A total of 8 breaches were found and analysed resulting in 11,884,976 leaked accounts containing a total of 8 different data types. The breaches found publicly and freely available included Instant Checkmate, Sports Bull, Forex EU, Iran Laptop Parts and BMMI Shops. Sign in to view the full BreachAware Breach Index which includes, where available, reference articles relating to each breach.

SPOTLIGHT

A historic Italian company was breached back in 2021 and its data has finally been posted publicly and freely on various hacking forums. Back in 1961 they were manufacturing components and accessories for the optical industry. Jump forward 36 years; they had bought Ray-Ban and listed on the New York Stock Exchange. In 2021, one of their partner companies confirmed that they had suffered a data breach. Personal information about their millions of customers ranges from full names to other more sensitive data types.

A popular business to business e-commerce site with six offices around the world, from Australia to the Netherlands, has been hit with a data breach. The company claims to be a global provider of cloud based B2B APIs for e-commerce. While looking past the stylish website, they have an impressive set of customers in all sectors of business including healthcare and oil & gas. The data is in circulation publicly, and who knows what another threat actor could do armed with this data!

VULNERABILITY CHAT

A global leader in cyber security has been attacked with a extremely sophisticated trojan that infected medium to senior level employees using Apple mobile devices. The attack used vulnerabilities in the iOS operating system via an invisible Imessage which was sent to the employees in question. The Trojan then relayed information back to a command server, data such as geo location, microphone recording, and photos. However, even though the attack was carried out in discreet manner, it was detected by their monitoring and analysis security management software. Due to the nature of iOS, there is no software which can remove infections like this so the devices will need a factory reset.

An infamous torrenting site has closed shop. The site has been running since 2008 and originally started off serving the Bulgarian people, but it quickly began catering to the wider world. The site mainly provided high-quality films and videos but also contained video games, music, and software. The site has been described as a "notorious market" by the US trade representative and has also been targeted by Bulgarian law enforcement. The staff administration released a statement on May 31st, explaining several reasons why the site could not go on. "The past 2 years have been very difficult for us; some of the people in our team died due to COVID complications" and "the power price increase in data centres in Europe hit us pretty hard. Inflation makes our daily expenses impossible to bare."

INFORMATION PRIVACY HEADLINES

On the eve of the EU GDPR's 5th anniversary (described in a statement by Vera Jourova and Didier Reynders as "future-proof") the UK Information Commissioner's Office (ICO) published new guidance for businesses on responding to subject access requests (SARs). This comes after the ICO received over 15,000 complaints related to SARs from April 2022 to March 2023.

The Data Protection Officers from INTERPOL's National Central Bureaus (NCBs) are meeting in Singapore to discuss, amongst other things, the growth of data volumes and sources, and the corresponding increase in vulnerabilities for misuse and exploitation. According to INTERPOL, they are the only international organisation with a global network of mandatorily appointed data protection officers.