[Weekly Security News] The unexpected data breach from the 3rd party

[Weekly Security News] The unexpected data breach from the 3rd party

[March 20 2024]

1. Acer confirms Philippines employee data leaked on hacking forum

Acer confirms Philippines employee data leaked on hacking forum. Earlier today, a threat actor known as ‘ph1ns’ published a link to download a stolen database containing Acer employee data for free on a hacking forum. Acer confirmed that the data is theirs but was not acquired directly from the company’s systems as well as is aware that one of Acer’s external vendors in the Philippines has suffered a data breach.

Source : Bleeping Computer, SC Media, Cyber Daily


2. 10 Million Likely Impacted by Data Breach at French Unemployment Agency

France Travail, formerly known as Pôle Emploi, is warning that hackers breached its systems and may leak or exploit personal details of an estimated 43 million individuals. In Mar 13, the agency disclosed that hackers stole details belonging to job seekers registered with the agency in the last 20 years in a cyberattack between February 6 and March 5. Data from individuals with a job candidate profile was also exposed such as Full name, Date of birth, Place of birth, Social security number (NIR), France Travail identifier, Email address, Postal address, and Phone number. This is not the first significant data breach involving the unemployment agency. In August 2023, the organization disclosed an incident that reportedly resulted in the personal information of roughly 10 million people being compromised.

Source : Security Week, Bleeping Computer, SC Media


3. Nissan: About 100,000 people in Australia, New Zealand affected by recent cyberattack

Nissan said that the personal information of about 100,000 individuals in Australia and New Zealand was exposed during a cyberattack that the company reported in December, 2023. The company published new details of the investigation into the incident in Mar 13, stating that it has begun notifying the victims, which include customers, dealers and some current and former employees. According to current estimates, the compromised information includes approximately 4,000 Australian Medicare cards, 7,500 driver’s licenses, 220 passports and 1,300 tax file numbers. In January 2023, Nissan warned thousands of its customers of its finance division about the potential leak of personal information through a third-party vendor.

Source : The Record, Security Week, Bleeping Computer


Check out Penta Security’s Cloudbric product lines:

Cloud-based Fully Managed WAAP: Cloudbric WAF+

Agent based Zero Trust Network Access Solution: Cloudbric PAS

Agentless Zero Trust Network Access Solution: Cloudbric RAS

Blockchain: Blockchain Security Solution

Click here for inquiries regarding the partner system of Cloudbric
Make sure to follow us on our social media platforms (LinkedIn, Twitter, and Facebook)

Check out Penta Security’s product lines:

Web Application Firewall: WAPPLES

Database Encryption: D’Amo

Identity and Access Management: iSIGN+ 

Car, Energy, Factory, City Solutions: Penta IoT Security

Click here for inquiries regarding the partner system of Penta Security
Make sure to follow us on our social media platforms (LinkedIn)