Reuters: War Crimes Tribunal ICC Says It Has Been Hacked. “The International Criminal Court (ICC) said on Tuesday its computer system had been hacked, a breach at one of the world’s most high-profile international institutions and one that handles highly sensitive information about war crimes.”
The Register: Save the Children feared hit by ransomware, 7TB stolen . “As highlighted by VX-Underground and Emsisoft threat analyst Brett Callow earlier today, BianLian bragged on its website it had hit an organization that, based on the gang’s description of its unnamed victim, looks to be Save The Children International. The NGO, which employs about 25,000 people, says it has helped more than a billion kids since it was founded in 1919.”
Bleeping Computer: Freecycle confirms massive data breach impacting 7 million users. “Freecycle, an online forum dedicated to exchanging used items rather than trashing them, confirmed a massive data breach that affected more than 7 million users. The nonprofit organization says it discovered the breach on Wednesday, weeks after a threat actor put the stolen data for sale on a hacking forum on May 30, warning affected people to switch passwords immediately.”
The Street: FTX victims’ face doxxing threat after sensitive data taken by hackers. “Kroll, the firm managing customer data of FTX collapse victims, was hit by a data breach this month that resulted in customer data being stolen. The company was struck by ‘a cybersecurity incident that compromised non-sensitive customer data of certain claimants in the pending bankruptcy case,’ FTX said. However, Kroll announced that hackers also stole sensitive data in the hack.”
Engadget: Hack left majority of UK voters’ data exposed for over a year. “The UK’s Electoral Commission has revealed that some personal information of around 40 million voters was left exposed for over a year. The agency — which regulates party and election finance and elections in the country — said it was the target of a ‘complex cyberattack.’ It first detected suspicious activity on its network in October 2022, but said the intruders first gained access to its systems in August 2021.”
Bleeping Computer: BreachForums database and private chats for sale in hacker data breach. “While consumers are usually the ones worried about their information being exposed in data breaches, it’s now the hacker’s turn, as the notorious Breached cybercrime forum’s database is up for sale and member data shared with Have I Been Pwned.”
Bleeping Computer: JumpCloud discloses breach by state-backed APT hacking group. “US-based enterprise software firm JumpCloud says a state-backed hacking group breached its systems almost one month ago as part of a highly targeted attack focused on a limited set of customers. The company discovered the incident on June 27, one week after the attackers breached its systems via a spear-phishing attack.”
TechCrunch: LetMeSpy, a phone tracking app spying on thousands, says it was hacked. “A hacker has stolen the messages, call logs and locations intercepted by a widely used phone monitoring app called LetMeSpy, according to the company that makes the spyware.”
The Register: Data leak at major law firm sets Australia’s government and elites scrambling . “HWL Ebsworth is the kind of big-end-of-town law firm that attracts governments and large corporates as clients. Those clients are now scrambling to understand if their data has leaked. Australia’s federal government has reportedly established a task force to determine the extent of its exposure – which is thought to include some sensitive military material.”
EdScoop: Georgia university leaders waited three months to disclose data breach, lawsuits claim. “A data breach at Mercer University last April exposed the personal information of more than 93,000 people and leaders at the Macon, Georgia, school waited an inordinately long time before notifying affected parties, according to two lawsuits filed last week.”
How-To Geek: Toyota’s New Data Breach Affects 260,000 Car Owners. “It’s been a wild few weeks for Toyota owners. If you happen to own a Toyota, you might want to keep reading, as the company has identified a data breach that affects hundreds of thousands of owners.”
The Register: Dish confirms 300,000 people’s data was exposed in February’s attack . “Dish Network has admitted that a February cybersecurity incident and associated multi-day outage led to the extraction of data on nearly 300,000 people, while also appearing to indirectly admit it may have paid cybercriminals to delete said data.”
Philadelphia Inquirer: The Philadelphia Inquirer’s operations continue to be disrupted by a cyber incident. “The Philadelphia Inquirer and outside cybersecurity experts continued Sunday to scramble to restore systems after an apparent cyberattack disrupted operations over the weekend. The Inquirer had been unable to print its regular Sunday newspaper, and it was not clear until late Sunday afternoon that it would be possible to print Monday’s editions of The Inquirer and Daily News newspapers.”
Bleeping Computer: Brightly warns of SchoolDude data breach exposing credentials. “U.S. tech company and Siemens subsidiary Brightly Software is notifying customers that their personal information and credentials were stolen by attackers who gained access to the database of its SchoolDude online platform. SchoolDude is a cloud-based platform for managing work orders used by over 7,000 colleges, universities, and K-12 schools from school districts of up to 600,000 students.”
Reuters: Data of 237,000 US government employees breached. “The personal information of 237,000 current and former federal government employees has been exposed in a data breach at the U.S. Transportation Department (USDOT), sources briefed on the matter said on Friday.”
