#data-breach

#data-breach

The Royal Borough of Kensington and Chelsea (RBKC) in Greater London is in the process of contacting households across the borough after establishing in December that personal data on thousands of residents was stolen in a cyber attack on shared systems operated by the council. Over a month after the incident, several services remain disrupted or are operating in a limited capacity.

For residents and patients, the account information included first and last name, Social Security number, date of birth, Medicare number, or medical treatment and condition information. For those individuals who were not residents, personal information involved first and last name, in combination with one or more of the following data element(s): Social Security number, passport number, driver's license or state identity card information, medical information, health insurance information, and online log-in information corresponding with the individual whose email account was compromised.

The crim says the haul spans more than 800 classified raw LiDAR point cloud files in .las format ranging from 100 MB to 2 GB each; full coverage of transmission line corridors and substations, which includes layers for bare earth, vegetation, conductors, and structures; high-resolution orthophotos in .ecw format; MicroStation design files and PTC settings; large vegetation feature files in .xyz format; and other files from active projects.

On Tuesday, the company confirmed it has begun notifying around 22.65 million whose data was stolen during the cyberattack. In a filing with the Texas attorney general, Aflac said that the stolen data includes customer names, dates of birth, home addresses; government-issued ID numbers (such as passports and state ID cards) and driver's license numbers, and Social Security numbers; as well as medical and health insurance information.

Ransomware hacks, data theft, crypto scams and sextortion cover a broad range of cybercrimes carried out by an equally varied list of assailants. But there is also an English-speaking criminal ecosystem carrying out these activities that defies conventional categorisation. Nonetheless, it does have a name: the Com. Short for community, the Com is a loose affiliation of cyber-criminals, largely native English language speakers typically aged from 16 to 25.

Curzon cinema has admitted a major app failure that left dozens of customers' personal details exposed to complete strangers. The upmarket cinema chain which runs 10 venues across London plus its Curzon Home Cinema streaming service said the error meant other users could see people's names, emails, phone numbers, dates of birth, profile photos and membership tiers. In some cases, even the last four digits of saved bank cards were visible.

A stalkerware maker who was banned from the surveillance industry after a data breach that exposed the personal information of its customers, as well as the people they were spying on, will not be able to go back to selling the invasive software, according the U.S. Federal Trade Commission. The FTC denied a request to cancel that ban made by Scott Zuckerman, the founder of consumer spyware company Support King and its subsidiaries SpyFone and OneClickMonitor.

Last week, pet products and services giant Petco confirmed that it experienced a data breach involving customers' personal information, without specifying what type of data was affected. On Friday, in a legally required filing with Texas' attorney general's office, Petco reported that the affected data included: names, Social Security numbers, driver's license numbers, financial information such as account numbers, credit or debit card numbers, and dates of birth.

An AI image creator startup left its database unsecured, exposing more than a million images and videos its users had created-the "overwhelming majority" of which depicted nudes and even nude images of children. A US inspector general report released its official determination that Defense Secretary Pete Hegseth put military personnel at risk through his negligence in the SignalGate scandal, but recommended only a compliance review and consideration of new regulations.