#databreach
Hackers Claiming Breach of Five Eyes Intelligence Group (FVEY) Documents
A group of hackers has announced the release of sensitive documents purportedly belonging to the Five Eyes Intelligence Group (FVEY), a prominent intelligence alliance comprising Australia, Canada, New Zealand, the United Kingdom, and the United States.
The United States Department of State has launched an investigation into a possible cyber attack after confidential documents, which were reportedly obtained by a malicious actor, were leaked from a government contractor.
Breach Announcement on BreachForums
The announcement was made on a forum known as BreachForums, where a user with the handle “IntelBroker” posted a message to the community.
Run Free ThreatScan on Your Mailbox
AI-Powered Protection for Business Email Security
Trustifi’s Advanced threat protection prevents the widest spectrum of sophisticated attacks before they reach a user’s mailbox. Try Trustifi Free Threat Scan with Sophisticated AI-Powered Email Protection .
The post, dated April 2, 2024, claims that the data was obtained by infiltrating Acuity Inc, a company alleged to work closely with the US government and its allies.
According to a recent tweet by HackManac, the alleged security breach at Acuity Inc has resulted in the exposure of highly sensitive intelligence documents belonging to the Five Eyes Intelligence Group (FVEY).
[
](https://twitter.com/hashtag/DataBreach?src=hash&ref_src=twsrc%5Etfw)
Alert ⚠️
🇺🇸
[
](https://twitter.com/hashtag/USA?src=hash&ref_src=twsrc%5Etfw)
: Alleged Acuity Inc breach leads to leak of sensitive Five Eyes Intelligence Group (FVEY) documents.
The threat actor group consisting of IntelBroker, Sanggiero, and EnergyWeaponUser claims to have breached Acuity Inc, a federal tech consulting firm,…
[
pic.twitter.com/qGV8IUmkT7
— HackManac (@H4ckManac)
[
April 3, 2024
](https://twitter.com/H4ckManac/status/1775402497768628236?ref_src=twsrc%5Etfw)
The hackers assert that the breach resulted in acquiring full names, emails, office numbers, personal cell numbers, and government, military, and Pentagon email addresses.
⚠️
[
](https://twitter.com/hashtag/BREAKING?src=hash&ref_src=twsrc%5Etfw)
⚠️Allegedly, notorious threat actor IntelBroker, has released National Security Documents and data. Per IntelBroker below..
[
](https://twitter.com/hashtag/Clearnet?src=hash&ref_src=twsrc%5Etfw)
[
](https://twitter.com/hashtag/DarkWebInformer?src=hash&ref_src=twsrc%5Etfw)
[
](https://twitter.com/hashtag/Cyberattack?src=hash&ref_src=twsrc%5Etfw)
[
](https://twitter.com/hashtag/Cybercrime?src=hash&ref_src=twsrc%5Etfw)
[
](https://twitter.com/hashtag/Infosec?src=hash&ref_src=twsrc%5Etfw)
[
](https://twitter.com/hashtag/CTI?src=hash&ref_src=twsrc%5Etfw)
[
](https://twitter.com/hashtag/NSA?src=hash&ref_src=twsrc%5Etfw)
Documents belonging to the Five Eyes Intelligence..
Compromised Data:…
[
pic.twitter.com/I5n41utQN9
— Dark Web Informer (@DarkWebInformer)
[
April 2, 2024
](https://twitter.com/DarkWebInformer/status/1775295354910466200?ref_src=twsrc%5Etfw)
The compromised data also includes classified information and communications between the Five Eyes countries and their allies.
Implications of the Leak
If confirmed, the leak could have significant implications for national security and the operational integrity of the intelligence-sharing network.
The Five Eyes alliance is known for its collaborative intelligence gathering and analysis efforts, playing a pivotal role in global security operations.
At the time of reporting, there has been no official statement from any of the Five Eyes member countries or Acuity Inc. regarding the authenticity of the leaked documents or the extent of the breach.
The silence from official channels has led to speculation and concern among cybersecurity experts and government officials alike.
Cybersecurity agencies are likely to conduct thorough investigations to ascertain the validity of the claims made by the hackers.
The incident underscores the persistent threat cybercriminals pose to national and international security.
`Is Your Network Under Attack? - Read CISO’s Guide to Avoiding the Next Breach - Download Free Guide`
The post Hackers Claiming Breach of Five Eyes Intelligence Group (FVEY) Documents appeared first on GBHackers on Security | #1 Globally Trusted Cyber Security News Platform.
posted by pod_feeder
Hackers Claim 740GB of Data Stolen from Viber VOIP Platform
Viber, known for its encrypted messaging and voice services, boasts millions of users worldwide who rely on its platform for secure communication.
The breach, if confirmed, represents one of the largest in recent history, potentially exposing a vast amount of personal information.
Viber’s Response
In response to the allegations, Viber has issued a statement acknowledging the potential security incident and has launched an immediate investigation.
Mitigating Vulnerability & 0-day Threats
Alert Fatigue that helps no one as security teams need to triage 100s of vulnerabilities. :
The problem of vulnerability fatigue today
Difference between CVSS-specific vulnerability vs risk-based vulnerability
Evaluating vulnerabilities based on the business impact/risk
Automation to reduce alert fatigue and enhance security posture significantly
AcuRisQ, that helps you to quantify risk accurately:
Book Your spot “We are aware of the claim and are investigating the validity of the alleged breach with utmost urgency.
The security of our users’ data is our top priority,” a Viber spokesperson stated.
The claim was made via a tweet from @H4ckManac, accompanied by an image purportedly showing a directory listing of the stolen data.
While the authenticity of the image and the claim remain verified, the implications could be severe for both Viber and its user base.
[
](https://twitter.com/hashtag/DataBreach?src=hash&ref_src=twsrc%5Etfw)
Alert ⚠️
Threat group claims to sell 740 GB of data and the source code of Viber for 8 Bitcoin ($583,000 at today's value).
We will delve deeper into the issue and report the potential threat to the appropriate authorities.
As soon as reliable information is…
[
pic.twitter.com/cIqBbAxRQf
— HackManac (@H4ckManac)
[
March 14, 2024
](https://twitter.com/H4ckManac/status/1768264551932297284?ref_src=twsrc%5Etfw)
Security Experts Weigh In:
Cybersecurity experts have expressed concern over the breach, highlighting the potential risks to user privacy.
“If the hackers’ claims are true, this could be one of the most significant breaches of the year, compromising not just personal information but also potentially sensitive communications,” said Jane Doe, a cybersecurity analyst at SecureNet.
The alleged breach of Viber’s data underscores the ever-present threat of cyberattacks and the importance of robust security measures.
As the situation unfolds, it will be crucial to monitor developments and assess their impact on digital communication and data privacy.
With Perimeter81 malware protection, you can block malware, including Trojans, ransomware, spyware, rootkits, worms, and zero-day exploits. All are incredibly harmful and can wreak havoc on your network.
Stay updated on Cybersecurity news, Whitepapers, and Infographics. Follow us on LinkedIn & Twitter.
The post Hackers Claim 740GB of Data Stolen from Viber VOIP Platform appeared first on GBHackers on Security | #1 Globally Trusted Cyber Security News Platform.
posted by pod_feeder
20 Million+ Cutout.Pro User Records Leaked On Hacking Forums
CutOut.Pro, an AI-powered photo and video editing platform, has reportedly suffered a data breach, exposing personal information belonging to over 20 million users.
The breach was first brought to light by an individual using the alias ‘KryptonZambie’ on the BreachForums hacking forum, where they shared a link to CSV files containing 5.93 GB of data purportedly stolen from CutOut.Pro.
[
](https://twitter.com/hashtag/DataBreach?src=hash&ref_src=twsrc%5Etfw)
Alert ⚠️
20 million records of
[
allegedly leaked
A database of more than 20 million records belonging to
[
has been leaked on a hacking forum. The threat actor with the alias "KryptonZambie" claims to still have access to…
[
pic.twitter.com/acCpMB5FE0
— HackManac (@H4ckManac)
[
February 27, 2024
](https://twitter.com/H4ckManac/status/1762387053889675658?ref_src=twsrc%5Etfw)
The leaked data encompasses a wide array of personal information, including user IDs, profile pictures, API access keys, account creation dates, email addresses, user IP addresses, mobile phone numbers, hashed and salted passwords, user types, and account statuses.
This breach has been confirmed by the data breach monitoring and alerting service Have I Been Pwned (HIBP), which added the incident to its catalog, verifying that the dataset includes information for 19,972,829 individuals.
New breach: AI-powered design platform Cutout[.]Pro had 20M records breached earlier this week including email and IP address, name and salted MD5 password hash. 29% were already in
[
@haveibeenpwned
](https://twitter.com/haveibeenpwned?ref_src=twsrc%5Etfw)
. Read more:
[
— Have I Been Pwned (@haveibeenpwned)
[
February 28, 2024
](https://twitter.com/haveibeenpwned/status/1762967511820300370?ref_src=twsrc%5Etfw)
CutOut.Pro is renowned for its AI-driven capabilities in enhancing images, removing backgrounds, colorizing, restoring old photos, and generating content, making it a popular choice among users seeking advanced editing tools.
However, the breach has raised serious concerns about the platform’s security measures and the potential risks to users’ privacy and online safety.
The threat actor behind the leak, ‘KryptonZambie’, claimed to still have access to the breached system at the time of the data’s publication, indicating that CutOut.Pro may not have been aware of the compromise.
This ongoing access raises the possibility of further data exfiltration or malicious activities using the compromised information.
Recommendation for CutOut.Pro users
In response to the breach, cybersecurity experts recommend that CutOut.Pro users immediately reset their passwords on the service and any other platforms where they might have reused the same credentials.
Given that the passwords were hashed using MD5, a relatively weak algorithm by modern standards, there is a realistic possibility that threat actors could brute-force the leaked password hashes.
Moreover, users should remain vigilant for targeted phishing scams that may attempt to exploit the leaked information to gather additional personal data or trick individuals into compromising their online accounts further.
Despite the severity of the breach, CutOut.Pro has not yet issued an official statement verifying the security incident.
This lack of communication from CutOut.Pro adds to the concerns surrounding the breach and the company’s handling of the situation.
This is a developing story; we will add further details once we have an update.
You can block malware, including Trojans, ransomware, spyware, rootkits, worms, and zero-day exploits, with Perimeter81 malware protection. All are incredibly harmful, can wreak havoc, and damage your network.
Stay updated on Cybersecurity news, Whitepapers, and Infographics. Follow us on LinkedIn & Twitter.
The post 20 Million+ Cutout.Pro User Records Leaked On Hacking Forums appeared first on GBHackers on Security | #1 Globally Trusted Cyber Security News Platform.
posted by pod_feeder
#NHS #DataBreach: trusts shared #patient details with #Facebook without consent | #Health | The Guardian
Why would any public body want to give private information to Facebook?
Data are Liability: Billion-record stolen Chinese database for sale on breach forum
A threat actor has taken to a forum for news and discussion of data breaches with an offer to sell what they assert is a database containing records of over a billion Chinese civilians – allegedly stolen from the Shanghai Police.
Over the weekend, reports started to surface of a post to a forum at Breached.to. The post makes the following claim:
In 2022, the Shanghai National Police (SHGA) database was leaked. This database contains many TB of data and information on Billions of Chinese citizens.
HN discussion: https://news.ycombinator.com/item?id=31986441
Nothing tracks like a police state.
And nothing leaks like a police state.
https://www.theregister.com/2022/07/05/shanghai_police_database_for_sell/
#DataAreLiability #Shanghai #China #Surveillance #SurveillanceState #DataBreach
#lockbit added @thalesgroup to their victims' list !!
#ransomware #CyberAttack #databreach
Source: https://nitter.eu/S0ufi4n3/status/1478019768431087623
Karl Auerbach on the NSA and "Target"-ed survaillance:
The recent penetration of Target will probably cause more economic damage than many so called "terrorist" attacks.
NSA claims that it is protecting the US by doing massive evaluation of internet data crossing the US border.
That the penetration of Target was all carried via internet data crossing the US border.
Why did NSA not see this happening?
And why is it unable to now look at the data in retrospect?
(From the Plus).
Peter Bachman replies:
I was told that the NSA did give the information to Target, but I have not looked up a reference.
Reference on that?
#NSA #surveillancestate #prism #databreach #debitcard #Target