Breach

Investigation into the incident revealed that Avery's website had been compromised with a credit card skimmer that enabled the exfiltration of individuals' names, billing and shipping addresses, phone numbers, email addresses, payment card details, and purchase amounts inputted in the website between July 18 and December 9.

Attackers who trespassed on MIG's computer environment may have compromised individuals' full names and financial details, said the major Southeastern U.S. mortgage lending firm in a breach notice on its website that did not specify the nature of the intrusion and the number of customers affected by the incident.

Infiltration of Telefónica's Jira platform through infostealer theft of credentials belonging to over a dozen of the firm's employees was followed by the targeting of employees with admin privileges and the eventual exfiltration of a list with 24,000 Telefónica employee names and emails, 5,000 internal files, and half a million internal Jira issue summaries.

Infiltration of the vendor's systems between October and November exposed not only individuals' names, ages, and addresses, but also photographs, medical cannabis cards, driver's license numbers, and passport numbers, said STIIIZY in a breach notice and filing with California regulators that did not detail the number of people whose data had been stolen.

Telefónica, which is Spain's leading multinational telecommunications firm, has acknowledged unauthorized access to its internal ticketing system following the exposure of the company's Jira database on a hacking forum by threat actors DNA, Pryx, Grep, and Rey.

Threat actors who infiltrated BayMark's systems from Sep. 24 to Oct. 14 were able to steal individuals' names, birthdates, Social Security numbers, driver's license numbers, insurance details, received services, service dates, and treatment and diagnostic information, said BayMark in breach notices that did not specify the number of people affected by the incident.