Data Breaches – PossibleThreat Articles

The Ongoing Fallout from a Breach at AI Chatbot Maker Salesloft

September 1, 2025 0 Comments A Little Sunshine, alan liska, austin larsen, charles carmakal, counter-hack, Data Breaches, Google, google threat intelligence group, joshua wright, Latest Warnings, mandiant, Salesforce, salesloft drift, scattered spider, shinyhunters, The Coming Storm, unc6040, unc6395

Credit to Author: BrianKrebs| Date: Mon, 01 Sep 2025 21:55:04 +0000

The recent mass-theft of authentication tokens from Salesloft, whose AI chatbot is used by a broad swath of corporate America to convert customer interaction into Salesforce leads, has left many companies racing to invalidate the stolen credentials before hackers can exploit them. Now Google warns the breach goes far beyond access to Salesforce data, noting the hackers responsible also stole valid authentication tokens for hundreds of online services that customers can integrate with Salesloft, including Slack, Google Workspace, Amazon S3, Microsoft Azure, and OpenAI.

Independent Krebs

Poor Passwords Tattle on AI Hiring Bot Maker Paradox.ai

July 25, 2025 0 Comments A Little Sunshine, aramark, Data Breaches, hive systems, ian carroll, lockheed martin, lowes, mcdonalds, nexus stealer, paradox.ai, pepsi, sam curry, wired

Credit to Author: BrianKrebs| Date: Fri, 18 Jul 2025 01:23:20 +0000

Security researchers recently revealed that the personal information of millions of people who applied for jobs at McDonald’s was exposed after they guessed the password (“123456”) for the fast food chain’s account at Paradox.ai, a company that makes artificial intelligence based hiring chatbots used by many Fortune 500 companies. Paradox.ai said the security oversight was an isolated incident that did not affect its other customers, but recent security breaches involving its employees in Vietnam tell a more nuanced story.

Independent Krebs

DOGE Denizen Marko Elez Leaked API Key for xAI

July 25, 2025 0 Comments A Little Sunshine, business insider, Data Breaches, doge, gitguardian, github, grok, marko elez, philippe caturegli, president trump, seralys, techcrunch, The Coming Storm, the new york times, the wall street journal, the washington post, twitter, vice president j.d. vance, x, xai

Credit to Author: BrianKrebs| Date: Tue, 15 Jul 2025 01:23:43 +0000

Marko Elez, a 25-year-old employee at Elon Musk’s Department of Government Efficiency (DOGE), has been granted access to sensitive databases at the U.S. Social Security Administration, the Treasury and Justice departments, and the Department of Homeland Security. So it should fill all Americans with a deep sense of confidence to learn that Mr. Elez over the weekend inadvertently published a private key that allowed anyone to interact directly with more than four dozen large language models (LLMs) developed by Musk’s artificial intelligence company xAI.

Independent Krebs Security

Feds Link $150M Cyberheist to 2022 LastPass Hacks

March 7, 2025 0 Comments A Little Sunshine, chris larsen, Data Breaches, FBI, karim toubba, lastpass breach, nick bax, ripple, taylor monahan, U.S. Secret Service, zachxbt

Credit to Author: BrianKrebs| Date: Sat, 08 Mar 2025 01:20:05 +0000

In September 2023, KrebsOnSecurity published findings from security researchers who concluded that a series of six-figure cyberheists across dozens of victims resulted from thieves cracking master passwords stolen from the password manager service LastPass in 2022. In a court filing this week, U.S. federal agents investigating a spectacular $150 million cryptocurrency heist said they had reached the same conclusion.

MalwareBytes Security

Data breaches in 2024: Could it get any worse?

December 31, 2024 0 Comments AT&T, change helathcare, Data Breaches, Dell, national public data, Privacy, Ticketmaster

An overview of what the year 2024 had to offer in the realm of data breaches: Big ones, sensitive data and some duds

Independent Krebs Security

Fintech Giant Finastra Investigating Data Breach

November 19, 2024 0 Comments abyss0, breachforums, Data Breaches, finastra, ke-la.com, Latest Warnings, Ne'er-Do-Well News, The Coming Storm

Credit to Author: BrianKrebs| Date: Wed, 20 Nov 2024 01:12:15 +0000

The financial technology firm Finastra is investigating the alleged large-scale theft of information from its internal file transfer platform, KrebsOnSecurity has learned. Finastra, which provides software and services to 45 of the world’s top 50 banks, notified customers of a potential breach after a cybercriminal began selling more than 400 gigabytes of data purportedly stolen from the company.

Independent Krebs Security

An Interview With the Target & Home Depot Hacker

November 14, 2024 0 Comments A Little Sunshine, aleksandr ermakov, chronopay, Data Breaches, dmitri golubov, helkern, home depot breach, hydra market, mikemike, mikhail lenin, mikhail shefel, Ne'er-Do-Well News, pavel vrublevsky, peter vrublevsky, pharma wars, sprut, sugar ransomware, target breach

Credit to Author: BrianKrebs| Date: Fri, 15 Nov 2024 04:45:32 +0000

In December 2023, KrebsOnSecurity revealed the real-life identity of Rescator, the nickname used by a Russian cybercriminal who sold more than 100 million payment cards stolen from Target and Home Depot between 2013 and 2014. Moscow resident Mikhail Shefel, who confirmed using the Rescator identity in a recent interview, also admitted reaching out because he is broke and seeking publicity for several new money making schemes.

Independent Krebs Security

Change Healthcare Breach Hits 100M Americans

October 30, 2024 0 Comments alphv, anthem inc., blackcat, Data Breaches, Equifax, experian, hipaa journal, idx, Latest Warnings, ransomhub, sen. mark warner, sen. ron wyden, The Coming Storm, transunion, u.s. department of health and human resources, united health group

Credit to Author: BrianKrebs| Date: Wed, 30 Oct 2024 13:34:08 +0000

Change Healthcare says it has notified approximately 100 million Americans that their personal, financial and healthcare records may have been stolen in a February 2024 ransomware attack that caused the largest ever known data breach of protected health information.

Independent Krebs Security

Brazil Arrests ‘USDoD,’ Hacker in FBI Infragard Breach

October 18, 2024 0 Comments A Little Sunshine, CrowdStrike, Data Breaches, equation corp, FBI, hackread, infragard, intel 471, national public data, Ne'er-Do-Well News, netsec, RaidForums, tecmundo, tv globo, usdod

Credit to Author: BrianKrebs| Date: Fri, 18 Oct 2024 12:33:51 +0000

Brazilian authorities reportedly have arrested a 33-year-old man on suspicion of being “USDoD,” a prolific cybercriminal who rose to infamy in 2022 after infiltrating the FBI’s InfraGard program and leaking contact information for 80,000 members. More recently, USDoD was behind a breach at the consumer data broker National Public Data that led to the leak of Social Security numbers and other personal information for a significant portion of the U.S. population.

Independent Krebs Security

National Public Data Published Its Own Passwords

August 19, 2024 0 Comments A Little Sunshine, atlas data privacy corp., Breadcrumbs, creationnext, Data Breaches, national public data breach, npd.pentester.com, npdbreach.com, salvatore verini, The Coming Storm, usinfosearch.com

Credit to Author: BrianKrebs| Date: Mon, 19 Aug 2024 16:23:31 +0000

New details are emerging about a breach at National Public Data (NPD), a consumer data broker that recently spilled hundreds of millions of Americans’ Social Security Numbers, addresses, and phone numbers online. KrebsOnSecurity has learned that another NPD data broker which shares access to the same consumer records inadvertently published the passwords to its back-end database in a file that was freely available for download from its homepage until today.

← Previous