Breach

The UK-based multinational company, which serves the energy, security, aerospace, and defense sectors, is now working with cybersecurity experts to assess the impact of the incident.

Exposed by the database were customers' full names, birthdates, ages, genders, marital status, account IDs, occupations, phone numbers, physical addresses, premium amounts and annuities, and policy types, as well as employees' names, email addresses, MLGA/RGA names and emails, and years in service, according to SafetyDetectives researchers.

Such data compromise may have been achieved through an intrusion against a third-party supplier, which did not have any access to billing or financial details, according to TalkTalk Head of External Communications Liz Holloway, who did not name the supplier and noted that the incident could not be confirmed until the external vendor's investigation is finalized.

Attackers who infiltrated Change Healthcare using unsecured account credentials were not only able to exfiltrate individuals' names, birthdates, home and email addresses, Social Security numbers, and other government IDs but also their health insurance details, diagnoses, test and imaging results, treatment plans, and banking details.

INC Ransom alleged that it was not only able to exfiltrate Stark's supply chain details, building plans, instructor passports, and cybersecurity tool configurations but also reconnaissance satellite and production program information, as well as documents from its parent firm IAI North America.

Infiltration of PowerSchool's student information systems via stolen customer support portal credentials has primarily impacted the Toronto District School Board, which had data from over 1.48 million students and over 90,000 teachers exfiltrated, followed by the Peel District School Board, which is also in Canada, and the Dallas Independent School District.

In a post on its leak site on Wednesday, RansomHub asserted that it was able to exfiltrate 400 GB of data from American Standard's network servers while threatening the firm to enter ransom payment negotiations in just over five days.