Connect with us

Malware

Nickelodeon Launches Urgent Investigation into Decades-Old Data Leak

Nickelodeon, the popular children’s network, is conducting an investigation after a breach exposed decades-old data. The leaked information includes internal files, employee credentials, and more. With this breach, Nickelodeon joins the list of organizations affected by cyberattacks. As the company delves into the incident, ensuring robust security measures is crucial to safeguard sensitive data and protect their reputation.

Published

on

Nickelodeon launches investigation into data leak.

Nickelodeon Investigates Breach After Leak of ‘Decades Old’ Data

Nickelodeon, an American pay TV channel owned by Paramount, has confirmed the legitimacy of leaked data from an alleged breach. However, some of the leaked information appears to be decades old.

Nickelodeon’s programming is primarily targeted at children and family audiences.

In late June, rumors began circulating about a major leak from Nickelodeon’s animation department. Evidence of the alleged breach started circulating on social media, revealing a substantial collection of documents and media files, estimated to be around 500GB in size.

tweet

The data breach supposedly occurred in January of this year, with unauthorized access being blocked by Nickelodeon two months later. However, there is no reliable evidence supporting this claim.

According to some sources, all the leaked files were shared on a private Discord server and have since been reposted on various platforms.

When contacted by BleepingComputer, a Nickelodeon spokesperson confirmed an ongoing investigation. However, they stated that the leaked data does not appear to be the result of a recent breach of their systems.

The spokesperson also reassured that the leaked data does not include any user or employee information. Instead, it is limited to production resources and other intellectual property.

“We are aware of social media posts alleging that unauthorized production-related files have been made available, and we are currently investigating,” said the Nickelodeon spokesperson.

“The leaked content seems to be related only to production files, and not long-form content or employee or user data. Furthermore, some of the leaked content appears to be several decades old,” they added.

While it may take some time to thoroughly analyze the entire data dump, based on Nickelodeon’s statement, there is no indication of a significant breach.

However, it is important to note that redistributing copyrighted intellectual property is illegal, regardless of whether the content is old or not. Those involved in such activities may face legal consequences.

Continue Reading
Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

Malware

31 Million Email Addresses Alarmingly Exposed: A Massive Data Breach Uncovered

Discover the details of the Neiman Marcus data breach, where 31 million email addresses were exposed. Learn about the company’s response, the potential risks, and tips for protecting your data. Stay informed on the latest cybersecurity news with Bleeping Computer.

Published

on

If you’ve ever shopped at the American luxury retailer and department store chain Neiman Marcus, I’ve got some bad news for you. A data breach that took place in May 2024 has exposed more than 31 million customer email addresses, according to cybersecurity expert Troy Hunt, who analyzed the stolen data.

This is a big deal, especially considering that Neiman Marcus initially reported to the Office of the Maine Attorney General that the breach had only impacted 64,472 people. But after digging deeper, Hunt discovered 30 million unique email addresses in the stolen data and confirmed with multiple people that their information was indeed legitimate.

That’s a massive discrepancy, and it means that millions of people have had their personal information compromised.

The stolen data includes names, contact information (such as email and postal addresses, and phone numbers), dates of birth, gift card info, transaction data, partial credit card numbers (without expiration dates or CVVs), Social Security numbers, and employee identification numbers.

So, what happened? Enter the Snowflake data theft attack

Neiman Marcus has linked the incident to the so-called Snowflake data theft attacks. In June 2024, the company announced that an unauthorized party had gained access to a cloud database platform used by Neiman Marcus and provided by a third party, Snowflake.

This disclosure came after a threat actor using the handle “Sp1d3r” put Neiman Marcus’ data up for sale on a hacking forum, asking for $150,000 in exchange for 12 million gift card numbers, 70 million transactions with full customer details, and 6 billion rows of customer shopping records, store information, and employee data.

It’s worth noting that the threat actor initially claimed that Neiman Marcus had refused to pay an extortion demand. However, the forum post and the data sample were later taken down, suggesting that the company may have begun negotiating.

An investigation conducted by SnowFlake, Mandiant, and CrowdStrike revealed that a financially motivated group known as UNC5537 was responsible for the attacks. Using stolen customer credentials, they targeted at least 165 organizations that had failed to configure multi-factor authentication (MFA) protection on their SnowFlake accounts. Other recent breaches linked to these attacks include Ticketmaster, Santander, Pure Storage, QuoteWizard/LendingTree, Advance Auto Parts, and Los Angeles Unified.

What can you do to protect yourself?

First and foremost, if you’re a Neiman Marcus customer, you need to be vigilant. Keep an eye on your accounts for any suspicious activity, and consider changing your passwords and enabling multi-factor authentication wherever possible.

But this isn’t just about Neiman Marcus. As an IT Services expert, I can’t emphasize enough how important it is to take cybersecurity seriously. Always use strong, unique passwords, enable multi-factor authentication, and stay informed about the latest threats and best practices.

Remember, cybersecurity is a shared responsibility. Let’s all do our part to keep our personal information and the digital world safe.

And if you want to learn more about cybersecurity, don’t hesitate to reach out to us. We’re here to help you navigate the ever-changing landscape of threats and best practices. Stay safe out there!

Continue Reading

Malware

Massive Roblox Vendor Data Breach: Dev Conference Attendee Info Shockingly Exposed

A Roblox vendor data breach has exposed personal information of Roblox Developers Conference attendees. The breach, discovered on November 8, exposed names, billing addresses, and order details of customers, but no financial data. Roblox has since terminated the vendor’s contract and is taking steps to prevent future breaches.

Published

on

Imagine you’re a dedicated developer, excited to attend a prestigious conference to connect with peers and learn about innovative tools in your field. You register, book your flight, and eagerly await the event. Now imagine the disappointment and concern you’d feel if you discovered your personal information had been exposed due to a data breach. Unfortunately, this scenario recently became reality for attendees of the Roblox Developer Conference.

Roblox, a wildly popular online gaming and game creation platform, boasts over 200 million active users, many of whom are young developers eager to design, create, and share games with their community. Each year, the company holds a Roblox Developer Conference (RDC) to provide networking opportunities and learning experiences for these talented individuals.

However, a notice published recently revealed that FNTech, the vendor responsible for handling registration for the conference, suffered a data breach. Unauthorized access to its systems led to the exposure of personal information belonging to attendees of the 2022, 2023, and 2024 RDC events.

What was exposed, and who is affected?

The data breach resulted in the theft of attendees’ full names, email addresses, and IP addresses. According to the data breach notification service Have I Been Pwned (HIBP), 10,386 unique email addresses were exposed. Of these, 63% (6,500) had not been exposed in previous breaches.

Worryingly, this isn’t the first time Roblox developers have been targeted. In July 2023, HIBP added information about nearly 4,000 Roblox developer accounts to its database. These individuals, also RDC attendees, had their data leaked on a hacker forum following a 2021 breach that impacted attendees from 2017 to 2020.

Understanding the risks and taking action

While the recent breach doesn’t directly put Roblox developers in immediate danger, it does increase the likelihood of targeted phishing attacks. Armed with their personal information, cybercriminals could easily craft convincing messages designed to trick developers into revealing even more sensitive data.

In response to the breach, Roblox has taken steps to prevent similar incidents in the future. However, this isn’t the first time the platform and its users have faced security threats. In November 2022, over 200,000 users installed a malicious Chrome extension called SearchBlox, which contained code designed to steal Roblox account credentials.

Don’t let this happen to you!

As an IT Services company specializing in cybersecurity, we understand how devastating data breaches can be, not only to businesses but also to individuals like the RDC attendees. Don’t leave your security to chance—reach out to us for expert advice and support to keep your data safe and secure.

Together, we can help prevent cyberattacks and protect your personal information from falling into the wrong hands. And remember, always stay vigilant and be cautious of any suspicious emails or messages, no matter how convincing they may seem.

Contact us today to learn more about our cybersecurity services, and keep coming back for the latest news and insights in the world of online safety.

Continue Reading

Malware

Shopify Debunks Hacking Claims, Exposes Stolen Data Connection to Third-Party App

Shopify has denied being hacked after suspicious emails were sent to customers, blaming a third-party app for the data breach. The firm’s investigation revealed that the app had accessed and stolen data from Shopify’s API, but the incident was not a security breach of the platform itself.

Published

on

Shopify, the popular e-commerce platform, has recently denied experiencing a data breach after a threat actor started selling customer data that they claimed to have stolen from Shopify’s network. But, don’t worry, it’s not as bad as it seems.

What Shopify had to say

According to Shopify, the company’s systems have not suffered a security incident. They told us, “The data loss reported was caused by a third-party app. The app developer intends to notify affected customers.

This statement comes after a threat actor, known as ‘888’, began selling data they claimed was stolen from Shopify back in 2024.

Selling alleged Shopify data on a hacking forum
Selling alleged Shopify data on a hacking forum
Source: IT Services

What’s in the data?

The threat actor shared data samples that include a person’s Shopify ID, first name, last name, email, mobile number, order count, total spent, email subscription, email subscription date, SMS subscription, and SMS subscription date. While this information is significant, it’s important to remember that Shopify itself wasn’t directly breached.

Unfortunately, Shopify did not provide any further information about the app from which this customer’s data was stolen.

A history of data leaks

The threat actor, 888, has been linked to previous data sales or leaks allegedly involving companies like Credit Suisse, Shell, Heineken, Accenture India, and Unicef.

It’s also worth noting that in 2020, Shopify disclosed that two “rogue members” of its support team accessed customer transactional records of about 200 merchants. While this is concerning, it’s essential to recognize the proactive steps the company has taken to address security issues.


Stay informed and protect your data

While this particular incident doesn’t seem to be a direct breach of Shopify’s systems, it’s still a reminder to stay vigilant when it comes to our data. Make sure to stay informed about potential threats and take the necessary steps to protect your personal information.

If you’re interested in learning more about cybersecurity and how to keep your data safe, don’t hesitate to contact us and keep coming back for more valuable information.

Continue Reading

Trending

Copyright © 2023 IT Services Network.