Breach, Data Security

Telefónica hack disclosed following data exposure

(Adobe Stock)

(Adobe Stock)

Telefónica, which is Spain's leading multinational telecommunications firm, has acknowledged unauthorized access to its internal ticketing system following the exposure of the company's Jira database on a hacking forum by threat actors DNA, Pryx, Grep, and Rey, reports BleepingComputer.

"We are currently investigating the extent of the incident and have taken the necessary steps to block any unauthorized access to the system," said Telefónica, which implemented password resets on affected accounts. Telefónica had its internal Jira development and ticketing server breached via stolen employee credentials on Friday, enabling the exfiltration of nearly 2.3 GB of data, including documents and tickets, according to Pryx, who noted that they had not sought to extort Telefónica. Such a development comes weeks after Schneider Electric had 40 GB of data from its Jira server stolen and leaked by the newly emergent Hellcat ransomware operation, which counts Pryx, Grep, and Rey as its members.

Related

Data breach compromises STIIIZY customers’ data

Infiltration of the vendor's systems between October and November exposed not only individuals' names, ages, and addresses, but also photographs, medical cannabis cards, driver's license numbers, and passport numbers, said STIIIZY in a breach notice and filing with California regulators that did not detail the number of people whose data had been stolen.

Data breach disclosed by BayMark Health Services

Threat actors who infiltrated BayMark's systems from Sep. 24 to Oct. 14 were able to steal individuals' names, birthdates, Social Security numbers, driver's license numbers, insurance details, received services, service dates, and treatment and diagnostic information, said BayMark in breach notices that did not specify the number of people affected by the incident.

Over 360K impacted by Medusind breach

Information compromised in the breach included not only names, birthdates, email addresses, and phone numbers, but also Social Security numbers, driver's licenses, taxpayer IDs, payment details, and health and health insurance and billing data, according to a filing with the Office of the Maine Attorney General.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.

Related Terms

Attack VectorByteCipherCiphertextData AggregationData Loss Prevention (DLP)DecryptionDigital EnvelopeDigital SignatureDigital Signature Standard (DSS)

You can skip this ad in 5 seconds