It has been reported that almost 500,000 Fortinet VPN login names and passwords have been stolen after the data was recently leaked onto hacking forums. The threat actor that obtained the data claims the info was taken from exploitable devices last summer and although the vulnerability has been patched, many of the VPN credentials are still valid.

Several months after the initial cyberattack took place, patients of Atlanta Allergy & Asthma (AAA) are now being notified of the incident. In March 2021, DataBreaches.net reported that threat actors dumped over 2 GB of AAA’s stolen data on their leak site. The stolen data included personal information affecting over 9,800 patients.

A large amount of data that allegedly belongs to AT&T has stirred some controversy as it popped up on the dark web this week.

Cyber security researchers informed Ford Motor company of a misconfigured instance that was running on Ford’s server. The vulnerability opened an opportunity for anyone who came across it to obtain access to sensitive data including customer and employee information.

In what state officials are deeming to have been a low-risk data breach, the Indiana Department of Health is notifying affected individuals that data from the state’s COVID-19 online contact tracing survey was improperly accessed.

Another cyber security blow has been dealt to T-Mobile in what seems to be a string of cyber attacks and incidents. A hacker is now claiming to be in possession of personal information data related to over 100 million T-Mobile customers. The data is said to include social security numbers, phone numbers, names, addresses and unique IMEI numbers and drivers’ licenses of T-Mobile customers.

Over 3 million people had their data exposed as cyber security researchers came across a misconfigured Amazon public cloud storage resource belonging to the senior care review site, SeniorAdvisor.

A British Columbian school district, School District No. 73 (SD73, Kamloops-Thompson), was recently notified of a third-party data breach that may have led to student information being compromised. SD73’s third-party travel and medical insurance provider for its international student program released a statement confirming a cyber security incident during June 2021, led to this potential data leak.

A recent data breach, caused by a misconfigured server, exposed the personal information of vehicle owners. Reports show that the server belonging to the Calgary Parking Authority (CPA), which was used to monitor the authority’s parking system for bugs and errors, was left unsecured in what seems to be an overlooked security error.

After a failed attempt at extorting video game giant, Electronics Arts (EA), for the return of stolen data and later failing to sell the stolen files to a third-party, the hackers responsible for the breach have released approximately 751 GB of EA’s stolen data online. The dumped files are being reported to have contained the source code for EA’s FIFA 21 soccer game.

Company officials from Yale New Haven Health are warning patients that their information has been compromised in an April cyber security incident from one of their third-party vendors. This news comes weeks after the medical network was victimized by a ransomware attack.

Carnival Cruise Lines has suffered from another cyber attack. Customers and employees of the Carnival Cruise Line may be affected after threat actors gained access to some of the company’s IT systems in this latest attack.