CNET: T-Mobile customers’ personal information exposed in hack

CNET: T-Mobile customers’ personal information exposed in hack. “T-Mobile said Thursday that hackers gained access to the personal information of some prepaid wireless customers, including their names, phone numbers and account information. The wireless provider said no financial information was exposed and no passwords compromised.”

Bleeping Computer: Macy’s Customer Payment Info Stolen in Magecart Data Breach

Bleeping Computer: Macy’s Customer Payment Info Stolen in Magecart Data Breach . “Macy’s has announced that they have suffered a data breach due to their web site being hacked with malicious scripts that steal customer’s payment information. This type of compromise is called MageCart attack and consists of hackers compromising a web site so that they can inject malicious JavaScript scripts into various sections of the web site. These scripts then steal payment information that is submitted by a customer.”

Ars Technica: Password data for ~2.2 million users of currency and gaming sites dumped online

Ars Technica: Password data for ~2.2 million users of currency and gaming sites dumped online. “Password data and other personal information belonging to as many as 2.2 million users of two websites—one a cryptocurrency wallet service and the other a gaming bot provider—have been posted online, according to Troy Hunt, the security researcher behind the Have I Been Pwned breach notification service. One haul includes personal information for as many as 1.4 million accounts from the GateHub cryptocurrency wallet service. The other contains data for about 800,000 accounts on RuneScape bot provider EpicBot.”

Study: Ransomware, Data Breaches at Hospitals tied to Uptick in Fatal Heart Attacks (Krebs on Security)

Krebs on Security: Study: Ransomware, Data Breaches at Hospitals tied to Uptick in Fatal Heart Attacks. “Hospitals that have been hit by a data breach or ransomware attack can expect to see an increase in the death rate among heart patients in the following months or years because of cybersecurity remediation efforts, a new study posits. Health industry experts say the findings should prompt a larger review of how security — or the lack thereof — may be impacting patient outcomes.”

Krebs on Security: Breaches at NetworkSolutions, Register. com, and Web. com

Krebs on Security: Breaches at NetworkSolutions, Register. com, and Web. com. “Top domain name registrars NetworkSolutions.com, Register.com and Web.com are asking customers to reset their passwords after discovering an intrusion in August 2019 in which customer account information was accessed.”

Bleeping Computer: Hackers Breach Avast Antivirus Network Through Insecure VPN Profile

Bleeping Computer: Hackers Breach Avast Antivirus Network Through Insecure VPN Profile. “Hackers accessed the internal network of Czech cybersecurity company Avast, likely aiming for a supply chain attack targeting CCleaner. Detected on September 25, intrusion attempts started since May 14. Following an investigation, the antivirus maker determined that the attacker was able to gain access using compromised credentials via a temporary VPN account.”