Security news aggregator

Latest coverage for Theft

Theft in cybersecurity covers stolen data, credentials, devices, and funds, often creating risks of unauthorized access, fraud, and privacy loss.

18 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

Unauthorized taking or copying of information, credentials, intellectual property, or digital assets is cyber theft. News under this tag may involve stolen passwords, payment data, personal information, source code, cloud tokens, cryptocurrency, or sensitive business files. Theft can result from phishing, malware, compromised accounts, insider access, exposed storage, or the loss of an unencrypted device; the relevant issue is the unauthorized acquisition or control of an asset, whether or not the attacker also alters systems.

Security teams should identify where valuable data and credentials are stored, restrict access by role, require strong authentication, encrypt data at rest and in transit, and monitor unusual downloads or transfers. Vulnerability management matters when flaws expose databases, endpoints, or cloud services to unauthorized retrieval. After suspected theft, preserving logs, revoking tokens and credentials, determining what was accessed or copied, and assessing privacy or notification obligations are central to containing the incident and measuring its impact.

Showing 18 most recent headlines Filtered view
Bank Info Security 10 months, 1 week ago

Sextortion Risk Alert as Infostealer Can Grab Webcam Images

Free Stealerium Malware Grabs Desktop and Webcam Images When NSFW Content DetectedBlackmailers have long spammed internet users, claiming to have captured images of them accessing adult content. Lately, these sextortion criminals have a new trick up their sleeve: the real thing, thanks to information-stealing malware with a NSFW content trigger to grab webcam and desktop images.

AI-powered ransomware, extortion chatbots, vibe hacking … just wait until agents replace affiliates It's no secret that AI tools make it easier for cybercriminals to steal sensitive data and then extort victim organizations. But two recent developments illustrate exactly how much LLMs lower the bar for ransomware and other financially motivated cybercrime — and provide a glimpse to defenders about what's on the horizon.…

Bank Info Security 10 months, 2 weeks ago

Hackers Grab $130M Using Brazil's Real-Time Payment System

HSBC and Another Firm Hit After Service Provider Breached; Some Funds RecoveredAttackers on Friday used valid credentials for financial technology provider Sinqia to steal $130 million from two financial services firms in Brazil, using the country's real-time payment system Pix. The Brazilian Central Bank moved quickly to freeze the funds and has recovered some of the money.

Salesloft on Tuesday announced that it's taking Drift temporarily offline "in the very near future," as multiple companies have been ensnared in a far-reaching supply chain attack spree targeting the marketing software-as-a-service product, resulting in the mass theft of authentication tokens

Bank Info Security 10 months, 2 weeks ago

Cyberattack Disrupts Jaguar Land Rover Assembly Line

Company Says No Evidence of Customer Data ExfiltrationBritish carmaker Jaguar Land Rover shut down its Liverpool assembly line Tuesday following a cyberattack. "At this stage, there is no evidence any customer data has been stolen, but our retail and production activities have been severely disrupted," the company said.

The Register 10 months, 2 weeks ago

Stolen OAuth tokens expose Palo Alto customer data

Security firm's Salesforce instance accessed using credentials stolen from Salesloft's Drift platform breach Palo Alto Networks is writing to customers that may have had commercially sensitive data exposed after criminals used stolen OAuth credentials lifted from the Salesloft Drift break-in to gain entry to its Salesforce instance.…

Bank Info Security 10 months, 2 weeks ago

Salesloft Drift Attacks Exposed Zscaler Customer Data

'Widespread Data Theft Campaign' Compromised Many Drift OAuth Tokens, Warn ExpertsThreat researchers report that "a widespread data theft campaign" traces to attackers stealing OAuth access tokens for applications integrated with Salesloft's AI chatbot Drift, then exfiltrating data. Victims include Salesforce customer Zscaler. Google Workspace instances were also breached.

The recent mass-theft of authentication tokens from Salesloft, whose AI chatbot is used by a broad swath of corporate America to convert customer interaction into Salesforce leads, has left many companies racing to invalidate the stolen credentials before hackers can exploit them. Now Google warns the breach goes far beyond access to Salesforce data, noting the hackers responsible also stole valid authentication tokens for hundreds of online services that customers can integrate with Salesloft, including Slack, Google Workspace, Amazon S3, Microsoft Azure, and OpenAI.

Bank Info Security 10 months, 2 weeks ago

Event Horizon for Vibe Hacking Draws Closer, Anthropic Warns

Cyber Extortion Campaign Automated Efforts to 'Unprecedented' Degree, Says AI GiantArtificial intelligence giant Anthropic said it's disrupted a cybercrime operation that tapped its large language models, including Claude Code, to an "unprecedented" extent to help automate a data theft and extortion campaign that targeted more than a dozen critical infrastructure organizations.

Bank Info Security 10 months, 2 weeks ago

Law Enforcement Operation Seizes Fake ID Platform VerifTools

FBI Seizes Domains; Dutch Police Analyzing Seized Data to Identify Admin and UsersAn international law enforcement operation involving the FBI and Dutch police has shuttered VerifTools, a "key" platform for generating fake identification documents cops have tied to multiple help desk fraud, cryptocurrency theft and other cybercrime cases.