London Hospitals Data Breached in Synnovis Ransomware Attack, Massive Snowflake Supply Chain Attack at Snowflake Causes Data Breaches at Ticketmaster, Satander Bank and Advance Auto Parts.
Synnovis Ransomware Cyber Attack Impacts London Hospitals
A ransomware attack disrupted pathology services provider Synnovis’ IT systems in June, delaying blood tests and other laboratory work for major London hospitals served by the company. The outage posed risks for trauma patients needing urgent blood transfusions that could only be provided if critically necessary. Investigations are still ongoing into how the London hospitals ransomware attack occurred and the full scope of impacts on patient services. Read more
Massive Snowflake Cyberattack Exposes Data of Advance Auto Parts Customers
Hackers claim to have stolen over 380 million customer records from Advance Auto Parts, including names, addresses, orders and payment details. The threat actors accessed the automotive retailer’s data through their Snowflake cloud account and are now selling the stolen information online. Snowflake denies any vulnerabilities in their own platform, but acknowledged that attackers used compromised employee credentials to access customer accounts before stealing sensitive customer data. The scale of the data theft has put hundreds of millions of individuals at risk of identity theft and fraud. Read more
PandaBuy Data Breach Exposes Customer Data, Cyberattack Put Users at Risk of Fraud
Hackers exploited a vulnerability in PandaBuy’s web infrastructure in mid-April to access the popular e-commerce platform’s customer database and servers. They extracted the personal information of over 310,000 PandaBuy users, including names, addresses, payment details, and login credentials before demanding money from the company. Even though PandaBuy claims no active payment card details were taken, experts warn criminals could still use the stolen data to carry out phishing scams or access other online accounts if users reused passwords. Read more
FBCS Debt Collector Data Breach Impacts Over 3 Million Americans, FBCS Faces Multiple Lawsuits
In February, debt collector FBCS suffered a data breach compromising the personal and financial details of over 3.2 million Americans. It took the company over two months to begin notifying victims in April. Stolen information varied but could include Social Security numbers, health records, and payment details. At least 14 lawsuits have since been filed against FBCS alleging failure to protect consumer data and comply with timely breach notification requirements. Read more
Snowflake Data Breach Linked to Satander and Ticketmaster Breaches
Investigations traced data breaches at companies including Ticketmaster and Santander Bank back to unauthorized access of customer data stored with cloud data warehouse provider Snowflake. A hacker claimed to have stolen information from over 400 Snowflake accounts. It’s believed credentials from an employee’s compromised demo account may have been leveraged. Snowflake acknowledged increased targeting of some accounts but denies any platform vulnerabilities. Read more
Ticketmaster and Ticketek Data Breaches: What You Need to Know
Data breaches at Ticketmaster and Ticketek have compromised information of thousands of customers. Hackers claimed to have stolen the data of over 560 million Ticketmaster users are demanding a ransom payment. Read more
Australian Rare Earths Firm Data Leaked After Chinese Investors Blocked by Australian Government
After Australia blocked Chinese-linked investors from increasing their stake in critical rare earths miner Northern Minerals, large amounts of the company’s private data were anonymously leaked on dark web sites. Stolen information included financial records and personnel details. The timing and alleged lack of identification has raised concerns the data leak could be related to broader geopolitical tensions around Beijing’s dominance of rare earth element supply chains. Read more
Billericay School UK Forced to Close Following a Cyber Attack
A cyberattack on Billericay School in England caused major disruptions in June, after encrypting important school systems and data, rendering them temporarily inaccessible. Read more
