Bank customers complain of phishing attacks via Twitter.

A total of 11 breach events were found and analysed resulting in 9,356,800 exposed accounts containing a total of 17 different data types of personal datum . The breaches found publicly and freely available included US Gamblers, Zen Mobile, Arteza, Stealer - Mixed Logs 0250 and Mobile Legends: Bang Bang. Sign in to view the full library of breach events which includes, where available, reference articles relating to each breach.

Data Breach Analysis

US Gamblers operates within the online gambling industry, handling sensitive information like financial details, user identities, and betting histories. Exposure here can lead to financial fraud, identity theft, and regulatory scrutiny, affecting both users and the company’s operational integrity.

Zen Mobile is a telecommunications provider, likely managing customer contact information, billing data, and usage records. Such breaches risk personal privacy violations, potential account takeovers, and service disruptions, impacting consumers and the provider’s reputation.

Arteza, an art supplies retailer, may have exposed customer purchase histories, payment information, and contact details. This can lead to fraudulent transactions and undermine consumer trust, posing challenges for the company’s compliance and customer relations.

Stealer - Mixed Logs 0250 refers to aggregated data collected from malware-inflicted devices, typically including login credentials, passwords, and other sensitive user information. These collections are commonly exploited in large-scale credential stuffing attacks, amplifying risks across multiple platforms and industries.

Mobile Legends: Bang Bang, a popular online game, likely had player account information compromised, including usernames, progress data, and possibly payment details. Such leaks jeopardise user privacy and can lead to account theft, affecting gamers and the game’s community trust.

Spotlight

One of India's leading banks has had a large data breach posted to a popular hacking forum. The bank in question is one of India's oldest banks, the bank commented with "We wish to state that there is no data leak at ***** Bank and our systems have not been breached or accessed in any unauthorised manner."

However, customers have complained of phishing attacks and have taken to twitter to share their displeasure. What's more concerning than a bunch of dodgy emails being sent to the bank's customers is that some of the users are sharing screenshots from the bank's app displaying what looks like phishing popping up on it. The hackers have, by the looks of it, gained some back-end access to the app.

Unfortunately, those users who have taken to twitter may have interacted with another bad actor because a twitter account with the bank's username (with a slight difference at the end) that joined several days ago has been engaging with users regarding complaints about the service. Is this a well planned operation, or is it the result of a huge data breach being posted online and a bit of a free for all on the bank customers?

In other news, a proxy provider that went offline a while ago has had what seems like a lot of SQL databases exported and dumped publicly online. Various sensitive user information is included in the data; that could be primarily useful for law enforcement purposes.

And finally a site calling itself the best guide for sports and casino gambling in the US has had a huge section of there user base dumped online. The website contains various tips and tricks for a variety of bets.

Smarter Privacy Starts with Awareness
Data Breach Scan, Check Any Domain for Free https://breachaware.com/scan