Sotheby's has disclosed a data breach impacting personal information, including SSNs.

The post Hackers Steal Sensitive Data From Auction House Sotheby’s appeared first on SecurityWeek.

Hackers stole names, addresses, dates of birth, email addresses, Social Security numbers, government IDs, and other information.

The post Prosper Data Breach Impacts 17.6 Million Accounts appeared first on SecurityWeek.

Hackers have posted over 1 Tb of information allegedly stolen from Harvard on the Cl0p data leak website.

The post Harvard Is First Confirmed Victim of Oracle EBS Zero-Day Hack appeared first on SecurityWeek.

In early September, hackers stole the firewall configuration backup files stored using the MySonicWall service.

The post All SonicWall Cloud Backup Users Had Firewall Configurations Stolen appeared first on SecurityWeek.

The hackers claim the theft of over 2 million photos of government identification documents provided to Discord for age verification.

The post Discord Says 70,000 Users Had IDs Exposed in Recent Data Breach appeared first on SecurityWeek.

The hackers claim the theft of 27 gigabytes of data, including contracts, employee information, and financial documents.

The post Ransomware Group Claims Attack on Beer Giant Asahi appeared first on SecurityWeek.

Hackers accessed user accounts and compromised names, addresses, phone numbers, email addresses, and other information.

The post DraftKings Warns Users of Credential Stuffing Attacks appeared first on SecurityWeek.

BK Technologies has informed the SEC that it discovered an IT intrusion on September 20. 

The post Hackers Stole Data From Public Safety Comms Firm BK Technologies appeared first on SecurityWeek.

Names, usernames, email addresses, contact information, IP addresses, and billing information was compromised.

The post Discord Says User Information Stolen in Third-Party Data Breach appeared first on SecurityWeek.

Salesforce says the extortion attempts are related to past or unsubstantiated incidents, and not to fresh intrusions.

The post Hackers Extorting Salesforce After Stealing Data From Dozens of Customers appeared first on SecurityWeek.

Doctors Imaging Group is informing customers about a cybersecurity incident nearly a year after it occurred. 

The post Data Breach at Doctors Imaging Group Impacts 171,000 People appeared first on SecurityWeek.

The brewing giant has reverted to manual order processing and shipment as operations at its Japanese subsidiaries are disrupted.

The post Beer Giant Asahi Says Data Stolen in Ransomware Attack appeared first on SecurityWeek.

Federal courts are upgrading their cybersecurity on a number of fronts, but multifactor authentication for the system that gives the public access to court data poses “unique challenges,” the Administrative Office of the United States Courts told Sen. Ron Wyden in a letter this week.

Wyden, D-Ore., wrote a scathing August letter to the Supreme Court in response to the latest major breach of the federal judiciary’s electronic case filing system. The director of the Administrative Office of the United States Courts responded on behalf of the Supreme Court.

It is “simply not the case” that the courts have, in the words of Wyden, “ignored” advice from experts on securing the Case Management/Electronic Case Files (CM/ECF) system, wrote Robert Conrad Jr., director of the office.

“Substantial planning for the modernization effort began in 2022, and we are now approaching the development and implementation phase of the project,” he wrote in the Sept. 30 letter. “We expect implementation will begin in the next two years in a modular and iterative manner.”

In recent years, the office has been testing technical components on its modernization effort, and is centralizing the operation of data standards to enable security, Conrad said.

Wyden took the office to task for not enabling phishing-resistant multifactor authentication (MFA). Conrad wrote that the office was in the process of rolling out MFA to the 5 million users of PACER, the public case data system.

“The Judiciary has unique challenges in implementing MFA due to the significant diversity of users,” he responded. “PACER users range from sophisticated, high-volume data aggregators and well-resourced law firms to journalists and ordinary citizens, to indigent litigants. All PACER users need access to court records, but some do not have traditional forms of MFA they can use. The design and implementation of our MFA implementation requires consideration of these unique needs.”

Wyden also took issue with the lack of public explanations about the series of court breaches. Conrad wrote that the breaches are “sensitive from both a law enforcement and national security perspective,” and need to be kept confidential, but noted that the courts have briefed congressional Judiciary, Appropriations and Intelligence committees on a classified basis.

“Even after back-to-back catastrophic hacks of the federal court system, Chief Justice [John Roberts] continues to stonewall Congress and cover up the judiciary’s gross negligence that has enabled these hacks,” Wyden said in response to the Conrad letter. “It is long past time for the courts to follow the same minimum cybersecurity standards as the executive branch, but since Chief Justice Roberts and the Judicial Conference refuse to set such requirements, Congress must step in and legislate.”

Court Watch was the first to report on the contents of the letter.

The post Federal judiciary touts cybersecurity work in wake of latest major breach appeared first on CyberScoop.

Hackers claim to have stolen 28,000 private repositories, including data associated with major companies that use Red Hat services.

The post Red Hat Confirms GitLab Instance Hack, Data Theft appeared first on SecurityWeek.

Red Hat on Thursday confirmed an attacker gained access to and stole data from a GitLab instance used by its consulting team, exposing some customer data. The open-source software company, a subsidiary of IBM, said the breach is contained and an investigation into the attack is underway. 

“Upon detection, we promptly launched a thorough investigation, removed the unauthorized party’s access, isolated the instance, and contacted the appropriate authorities,” Red Hat said in a security update. “Our investigation, which is ongoing, found that an unauthorized third party had accessed and copied some data from this instance.”

Red Hat said the compromised GitLab instance contained work related to consulting engagements with some customers, including project specifications, example code snippets and internal communications about the consulting services. 

“This GitLab instance typically does not house sensitive personal data,” Red Hat said. “While our analysis remains ongoing, we have not identified sensitive personal data within the impacted data at this time.”

GitLab underscored that the incident involves a self-managed instance of its free GitLab Community Edition. “There has been no breach of GitLab’s managed systems or infrastructure. GitLab remains secure and unaffected,” a GitLab spokesperson said in a statement.

“Customers who deploy free, self-managed instances on their own infrastructure are responsible for securing their instances, including applying security patches, configuring access controls, and maintenance,” the spokesperson added.

A cybercrime group calling itself Crimson Collective claimed responsibility for the attack and said it stole more than 28,000 repositories from Red Hat’s GitLab instance. The threat group published a directory tree on Telegram listing the names of hundreds of companies it claims were impacted by the attack. 

The Centre for Cybersecurity Belgium published a warning Thursday, describing the breach as a high risk that potentially exposed sensitive information including credentials, tokens and network configuration data shared with Red Hat’s consulting team. 

“We have no reason to believe the security issue impacts any of our other Red Hat services or products and are highly confident in the integrity of our software supply chain,” a spokesperson said in a statement. 

The company said potential exposure is limited to Red Hat Consulting customers, adding that those who are impacted will be notified directly.

“Red Hat takes the security and integrity of our systems and the data entrusted to us extremely seriously, and we are addressing this issue with the highest priority,” the company said.

Red Hat did not say when it detected the intrusion, but said additional hardening measures have been implemented to prevent further access.

Update: 10/3/2025, 10:13 a.m.: This story was updated to include comments from GitLab.

The post Red Hat confirms breach of GitLab instance, which stored company’s consulting data appeared first on CyberScoop.

The Canadian airline fell victim to a cyberattack in June and has completed the analysis of stolen information.

The post 1.2 Million Impacted by WestJet Data Breach appeared first on SecurityWeek.

The hackers stole names, contact details, Social Security numbers, and driver’s license numbers in an August 19 ransomware attack.

The post 766,000 Impacted by Data Breach at Dealership Software Provider Motility appeared first on SecurityWeek.

In July, hackers stole files containing names, addresses, dates of birth, and Social Security numbers from a cloud-based CRM.

The post 1.5 Million Impacted by Allianz Life Data Breach appeared first on SecurityWeek.

The company says names, contact details, and ID documents provided in connection with reservations and travel were stolen from its systems.

The post Canadian Airline WestJet Says Hackers Stole Customer Data appeared first on SecurityWeek.

Four people were arrested in July on suspicion of their involvement in cyberattacks against Harrods and two other leading British retail chains, Marks & Spencer and the Co-op and Harrods.

The post British Department Store Harrods Warns Customers That Some Personal Details Taken in Data Breach appeared first on SecurityWeek.