5 articles tagged with "credential theft".
One of the largest retail data breaches in history exposed 57 million Hot Topic, Torrid, and BoxLunch customer records including 25 million credit card numbers after attackers compromised Snowflake cloud credentials stolen via infostealer malware.
A phishing campaign uses clean PDF attachments hosted on Vercel to redirect victims to fake Dropbox login pages, bypassing email security by avoiding traditional malware or suspicious links.
APT28 targets energy, defense, and policy organizations in Turkey, the Balkans, and Central Asia with phishing campaigns using legitimate PDFs from real think tanks and free hosting infrastructure.
A credential theft campaign targeting Snowflake customer accounts without MFA resulted in data theft from over 165 organizations including Ticketmaster, AT&T, Santander, and Advance Auto Parts.
A compromised credential without MFA enabled allowed a hacker to access PowerSchool's systems for nine days, exfiltrating personal data of 62 million students and 9.5 million educators in the largest breach of children's data in U.S. history.