-to-consumer genetic testing service suffering a massive data breach in October 2023 that led to the theft of 6.9 million individuals' ancestry details.
Cybersecurity researchers have uncovered an updated version of malware called ValleyRAT that's being distributed as part of a new campaign
As many as 165 customers of Snowflake are said to have had their information potentially exposed as part of an ongoing campaign designed to facilitate data theft and extortion, indicating the operation has broader implications than previously thought
Mandiant warns criminal gang UNC5537, which may be friendly with Scattered Spider, is on the rampage An unknown financially motivated crime crew has swiped a "significant volume of records" from Snowflake customers' databases using stolen credentials, according to Mandiant.…
An investigation into infostealer-driven attacks on Snowflake customers shows that approximately 165 clients potentially had data stolen by financially-motivated hackers, says cyber threat intel firm Mandiant. It attributed the attacks to a cluster of threat activity that it now tracks as UNC5537.
Cybersecurity company Cylance confirmed the legitimacy of data being sold on a hacking forum, stating that it is old data stolen from a "third-party platform." [...]
A far cry from the half-million claim that crims originally boasted Auction house to the wealthy Christie's says 45,798 people were affected by its recent cyberattack and resulting data theft.…
An anonymous 4Chan user is claiming to have shared a trove of source code stolen from the New York Times
Threat Actor GhostR Says It Stole 34 GB of DataA financially motivated hacker claims to have stolen over 34 gigabytes of data belonging to Singapore-based Telecom company Absolute Telecom. The hacker dubbed GhostR claims to have access to the company's data including corporate accounting, credit cards and customer information.