[Weekly Security News] AT&T confirms data leaked for 73 million customers

[Weekly Security News] AT&T confirms data leaked for 73 million customers

[April 03 2024]

1. AT&T confirms data for 73 million customers leaked on hacker forum

AT&T has finally confirmed it is impacted by a data breach affecting 73 million current and former customers after initially denying the leaked data originated from them. According to AT&T, the data on the dark web includes social security numbers for AT&T account holders, impacting approximately 7.6 million current AT&T account holders and approximately 65.4 million former ones. In addition to passcodes and social security numbers, it may include email and mailing addresses, phone numbers and birth dates.

Source : Bleeping Computer, The Guardian, CNN, CNBC


2. Hackers threaten to publish huge cache of NHS data

A ransomware group is threatening to publish a huge cache of stolen data following a cyber attack on a Scottish health board. A group calling itself INC Ransom has published what they’ve called a “proof pack,” including confidential information on a small number of patients. The health board is continuing to working with Police Scotland, the National Cyber Security Centre and the Scottish government and other agencies.

Source : BBC, Security Affairs, SC Media


3. Malware Upload Attack Hits PyPI Repository

Maintainers of the Python Package Index (PyPI) repository were forced to suspend new project creation and new user registration on Thursday to mitigate a worrisome malware upload campaign. The company said it spotted multiple malicious Python packages being uploaded on the Python Package Index (PyPI) and noted that these packages most likely were created using automation tools. The malicious code is located within each package’s setup.py file, enabling automatic execution upon installation.

Source : Security Week, The Record, IT World Canada


Check out the product lines of  Cloudbric by Penta Security:

Cloud-based Fully Managed WAAP: Cloudbric WAF+

Agent based Zero Trust Network Access Solution: Cloudbric PAS

Agentless Zero Trust Network Access Solution: Cloudbric RAS

Blockchain: Blockchain Security Solution

Click here for inquiries regarding the partner system of Cloudbric
Make sure to follow us on our social media platforms (LinkedIn, Twitter, and Facebook)

Check out Penta Security’s product lines:

Web Application Firewall: WAPPLES

Database Encryption: D’Amo

Identity and Access Management: iSIGN+ 

Car, Energy, Factory, City Solutions: Penta IoT Security

Click here for inquiries regarding the partner system of Penta Security
Make sure to follow us on our social media platforms (LinkedIn)