Another day, another API breach in the news. The latest breach occurred on the Life360 platform where an advisory was able to gleam 400k user phone numbers, based on the article written on Bleepingcomputer.com. Known only by their 'emo' handle, they said the unsecured API endpoint used to steal the data provided an easy way to verify each impacted user's email address, name, and phone number.

In today's digital landscape, businesses heavily rely on third-party software for their daily operations. This reliance has led to a surge in software supply chain attacks, which are becoming increasingly prevalent and sophisticated. These attacks exploit vulnerabilities in external tools or services to gain unauthorized access and compromise systems.

Over the last few months, there have been a number of credential-based breaches, including the attacks on Ticketmaster, Santander Bank, and others. As details regarding this string of attacks continue to be uncovered, it is critical that organizations take precautionary measures in order to protect themselves and their customers from potentially being compromised by cybercriminals.

In today’s digital landscape, the importance of robust cybersecurity measures cannot be overstated. Yet, despite the clear and present danger posed by cyber threats, many organizations still underinvest in cybersecurity, operating under a false sense of security. This complacency can be incredibly costly, as the financial ramifications of cybersecurity breaches are staggering.

A significant data breach has compromised the personal information of 442,519 Life360 customers due to a vulnerability in the company's login API. The breach, discovered in March 2024, has exposed sensitive user details, including email addresses, names, and phone numbers. This incident underscores the critical importance of robust cybersecurity measures, particularly for services handling vast amounts of personal data. Exploiting an Unsecured API Endpoint.

Too many consumers have awoken one morning to find messages from a retailer or their bank detailing purchases made through their account of which they were unaware. While the realization that they have been hacked will cause some well-deserved panic for the account holder, it usually only takes a few phone calls to cancel purchases, change a password, and cancel a credit card to put a stop to the problem.

AT&T reported on July 12 that an internal investigation had revealed that the telecommunication provider had been victimized by a third-party breach,resulting in the compromise of records of calls and texts of nearly all of AT&T’s cellular customers. An AT&T spokesperson confirmed to a news source that the breach resulted from of the data stolen from cloud storage firm Snowflake.

Financial Business and Consumer Solutions (FBCS) was founded in 1982 as Federal Bond Collection Services and currently has over 100 employees. Based in Pennsylvania, the name was later changed in 2014. The company is a licensed debt collection agency offering specialized solutions for creditors across various product verticals to meet their diverse needs. Such creditors include those playing in healthcare, consumer credit, utilities, auto, and education services.