cyberattack

Malware stole internal PowerSchool passwords from engineer’s hacked computer

Security /

A cyberattack and data breach at U.S. edtech giant PowerSchool that was discovered December 28 threatens to expose the private data of tens of millions of school children and teachers.  PowerSchool told customers the breach was linked to the compromise of a subcontractor’s account. TechCrunch learned this week of a separate security incident, involving a […]

Malware stole internal PowerSchool passwords from engineer’s hacked computer Read More »

A breach of a data broker’s trove of location data threatens the privacy of millions

Security /

A hack and data breach at location data broker Gravy Analytics is threatening the privacy of millions of people around the world, whose smartphone apps unwittingly revealed their location data collected by the data giant. The full scale of the data breach isn’t yet known, but the alleged hacker has already published a large sample

A breach of a data broker’s trove of location data threatens the privacy of millions Read More »

China hacked US Treasury’s CFIUS, which reviews foreign investments for national security risks

Security /

Chinese hackers have reportedly breached a key office within the U.S. Treasury tasked with reviewing foreign investments and transactions that could threaten U.S. national security. CNN reports, citing U.S. officials familiar with the incident, that the Chinese hackers targeted the Committee on Foreign Investment in the United States, or CFIUS, which can approve or deny

China hacked US Treasury’s CFIUS, which reviews foreign investments for national security risks Read More »

Ukrainian hackers take credit for hacking Russian ISP that wiped out servers and caused internet outages

Security /

Russian internet provider Nodex said it was in the process of restoring its systems after a destructive cyberattack earlier this week that saw hackers compromise its network and wipe its internal servers, causing an immediate and complete collapse of internet connectivity to its Russian customers. According to data from networking giant Cloudflare, which monitors internet

Ukrainian hackers take credit for hacking Russian ISP that wiped out servers and caused internet outages Read More »

Washington sues T-Mobile over 2021 data breach that spilled 79 million customer records

Security /

The U.S. state of Washington has sued T-Mobile over allegations the phone giant failed to secure the personal data of millions of state residents prior to an August 2021 data breach, which went on to affect more than 79 million customers across the United States. In a statement announcing the lawsuit, Washington attorney general Bob

Washington sues T-Mobile over 2021 data breach that spilled 79 million customer records Read More »

CISA says ‘no indication’ of wider government hack beyond Treasury

Security /

U.S. cybersecurity agency CISA said in a brief statement Monday that there is “no indication” that any other U.S. federal agency was hacked during a recent cyberattack at the U.S. Treasury Department in December. The Treasury confirmed the breach on December 30, attributing the intrusion to China government-backed hackers, telling senior U.S. lawmakers in a

CISA says ‘no indication’ of wider government hack beyond Treasury Read More »

US Treasury says China stole documents in ‘major’ cyberattack

Security /

The U.S. Treasury told lawmakers in a letter Monday that it was hit by a cyberattack earlier in December, which the department has attributed to Chinese government hackers. In the letter shared with senior U.S. House lawmakers, which TechCrunch has seen, the Treasury said the hackers gained remote access to certain Treasury employee workstations and

US Treasury says China stole documents in ‘major’ cyberattack Read More »

Cyberhaven says it was hacked to publish a malicious update to its Chrome extension

Security /

Data-loss prevention startup Cyberhaven says hackers published a malicious update to its Chrome extension that was capable of stealing customer passwords and session tokens, according to an email sent to affected customers, who may have been victims of this suspected supply-chain attack. Cyberhaven confirmed the cyberattack to TechCrunch on Friday but declined to comment on

Cyberhaven says it was hacked to publish a malicious update to its Chrome extension Read More »

Clop ransomware gang takes credit for latest mass hack that breached dozens of companies

Security /

Clop, a prolific ransomware gang, has taken credit for stealing data from at least 66 companies by exploiting a bug in widely used corporate file transfer tools made by Cleo Software. The cybercriminal gang on Tuesday listed on its dark web leak site the partial names of companies it hacked, which TechCrunch has seen, but

Clop ransomware gang takes credit for latest mass hack that breached dozens of companies Read More »

How the ransomware attack at Change Healthcare went down: A timeline

Security /

A ransomware attack earlier this year on UnitedHealth-owned health tech company Change Healthcare likely stands as one of the largest data breaches of U.S. health and medical data in history. Months after the February data breach, a “substantial proportion of people living in America” are receiving notice by mail that their personal and health information

How the ransomware attack at Change Healthcare went down: A timeline Read More »