data breach | Breaking Cybersecurity News | The Hacker News

The alleged Russian hacker, who was arrested by the FBI in collaboration with the Czech police, was believed to be the one responsible for massive 2012 data breach at LinkedIn, according to a statement released by LinkedIn. Now, United States authorities have officially indicted Yevgeniy Aleksandrovich Nikulin , 29-years-old Russian national, for hacking not just LinkedIn , but also the online cloud storage platform Dropbox, and now-defunct social-networking company Formspring. Nikulin was arrested in Prague [ Watch Video ] on October 5 by the Czech police after Interpol issued an international arrest warrant. According to an indictment unsealed Friday, Nikulin had hacked three Bay Area technology companies in the spring and summer of 2012, which includes LinkedIn Corp, Dropbox, and Formspring. Nikulin gained access to LinkedIn's network between March 3 and March 4, 2012; Dropbox's network between May 14 and July 25, 2012; and Formspring between June 13 and June 2

2016 is the year of data breaches that has made almost every major companies victims to the cyber attacks, resulting in compromise of over billion of online users accounts. Weebly and Foursquare are the latest victims of the massive data breach, joining the list of "Mega-Breaches" revealed in recent months, including LinkedIn , MySpace , VK.com , Tumblr , Dropbox , and the biggest one -- Yahoo . Details for over 43 Million users have been stolen from the San Francisco-based website building service Weebly, according to breach notification site LeakedSource, who had already indexed a copy of the stolen data that it received from an anonymous source. In addition, LeakedSource posted details of the cyber attack in its blog post on Thursday explaining what happened. The attack believed to have been carried out in February 2016. "Unlike nearly every other hack, the Co-founder and CTO of Weebly Chris Fanini fortunately did not have his head buried deeply in the san

Imagine a world where the software that powers your favorite apps, secures your online transactions, and keeps your digital life could be outsmarted and taken over by a cleverly disguised piece of code. This isn't a plot from the latest cyber-thriller; it's actually been a reality for years now. How this will change – in a positive or negative direction – as artificial intelligence (AI) takes on a larger role in software development is one of the big uncertainties related to this brave new world. In an era where AI promises to revolutionize how we live and work, the conversation about its security implications cannot be sidelined. As we increasingly rely on AI for tasks ranging from mundane to mission-critical, the question is no longer just, "Can AI  boost cybersecurity ?" (sure!), but also "Can AI  be hacked? " (yes!), "Can one use AI  to hack? " (of course!), and "Will AI  produce secure software ?" (well…). This thought leadership article is about the latter. Cydrill  (a

India is undergoing the biggest data breaches to date with as many as 3.2 Million debit card details reportedly stolen from multiple banks and financial platforms. The massive financial breach has hit India's biggest banks including State Bank of India (SBI), HDFC Bank, Yes Bank, ICICI Bank and Axis, and customers are advised to change their ATM PIN immediately. Hackers allegedly used malware to compromise the Hitachi Payment Services platform — which is used to power country's ATM, point-of-sale (PoS) machines and other financial transactions — and stole details of 3.2 Million debit cards, reports The Economic Times. Of 3.2 Million debit cards, 2.6 Million are powered by Visa or Mastercard and rest 600,000 work on top of India's own RuPay platform. Hacked Debit Cards Reportedly Used in China It is not yet clear who is behind the cyber attack, but the report adds that a number of affected customers have observed unauthorized transactions made by their cards in v

The alleged Russian hacker arrested by the FBI in collaboration with the Czech police is none other than the hacker who was allegedly responsible for massive 2012 data breach at LinkedIn , which affected nearly 117 Million user accounts. Yevgeniy N , 29-year-old Russian hacker was arrested in Prague on October 5 suspected of participating in conducting cyber-attacks against the United States, according to Reuters . Earlier it was suspected that the hacker could be involved in hacking against the  Democratic National Committee  (DNC), or its presidential candidate Hillary Clinton , intended to influence the presidential election. However, the latest statement released by LinkedIn suggests that the arrest was related to a 2012 data breach at the social network that exposed emails and hashed password of nearly 117 Million users. "We are thankful for the hard work and dedication of the FBI in its efforts to locate and capture the parties believed to be responsible for this

Yahoo! has disabled automatic email forwarding -- a feature that lets its users forward a copy of incoming emails from one account to another. The company has faced lots of bad news regarding its email service in past few weeks. Last month, the company admitted a massive 2014 data breach that exposed account details of over 500 Million Yahoo users. If this wasn't enough for users to quit the service, another shocking revelation came last week that the company scanned the emails of hundreds of millions of its users at the request of a U.S. intelligence service last year. That's enough for making a loyal Yahoo Mail user to switch for other rival alternatives, like Google Gmail, or Microsoft's Outlook. Yahoo Mail Disables Auto-Forwarding; Making It Hard to Leave But as Yahoo Mail users are trying to leave the email service, the company is making it more difficult for them to transition to another email service. That's because since the beginning of Octob

It seems like it is not all over for Yahoo yet. Another day, another bad news for Yahoo! Verizon, which has agreed to purchase  Yahoo for $4.8 Billion , is now asking for a $1 Billion discount, according to recent reports. The request comes after Verizon Communications learned about the recent disclosures about hacking  and spying in past few weeks. Just two weeks ago, Yahoo revealed that at least a half Billion Yahoo accounts were stolen in 2014 hack, marking it as the biggest data breach in history. And if this wasn't enough, the company faced allegations earlier this week that it built a secret tool to scan all of its users' emails last year at the behest of a United States intelligence agency. Due to these incidents, AOL CEO Tim Armstrong, who runs the Verizon subsidiary, is "pretty upset" about Yahoo's lack of disclosure, and is even seeking to pull out of the deal completely or cut the price, the New York Post claimed, citing multiple sources.

TalkTalk, one of the biggest UK-based Telecoms company with 4 million customers, has been issued with a record £400,000 ($510,000) fine for failings to implement the most basic security measures to prevent the hack that made global headlines last year. The penalty has been imposed by the Information Commissioner's Office (ICO) over the high-profile cyber attack occurred in the company last October, which allowed hackers to steal the personal data of its 156,959 customers "with ease." The ICO said on Wednesday that TalkTalk, which offers TV, phone and broadband services, could have prevented the cyber attack if the company had implemented even basic security measures to protect its customers' data. The hacked data of 156,959 customers included full names, postal addresses, dates of birth, telephone numbers, email addresses and TalkTalk accounts information. The hacker also had even access to bank account details and sort codes in almost 16,000 cases. "When i

The massive data breach that Yahoo! confirmed to the world last week is claimed by the company to have been carried out by a "state-sponsored actor" in 2014, which exposed the accounts of at least 500 Million Yahoo users . But, now it seems that Yahoo has downplayed a mega data breach and trying to hide it's own security blunder. Recently the information security firm InfoArmor that analyzed the data breach refuted the Yahoo's claim, stating that the data breach was the work of seasoned cyber criminals who later sold the compromised Yahoo accounts to an Eastern European nation-state. Over 1 Billion Accounts May Have Been Hacked Now, there's one more twist in the unprecedented data heist. A recent advancement in the report indicates that the number of affected Yahoo accounts may be between 1 Billion and 3 Billion. An unnamed, former Yahoo executive who is familiar with the company's security says that the Yahoo's back-end system's arch

If you are a hacker, you might have enjoyed the NSA's private zero-day exploits , malware and hacking tools that were leaked last month. But the question is: How these hacking tools ended up into the hands of hackers? It has been found that the NSA itself was not directly hacked, but a former NSA employee carelessly left those hacking tools on a remote server three years ago after an operation and a group of Russian hackers found them, sources close to the investigation told Reuters . The leaked hacking tools, which enable hackers to exploit vulnerabilities in systems from big vendors like Cisco Systems, Juniper, and Fortinet, were dumped publicly online by the group calling itself " The Shadow Brokers ." NSA officials have also admitted to the FBI that their careless employee acknowledged the error shortly afterward, and hence the agency was aware of its operative's mistake from last three years. But instead of warning the affected companies that their c

500 million accounts — that's half a Billion users! That's how many Yahoo accounts were compromised in a massive data breach dating back to 2014 by what was believed to be a "state sponsored" hacking group. Over a month ago, a hacker was found to be selling login information related to 200 million Yahoo accounts on the Dark Web , although Yahoo acknowledged that the breach was much worse than initially expected. "A recent investigation by Yahoo! Inc. has confirmed that a copy of certain user account information was stolen from the company's network in late 2014 by what it believes is a state-sponsored actor," reads the statement . Yahoo is investigating the breach with law enforcement agency and currently believes that users' names, email addresses, dates of birth, phone numbers, passwords, and in some cases, encrypted and unencrypted security questions-answers were stolen from millions of Yahoo users. However, the company does not believe

Another Day, Another Data Breach! And this time, it's worse than any recent data breaches. Why? Because the data breach has exposed plaintext passwords, usernames, email addresses, and a large trove of other personal information of more than 6.6 Million ClixSense users. ClixSense, a website that claims to pay users for viewing advertisements and completing online surveys, is the latest victim to join the list of " Mega-Breaches " revealed in recent months, including LinkedIn , MySpace , VK.com , Tumblr , and Dropbox . Hackers are Selling Plaintext Passwords and Complete Website Source Code More than 2.2 Million people have already had their personal and sensitive data posted to PasteBin over the weekend. The hackers who dumped the data has put another 4.4 Million accounts up for sale. In addition to un-hashed passwords and email addresses, the dump database includes first and last names, dates of birth, sex, home addresses, IP addresses, payment histories,

Around 324,000 users have likely had their payment records stolen either from payment processor BlueSnap or its customer Regpack ; however, neither of the company has admitted a data breach. BlueSnap is a payment provider which allows websites to take payments from customers by offering merchant facilities, whereas RegPack is a global online enrollment platform that uses BlueSnap to process the financial transactions for its online enrollments. The data breach was initially reported on July 10, when a hacker published a link on Twitter, pointing to a file containing roughly 324,000 records allegedly stolen from Waltham, Massachusetts-based BlueSnap. The tweet has since been deleted, but Australian security expert Troy Hunt took a copy of it for later review to analyze the data and after analyzing, he discovered that the leaked payment records are most likely legitimate. Payment Card Data Including CVV Codes Leaked The data contains users' details registred between 10

US authorities have arrested two North Carolina men on charges that they were part of the notorious hacking group " Crackas With Attitude ." Crackas with Attitude is the group of hackers who allegedly was behind a series of audacious and embarrassing hacks that targeted personal email accounts of senior officials at the CIA, FBI, the White House, Homeland Security Department, and other US federal agencies. Andrew Otto Boggs, 22, of North Wilkesboro, N.C., who allegedly used the handle " INCURSIO ," and Justin Gray Liverman, 24, of Morehead City, who known online as " D3F4ULT ," were arrested on Thursday morning on charges related to their alleged roles in the computer hacking, according to a press release by Department of Justice. A 16-year-old British teenager suspected of being part of the group was arrested in February by the FBI and British police. Although court documents did not name the victims, the hacking group had allegedly: Hacked

Another data breach from 2012, and this time, it's Russia's biggest internet portal and email provider Rambler.ru . Rambler.ru , also known as Russia's Yahoo, suffered a massive data breach in 2012 in which an unknown hacker or a group of hackers managed to steal nearly 100 Million user accounts, including their unencrypted plaintext passwords. The copy of the hacked database obtained by the breach notification website LeakedSource contained details of 98,167,935 Rambler.ru users that were originally stolen on 17 February 2012, but went unreported. The leaked user records in the database included usernames, email addresses, ICQ numbers (IM chat service), social account details, passwords and some internal data, the data breach indexing site said in a blog post . The data breach was reported by the same hacker using the daykalif@xmpp.jp Jabber ID who handed LeakedSource over 43.5 Million user records from another 2012 hack suffered by the Last.fm music streaming se

Another Day, Another Data Breach! If you love to listen to music online and have an account on Last.fm website, your account details may have compromised in a data breach that leaked more than 43 Million user personal data online. Last.fm was hacked in March of 2012 and three months after the breach, London-based music streaming service admitted to the incident and issued a warning, encouraging its users to change their passwords. But now it turns out that the Last.fm data breach was massive, and four years later the stolen data have surfaced in the public. The copy of the hacked database obtained by the data breach indexing website LeakedSource contained 43,570,999 user records that were originally stolen from Last.fm on March 22, 2012, according to timestamps in the database. The leaked records include usernames, hashed passwords, email addresses, the date when a user signed up to the website, and ad-related data. Wait! Have you visited The Hacker News early this wee

Hackers have obtained credentials for more than 68 Million accounts for online cloud storage platform Dropbox from a known 2012 data breach. Dropbox has confirmed the breach and already notified its customers of a potential forced password resets, though the initial announcement failed to specify the exact number of affected users. However, in a selection of files obtained through sources in the database trading community and breach notification service Leakbase , Motherboard found around 5GB of files containing details on 68,680,741 accounts, which includes email addresses and hashed (and salted) passwords for Dropbox users. An unnamed Dropbox employee verified the legitimacy of the data. Out of 68 Million, almost 32 Million passwords are secured using the strong hashing function " BCrypt , " making difficult for hackers to obtain users' actual passwords, while the rest of the passwords are hashed with the SHA-1 hashing algorithm . These password hashes als

The hacker, who recently claimed responsibility for the high-profile hack of Democratic National Committee (DNC), has now taken credit for hacking into the Democratic Congressional Campaign Committee (DCCC) as well. To prove his claims, the hacker, going by the moniker Guccifer 2.0, dumped on Friday night a massive amount of personal information belonging to nearly 200 Democratic House members onto his blog . The notorious hacker published several documents that include cell phone numbers, home addresses, official and personal e-mail addresses, names of staffers, and other personal information for the entire roster of Democratic representatives. The data dump also includes several memos from House Minority Leader Nancy Pelosi's personal computer, detailing fundraisers and campaign overviews. "As you see the US presidential elections are becoming a farce, a big political performance where the voters are far from playing the leading role," the hacker wrote in a

The risks associated with data breaches continue to grow, impacting a variety of industries, tech firms, and social networking platforms. In the past few months, over 1 Billion credentials were dumped online as a result of mega breaches in popular social networks. Now, Oracle is the latest in the list. Oracle has confirmed that its MICROS division – which is one of the world's top three point-of-sale (POS) services the company acquired in 2014 – has suffered a security breach. Hackers had infected hundreds of computers at Oracle's point-of-sale division, infiltrated the support portal used by customers, and potentially accessed sales registers all over the world. The software giant came to know about the data breach after its staff discovered malicious code on the MICROS customer support portal and certain legacy MICROS systems. Hackers likely installed malware on the troubleshooting portal in order to capture customers' credentials as they logged in. These us

Hardly a day goes without headlines about any significant data breach. In the past few months, over 1 Billion account credentials from popular social network sites, including LinkedIn , Tumblr , MySpace and VK.com were exposed on the Internet. Now, the same hacker who was responsible for selling data dumps for LinkedIn, MySpace, Tumblr and VK.com is now selling what is said to be the login information of 200 Million Yahoo! users on the Dark Web . 200 Million Yahoo! Logins for 3 BTC The hacker, who goes by the pseudonym " Peace " or "peace_of_mind," has uploaded 200 Million Yahoo! credentials up for sale on an underground marketplace called The Real Deal for 3 Bitcoins (US$1,824). Yahoo! admitted the company was "aware" of the potential leak, but did not confirm the authenticity of the data. The leaked database includes usernames, MD5-hashed passwords and date of births from 200 Million Yahoo! Users. In some cases, there is also the backup e

There's a lot more to come from the DNC Hack. The Associated Press confirmed yesterday that the computer systems used by Hillary Clinton's presidential campaign were hacked as part of the recent Democratic National Convention (DNC) hack. Last week's email dump containing almost 20,000 emails from top DNC officials was just the beginning, which led DNC Chairwoman Debbie Wasserman Schultz to resign as the group's leader, as WikiLeaks announced that it was part one of its new Hillary Leaks series. This suggests WikiLeaks Founder Julian Assange has had his hands on more data from the DNC hack that, according to him, could eventually result in the arrest of Hillary Clinton. Assange — Wikileaks' Next Leak will lead to Arrest of Hillary Clinton In an interview with Robert Preston of ITV last month, Assange made it clear that he hopes to harm Hillary Clinton's chances from becoming president of the United States, opposing her candidacy on both policies as well