security

US indicts five individuals in crackdown on North Korea’s illicit IT workforce

Security /

U.S. authorities have indicted five people over their alleged involvement in a multi-year scheme that saw them obtain remote IT employment with dozens of American companies. The Department of Justice on Thursday announced the indictment of North Korean citizens Jin Sung-Il and Pak Jin-Song; Pedro Ernesto Alonso De Los Reyes of Mexico, and U.S. nationals […]

US indicts five individuals in crackdown on North Korea’s illicit IT workforce Read More »

OpenAI says it may store deleted Operator data for up to 90 days

Security /

OpenAI says that it might store chats and associated screenshots from customers who use Operator, the company’s AI “agent” tool, for up to 90 days — even after a user manually deletes them. OpenAI has a similar deleted data retention policy for ChatGPT, its AI-powered chatbot platform. However, the retention period for ChatGPT is only

OpenAI says it may store deleted Operator data for up to 90 days Read More »

Passbolt raises $8M for its open source password manager for teams

Enterprise /

Password managers have become commonplace at this point. But businesses often have different needs than consumers. Teams, after all, often have to share credentials to access resources, all while IT and security teams need ways to control who has access to them. Passbolt, which is announcing an $8 million seed round Thursday, aims to become

Passbolt raises $8M for its open source password manager for teams Read More »

Conduent confirms outage was due to a cybersecurity incident

Security /

U.S. government contractor Conduent, which provides technology to support services such as child support and food assistance, has confirmed that a recent outage was caused by a cybersecurity incident.  Conduent confirmed the disruption, which left some U.S. residents without access to support payments, to TechCrunch on Tuesday but declined to say whether the outage was

Conduent confirms outage was due to a cybersecurity incident Read More »

What PowerSchool isn’t saying about its ‘massive’ student data breach

Security /

It’s only January, but the recent hack of U.S. edtech giant PowerSchool has the potential to be one of the biggest breaches of the year.  PowerSchool, which provides K-12 software to more than 18,000 schools to support some 60 million students in the United States, confirmed the breach in early January. The California-based company, which

What PowerSchool isn’t saying about its ‘massive’ student data breach Read More »

Toronto school district says 40 years of student data stolen in PowerSchool breach

Security /

Canada’s largest school board says hackers may have accessed some 40 years’ worth of student data during the recent PowerSchool breach.  In a letter sent to parents this week, the Toronto District School Board (TDSB) said that the data breach affected all students enrolled in the district between September 1985 and December 2024.  The school

Toronto school district says 40 years of student data stolen in PowerSchool breach Read More »

HPE investigating security breach after hacker claims theft of sensitive data

Enterprise /

Hewlett-Packard Enterprise is investigating a data breach after a well-known hacker claimed to have stolen sensitive information from the company. The hacker, who uses the alias “IntelBroker,” claims to have stolen a trove of data from HPE, the enterprise IT division of hardware giant HP.  In a post on a popular cybercrime forum on January

HPE investigating security breach after hacker claims theft of sensitive data Read More »

Treasury sanctions Salt Typhoon hacking group behind breaches of major US telecom firms

Security /

The U.S. government has announced sanctions against a Chinese organization with links to Salt Typhoon, the hacking group responsible for the largest telecoms hack in U.S. history.  The Treasury Department’s Office of Foreign Assets Control (OFAC) announced on Friday that it had sanctioned a China-based cybersecurity company, known as Sichuan Juxinhe Network Technology, which it

Treasury sanctions Salt Typhoon hacking group behind breaches of major US telecom firms Read More »

Clop ransomware gang names dozens of victims hit by Cleo mass-hack, but several firms dispute breaches

Security /

The prolific Clop ransomware gang has named dozens of corporate victims it claims to have hacked in recent weeks after exploiting a vulnerability ​​in several enterprise popular file transfer products developed by U.S. software company Cleo.  In a post on its dark web leak site, seen by TechCrunch, the Russia-linked Clop gang listed 59 organizations

Clop ransomware gang names dozens of victims hit by Cleo mass-hack, but several firms dispute breaches Read More »

PowerSchool data breach victims say hackers stole ‘all’ historical student and teacher data

Security /

U.S. school districts affected by the recent cyberattack on edtech giant PowerSchool have told TechCrunch that hackers accessed “all” of their historical student and teacher data stored in their student information systems.  PowerSchool, whose school records software is used to support more than 50 million students across the United States, was hit by an intrusion

PowerSchool data breach victims say hackers stole ‘all’ historical student and teacher data Read More »