Casio discloses data breach impacting customers in 149 countries

pMortgage giant Mr Cooper says customer data exposed in breachppCISA warns of actively exploited Juniper preauth RCE exploit chainppLockBit ransomware leaks gigabytes of Boeing datappFBI Royal ransomware asked 350 victims to pay 275 millionppMeet the Unique New Hacking Group AlphaLockppSave 112 on a lifetime subscription to AdGuards ad blockerppEthereum feature abused to steal 60 million from 99K victimsppFBI Royal ransomware asked 350 victims to pay 275 millionppQualys BrowserCheckppSTOPDecrypterppAuroraDecrypterppFilesLockerDecrypterppAdwCleanerppComboFixppRKillppJunkware Removal ToolppBest VPNsppHow to change IP addressppAccess the dark web safelyppBest VPN for YouTubeppRemove the Theonlinesearchcom Search RedirectppRemove the Smartwebfindercom Search RedirectppHow to remove the PBlock adware browser extensionppRemove the Toksearchesxyz Search RedirectppRemove Security Tool and SecurityTool Uninstall GuideppHow to Remove WinFixer Virtumonde Msevents TrojanvundoppHow to remove Antivirus 2009 Uninstall InstructionsppHow to remove Google Redirects or the TDSS TDL3 or Alureon rootkit using TDSSKillerppLocky Ransomware Information Help Guide and FAQppCryptoLocker Ransomware Information Guide and FAQppCryptorBit and HowDecrypt Information Guide and FAQppCryptoDefense and HowDecrypt Ransomware Information Guide and FAQppHow to enable Kernelmode Hardwareenforced Stack Protection in Windows 11ppHow to use the Windows Registry EditorppHow to backup and restore the Windows RegistryppHow to open a Windows 11 Command Prompt as AdministratorppHow to start Windows in Safe ModeppHow to remove a Trojan Virus Worm or other MalwareppHow to show hidden files in Windows 7ppHow to see hidden files in WindowsppeLearningppIT Certification CoursesppGear GadgetsppSecurityppppJapanese electronics manufacturer Casio disclosed a data breach impacting customers from 149 countries after hackers gained to the servers of its ClassPad education platformppCasio detected the incident on Wednesday October 11 following the failure of a ClassPad database within the companys development environment Evidence suggests that the attacker accessed customers personal information a day later on October 12ppThe exposed data includes customer names email addresses countries of residence service usage details and purchase information such as payment methods license codes and order specificsppCasio says that credit card information was not stored within the compromised databaseppAs of October 18 the attackers accessed 91921 items belonging to Japanese customers including individuals and 1108 educational institution customers and 35049 records belonging to customers from 148 countries and regions outside JapanppAt this time it has been confirmed that some of the network security settings in the development environment were disabled due to an operational error of the system by the department in charge and insufficient operational management the company saidppCasio believes these were the causes of the situation that allowed an external party to gain unauthorized accessppAlthough the compromised database is currently inaccessible to external entities the ClassPadnet app remains operational Casio clarified that the hackers did not infiltrate systems beyond the compromised database within the development environmentppOn Monday October 16 Casio reported the incident to Japans Personal Information Protection Commission and is collaborating with law enforcement authorities assisting with their breach investigationppAdditionally Casio is working with external cybersecurity and forensics experts to conduct an internal investigation to find the underlying causes of the incident and draw up countermeasures in response to the breachppIn early August a threat actor known as thrax claimed to have leaked over 12 million user records on the BreachForums cybercrime forum allegedly stolen from a Remote Desktop Services RDS server with older casiocom databasesppThe allegedly stolen information contains entries up to July 2011 AWS keys and database credentialsppThis DB is kinda old as hell but believe it or not this was dumped from a live RDS server today If anyone wants the AWS keys with some pretty juicy permissions S3 bucket access etc and database credentials etc DM me the threat actor saidppA user who I gave the AWS keys to has managed to find another database After looking into this database the newest date I could reference was January 2006 another old databaseppA Casio spokesperson was not immediately available for comment when contacted by BleepingComputer earlier today to provide additional details regarding the October incident and to confirm thraxs claimsppSumo Logic discloses security breach advises API key resetsppMarina Bay Sands discloses data breach impacting 665000 customersppSeiko says ransomware attack exposed sensitive customer datappOkta says its support system was breached using stolen credentialsppDLink confirms data breach after employee phishing attackppNot a member yet Register NowppIranian hackers launch malware attacks on Israels tech sectorppLockBit ransomware leaks gigabytes of Boeing datappTerms of Use Privacy Policy Ethics Statement Affiliate DisclosureppCopyright 2003 2023 Bleeping Computer LLC All Rights ReservedppNot a member yet Register NowppRead our posting guidelinese to learn what content is prohibitedp