28 matches found
Under Armour ransomware breach: data of 72 million customers appears on the dark web
When reports first emerged in November 2025 that sportswear giant Under Armour had been hit by the Everest ransomware group, the story sounded depressingly familiar: a big brand, a huge trove of data, and a lot of unanswered questions. Since then, the narrative around what actually happened has...
Google misled users about their privacy and now owes them $425m, says court
A court has ordered Google to pay $425m in a class action lawsuit after it was found to have misled users about their online privacy. In July 2020, Google user Anibal Rodriguez filed a lawsuit against the search giant, arguing that it misled users with its "Web & App Activity" setting. The settin...
Meta accessed women’s health data from Flo app without consent, says court
A jury has ruled that Meta accessed sensitive information from a woman's reproductive health tracking app without consent. The app in question is called Flo Health. Developed in 2015 in Belarus to track menstrual cycles, it has evolved over the years as a tracking app for highly detailed, intimat...
Google Ordered to Pay $314M for Misusing Android Users' Cellular Data Without Permission
Google has been ordered by a court in the U.S. state of California to pay $314 million over charges that it misused Android device users' cellular data when they were idle to passively send information to the company. The verdict marks an end to a legal class-action complaint that was originally...
AT&T to pay compensation to data breach victims. Here’s how to check if you were affected
AT&T is set to pay $177 million to customers affected by two significant data breaches. These breaches exposed sensitive personal information of millions of current and former AT&T customers. For those that have missed the story so far: Back in 2021, an entity named Shiny Hunters a known hacking...
Apple to Pay Siri Users $20 Per Device in Settlement Over Accidental Siri Privacy Violations
Apple has agreed to pay $95 million to settle a proposed class action lawsuit that accused the iPhone maker of invading users' privacy using its voice-activated Siri assistant. The development was first reported by Reuters. The settlement applies to U.S.-based individuals current or former owners...
23andMe will retain your genetic information, even if you delete the account
Deleting your personal data from 23andMe is proving to be hard. There are good reasons for people wanting to delete their data from 23andMe: The DNA testing platform has a lot of problems, so let’s start with a recap. A little over a year ago, cybercriminals put up information belonging to as man...
23andMe to pay $30 million in settlement over 2023 data breach
Genetic testing company 23andMe will pay $30 million to settle a class action lawsuit over a 2023 data breach which ended in some customers having information like names, birth years, and ancestry information exposed. In October 2023, we reported on how information belonging to as many as seven...
Class-Action Lawsuit against Google’s Incognito Mode
The lawsuit has been settled: Google has agreed to delete "billions of data records" the company collected while users browsed the web using Incognito mode, according to documents filed in federal court in San Francisco on Monday. The agreement, part of a settlement in a class action lawsuit file...
US Facebook users can now claim Cambridge Analytica settlement cash
US-based Facebook users can now claim a piece of the enormous settlement payment by Meta, Facebook's parent company, over the Cambridge Analytica scandal. This news follows Meta agreeing to pay $725 million in December 2022 to settle the longstanding class action lawsuit filed by Lauren Price in...
New Protections for Food Benefits Stolen by Skimmers
Millions of Americans receiving food assistance benefits just earned a new right that they cant yet enforce: The right to be reimbursed if funds on their Electronic Benefit Transfer EBT cards are stolen by card skimming devices secretly installed at cash machines and grocery store checkout lanes...
Zoom Settlement: An $85M Business Case for Security Investment
Ransomware isn’t the only way lax security can cost a business eight figures in damage. Zoom just lost an $85 million class-action lawsuit this week for its cybersecurity missteps, proving that even the most essential and relied-upon brands can be tripped up by inadequate security. More...
SolarWinds Blames Intern for 'solarwinds123' Password Lapse
As cybersecurity researchers continue to piece together the sprawling SolarWinds supply chain attack, top executives of the Texas-based software services firm blamed an intern for a critical password lapse that went unnoticed for several years. The said password "solarwinds123" was originally...
FBI, CISA, NSA Officially Blame Russia for SolarWinds Cyber Attack
The U.S. government on Tuesday formally pointed fingers at the Russian government for orchestrating the massive SolarWinds supply chain attack that came to light early last month. "This work indicates that an Advanced Persistent Threat APT actor, likely Russian in origin, is responsible for most ...
Zoom Taps Ex-Facebook CISO Amid Security Snafus, Lawsuit
As it faces a major lawsuit, Zoom is taking a significant step to bolster security and privacy efforts by recruiting an industry heavy-hitter – former Facebook CISO Alex Stamos – to provide special counsel. It has also named third-party expert security advisory teams. The popular videoconferencin...
The Zoom Privacy Backlash Is Only Getting Started
A class action lawsuit. Rampant zoombombing. And as of today, two new zero-day vulnerabilities...
Epic Games Hit With Class Action Lawsuit Over Hacked 'Fortnite' Accounts
Epic Games, the creator of the popular 'Fortnite' video game, is facing a class-action lawsuit from gamers over hacked Fortnite accounts, accusing the company of failing to maintain adequate security measures and notify users of the security breach in a timely manner. The lawsuit, filed by...
SEC Investigating Data Leak at First American Financial Corp.
The U.S. Securities and Exchange Commission SEC is investigating a security failure on the Web site of real estate title insurance giant First American Financial Corp. that exposed more than 885 million personal and financial records tied to mortgage deals going back to 2003, KrebsOnSecurity has...
NY Investigates Exposure of 885 Million Mortgage Documents
New York regulators are investigating a weakness that exposed 885 million mortgage records at First American Financial Corp. NYSE:FAF as the first test of the state's strict new cybersecurity regulation. That measure, which went into effect in March 2019 and is considered among the toughest in th...
Medical Weed Dispensary Exposes Health Data for Thousands
A data breach at a medical marijuana dispensary company operating in Canada has sent the personal health privacy of about 34,000 patients up in smoke. An electronic medical record system used by Natural Health Services – a self-described “cannabinoid medical clinic that specializes in cannabis...