[Security News] Cloud security emerging the importance for the companies, such as data breach from AMD, DPH, TEG, and Unified School
June 26, 2024
1. AMD Investigating Breach Claims After Hacker Offers to Sell Data
The hacker known as IntelBroker announced on the BreachForums cybercrime forum that he sells the AMD.com data breach. The data offered for sale allegedly includes information on future AMD products, customer and employee databases, datasheets, source code, property files, firmware, and financial documents. The employee database allegedly includes information such as name, job role, phone number, and email address. This information could jeopardize AMD’s competitive edge and thus the breach raises concerns about intellectual property theft and corporate espionage. AMD’s statement suggests that the data, if authentic, could originate from a third-party hosting provider rather than directly from the chipmaker’s own systems.
Source : Securiti week, Hack Read, Tom’s Hardware, The Cyber Express
2. LA County’s Department of Public Health (DPH) data breach impacted over 200,000 individuals
The LA County’s Department of Public Health announced that the personal information of more than 200,000 was compromised after a data breach that occurred between February 19 and February 20, 2024. Threat actors obtained the log-in credentials of 53 Public Health employees through a phishing campaign. Potentially compromised e-mail accounts may have included DPH clients/employees/other individuals’ first and last name, date of birth, diagnosis, prescription, medical record number/patient ID, Medicare/Med-Cal number, health insurance information, Social Security Number, and other financial information.
Source : Infosecurity, Security week, The Cyber Express, SC Media
3. Los Angeles Unified confirms student data stolen in Snowflake account hack
The Los Angeles Unified School District has confirmed a data breach after threat actors stole student and employee data by breaching the company’s Snowflake account. Earlier this month, a threat actor began to sell data from numerous companies, including TicketMaster, Satandar Bank, Advance Auto Parts, and Pure Storage, with the hacker stating it was stolen from SnowFlake. A joint investigation by SnowFlake, Mandiant, and CrowdStrike revealed that a threat actor, tracked as UNC5537, used stolen customer credentials to target at least 165 organizations that had not configured multi-factor authentication protection on their accounts.
Sources: Bleeping Computer, Tech Radar, Hack Read
4. Threat actor attempts to sell 30 million customer records allegedly stolen from TEG
A threat actor is offering for sale customer data allegedly stolen from the Australia-based live events and ticketing company TEG. TechCruch first reported that a threat actor is offering for sale data allegedly stolen from the company on a popular hacking forum. The threat actor claims to have obtained information from 30 million users, including full name, username, gender, date of birth, hashed passwords, and email addresses. The threat actor shared a sample of the alleged stolen data as proof of the hack.
Sources: Security Affaris, Tech Radar, SC Media, Dark Reading
Check out Penta Security’s product lines:
Web Application Firewall: WAPPLES
Database Encryption: D’Amo
Identity and Access Management: iSIGN+
Car, Energy, Factory, City Solutions: Penta IoT Security
Click here for inquiries regarding the partner system of Penta Security
Check out the product lines of Cloudbric by Penta Security:
Cloud-based Fully Managed WAAP: Cloudbric WAF+
Agent based Zero Trust Network Access Solution: Cloudbric PAS
Agentless Zero Trust Network Access Solution: Cloudbric RAS
Blockchain: Blockchain Security Solution
Click here for inquiries regarding the partner system of Cloudbric