SOUTHFIELD, MI - A newly surfaced dark-web listing claims that 700Credit, a provider of credit-reporting and identity-verification services for auto dealers, suffered a substantial data breach in late October 2025 - potentially exposing more than eight million customer records. What the Listing Claims According to the listing, the compromised database includes highly sensitive consumer information commonly handled by credit-reporting services - full names, Social … [Read more...]
Microsoft Warns Advertisers of New OAuth Consent Phishing Threat Targeting Users
REDMOND, WA - Microsoft has issued a new security alert to users of its Microsoft Advertising platform, warning of a wave of OAuth consent phishing attacks - a sophisticated form of credential theft designed to look completely legitimate. In its notice, Microsoft explained that malicious actors are sending out fake login or permission prompts that appear identical to the company’s official consent screens. Once a user clicks “Accept”, the attacker gains access to sensitive … [Read more...]
Aflac Hit by Sophisticated Cyberattack: What Victims, Businesses Need to Know
COLUMBUS, GA - Aflac Incorporated, a leading supplemental insurance provider, disclosed that its U.S. systems suffered a cyberattack on June 12, 2025, potentially exposing sensitive customer data. The breach was quickly contained, but it may have compromised claims information, health records, Social Security numbers, and other personal identifiers. What We Know So Far Potential Data Exposure Aflac’s Response Broader Industry Implications What Affected … [Read more...]
Record-Breaking Data Leak Exposes 16 Billion Credentials Including Session Tokens
WEST PALM BEACH, FL - A massive trove of approximately 16 billion username-password combinations—along with session tokens and cookies - has surfaced on unsecured servers, cybersecurity researchers confirmed. The cache appears to be an aggregate of around 30 previously known data sets, sourced from malware-based credential thefts and older breaches, rather than a fresh, single-source attack. Security analysts emphasize the sheer volume of data makes it impossible to … [Read more...]
Massive Data Breach Exposes 184 Million Login Credentials from Major Tech Platforms
WEST PALM BEACH, FL - A significant data breach has compromised over 184 million login credentials, affecting users of major platforms including Google, Apple, Meta (Facebook, Instagram), Microsoft, Snapchat, and others. The exposed information includes email addresses, usernames, plaintext passwords, and login URLs, posing a substantial risk of identity theft and unauthorized account access. Cybersecurity researcher Jeremiah Fowler discovered the unprotected database, … [Read more...]
50 Million Potentially Compromised In PowerSchool Data Breach
SACRAMENTO, CA - On December 28, 2024, PowerSchool, a prominent provider of educational technology services to over 60 million K-12 students worldwide, identified a cybersecurity incident involving unauthorized access to its Student Information System (SIS) through the PowerSource customer support portal. The breach, which occurred between December 19 and December 24, 2024, allowed threat actors to exfiltrate sensitive data, including names, addresses, dates of birth, … [Read more...]
“Prolific Puma” Created 75k Unique Domain Names Since April 2022 Used for Scams
SANTA CLARA, CA - Researchers from security vendor Infoblox have uncovered an actor known as “Prolific Puma” that has been revealed as having provided link shortening services for countless cyber criminals for a span of time of at least four years or longer, an act that has likely been responsible for an immense number of scams targeting innocent people. As an example of how Prolific Puma lives up to the "prolific” part of their name, the actor reportedly … [Read more...]
PharMerica Discloses Data Breach That Exposes Info of Nearly 6 Million People
LOUISVILLE, KY - PharMerica, a national pharmacy network owned by BrightSpring Health, has informed nearly 6 million of their members that Social Security numbers, names, birthdates, medical information, and more was exposed in a data breach. The information was stolen between March 12 and March 13. If exploited, cybercriminals can use this information to commit identity theft. On March 14, 2023, we learned of suspicious activity on our computer network. Upon discovering … [Read more...]
NextGen Healthcare Confirms Breach Of Over 1 Million Individuals’ Personal Info
ATLANTA, GA - A security incident has surfaced and you may or may not have been affected. NextGen Healthcare, a healthcare solutions provider, suffered a data breach that exposed the personal information of over 1 million individuals. According to the company, Hackers had access to NextGen systems from March 29 to April 14, 2023, compromising personal information such as full names, addresses, birthdates, and social security numbers. If exploited, cybercriminals can use … [Read more...]
Data Breach: Unauthorized Party Accessed DoorDash Customer Information
SAN FRANCISCO, CA - According to recent reports, a new data security incident has surfaced. DoorDash, a popular food delivery app, detected suspicious activity from the computer network of a third-party vendor, and determined the vendor was compromised by a sophisticated phishing attack. According to the report, certain personal information maintained by DoorDash like names, emails, addresses, phone numbers, and even partial payment card info have been affected. If … [Read more...]
PII Of Up To 4.6 Million Neiman Marcus Customers Potentially Exposed In Breach
PALM BEACH, FL - On Thursday, September 30, 2021, luxury department store Neiman Marcus announced that about 4.6 million of its customers may have had their personally identifiable information or PII compromised in a data breach that occurred in May 2020. The personal information stolen in the breach varied and may have included names and contact information, payment card numbers and expiration dates including virtual gift card numbers. Worse, the cyber-thieves may have … [Read more...]
Critical Vulnerability Exposes over 700,000 Sites Using WP Divi, Extra, and Divi Builder
WEST PALM BEACH, FL - This morning, the Wordfence Threat Intelligence Team published details about a critical vulnerability discovered in two themes by Elegant Themes, Divi and Extra, as well as the Divi Builder plugin. Combined, these products are installed on an estimated 700,000 sites. Elegant Themes provides some of the most popular WordPress themes in the world and includes a visual page builder. We initially reached out to Elegant Themes on July 23, 2020 and, … [Read more...]
It’s Only A Matter of Time Until You Need to Be Licensed to Operate A Web Server
PALM BEACH, FL – I have been thinking about this off and on for a few years now, but I have never really posted or written about it. That is because it is an awful prediction that I hate the idea of, but I think it is going to eventually happen. Here it goes…. I predict that to operate a web server sometime in the near future, you will be required to have a license, or have passed a basic course in IT security or Cybersecurity intrusion mitigation. Not at the single site … [Read more...]
10 Simple Yet Effective Security Tips To Keep You Cyber Safe and Worry Less in 2020
PALM BEACH, FL - There is no shortage of security breaches and data leaks reported in the news this past year. As we all move into 2020, here are some simple tips to help keep you stay cyber safe, so you can worry less and have more to look forward to this year. Don't Shorten 2020 in Dates You shouldn’t shorten the year 2020 when signing things. Scammers can easily change the abbreviated date, for example from “3/30/20” to “3/30/2018”. Make sure to write out the full … [Read more...]
DOJ Seizes Domain Used to Sell Access to Hacked Personal Info and Account Logins
WASHINGTON – Today, the Federal Bureau of Investigation and the U.S. Department of Justice announced that they have seized the internet domain name weleakinfo.com. The announcement was made by U.S. Attorney Jessie K. Liu of the District of Columbia and Special Agent in Charge Timothy M. Dunham of the FBI’s Washington Field Office. The website claimed to provide its users a search engine to review and obtain the personal information illegally obtained in over 10,000 … [Read more...]