The mobile phone provider recently announced that a data breach had impacted 37 million T-Mobile accounts. In a Form 8-K filing with the US Securities and Exchange Commission, T-Mobile said they realized an authorized entity obtained data via a single API on January 5, 2023. Unlike other data breach cases where customer data is sometimes…
LastPass, a popular password manager, announced that an unauthorized party accessed the company’s archived backups of its production data on a third-party cloud-based storage service. According to the company’s investigation, a threat actor accessed the cloud storage environment in August 2022 with information obtained from an earlier incident. Although the threat actor did not access…
In late November 2022, sports betting firm DraftKings announced that it had suffered a data breach affecting approximately 68,000 customers. The company stated that the breach resulted from a credential stuffing attack, in which attackers obtained credentials from a third-party source and attempted to use them to access DraftKings accounts. According to DraftKings, the attackers…
In light of a recent data breach, the City of Tucson, Arizona, is alerting approximately 123,000 citizens that their personal information has been compromised. The issue was detected in May 2022, but the city’s investigation didn’t conclude until last month. As detailed in the notification addressed to those impacted by the data breach, an attacker…