Hackers Attack Alzura, German Tire Trading Company

February 5, 2024

The online tire and parts retail giant Alzura has fallen victim to a hacker attack. According to the company, dealer accounts on Alzura Tyre24 as well as the white label solutions “Tyre Shopping” and “Alzura Shop” are among those affected by the latest hacker attack.

read more

Cyberattack at Staples Disrupts Internal Operations.

November 27, 2023

American office supply retailer Staples took some of its systems down to contain impact of a cybersecurity attack and protect customer data. Staples confirmed that it was forced to take protective action to mitigate what it described as a “cybersecurity risk.” The response measures disrupted backend processing and product delivery.

In March 2023, Staples-owned distributor Essendant also experienced a multi-day outage that prevented customers and suppliers from placing or fulfilling online orders.

read more

Lockbit Ransomware Attack at Office Supply Distributor Essendant

March 6, 2023

A systems outage at Essendant is preventing the placement or fulfillment of online orders, thereby impacting both the company’s customers and suppliers. Freight carriers have also been told to hold off on any pick-ups until further notice. Essendant continues to make its recovery efforts. During this time, customers will not be able to place orders or contact Essendant’s customer care. The company’s statement acknowledges a threat actor publicly claimed responsibility for the cyberattack, but the validity of these claims has not been officially confirmed yet.

Essendant stocks over 160,000 types BleepingComputer reached out to Staples and Essendant with questions but we were not provided with any additional information of items serving approximately 30,000 reseller customers. The systems outage is therefore likely to have a widespread impact on the supply chain.

read more

<9000 American Airlines and Southwest Airlines Pilots Affected by Data Breach at 3rd Party Vendor

April 30, 2023

American Airlines and Southwest Airlines disclosed data breaches. The cause was the hack of Pilot Credentials, a third-party vendor that manages multiple airlines’ pilot applications and recruitment portals. Documents containing information provided by certain applicants in the pilot and cadet hiring process were stolen. American Airlines said the data breach affected 5745 pilots and applicants, while Southwest reported a total of 3009.

read more

2020 Phishing Email Cost UK Interserve more than £11M

May 8, 2020

Hackers stole sensitive details on 100,000 people from an outsourcing company named Interserve. The Phishing campaign attackers are unknown and the company offered no additional information. The data stolen is sensitive, including employee names and their addresses, bank details, payroll information, HR records, pension information and much more.

Update August 2023: The Information Commissioner fined Interserve £4.4m in autumn 2022. Interserve was once a FTSE 250 firm but has largely been broken up after collapsing into administration four years ago. Its latest accounts reveal that it spent £7m on ‘professional adviser fees’ following the attack.

read more

Travel Booking Giant Sabre Investigating Claims of a 1.3TB Data Breach

July 20, 2023

Travel booking giant Sabre said it was investigating claims of a cyberattack after a tranche of files purportedly stolen from the company appeared on an extortion group’s leak site. The Dunghill Leak group claimed responsibility for the apparent cyberattack in a listing on its dark web leak site, alleging it took about 1.3 terabytes of data, including databases on ticket sales and passenger turnover, employees’ personal data and corporate financial information.

Sabre is a travel reservation system and major provider of air passenger and booking data. Many U.S. airlines and hotel chains rely on the company’s technology.

read more

Boots also Victim MOVEit Software Hack at Zellis

June 7, 2023

British Airways (BA), the BBC, Ofcom and Boots were among a number of organisations that were reportedly victims of a major recent cyber-attack, resulting in the breach of numerous staff details.

The stolen data is said to include staff names, staff ID numbers and national insurance numbers (although, importantly, not banking details). But, other than for those personally affected, the real issue is what this attack reveals about the evolution of cybercrime.

read more

First Merchant Bank also Confirmed Databreach as Result of MOVEit Hacks

June 21, 2023

Indiana-based banking giant First Merchants Bank, also confirmed a data breach affecting sensitive customer information resulting from the MOVEit hacks.

First Merchants said that hackers accessed data including customers’ addresses, Social Security numbers, online banking usernames, payee information and financial account information. “Online or mobile banking passwords were not captured or compromised and remain unaffected by this incident.” First Merchants Bank also has not yet said whether the company has the ability to determine the number of affected customers. A spokesperson did not return a request for comment.

Clop has not yet listed First Merchants Bank on its dark web leak site.

read more

Cyberattack at Global Wholesale Company METRO

October 17, 2022

International wholesale giant METRO is experiencing infrastructure outages and store payment issues following a recent cyberattack.

The company’s IT team is currently investigating the incident with the help of external experts. Even though its stores are still operating, METRO says that it was forced to set up offline payment systems and that online orders are delayed.

read more