“Companies such as Bumble, Panera Bread, Match Group and CrunchBase have become targets of cyber attacks. The attackers gained access to information, but not to accounts or financial information. A series of attacks in cyberspace hit Bumble Inc., Panera Bread Co., Match Group Inc. and CrunchBase Inc., as Internet security experts warn of a new wave of attacks using […]”, — write: businessua.com.ua
A series of attacks in cyberspace hit Bumble Inc., Panera Bread Co., Match Group Inc. and CrunchBase Inc., as Internet security experts warn of a new wave of social engineering attacks targeting U.S. companies, Bloomberg reported. UNN.
Details Bumble Inc., the parent company of dating apps Bumble, Badoo and BFF, contacted law enforcement after one of its contractors’ profiles “was compromised recently in a phishing attack,” a spokesperson for the organization said.
The attacker “gained unauthorized access to a small portion of our network for a short period of time,” the spokesperson said, adding that the company believes the access has stopped. The hackers did not gain access to the company’s user database, user accounts, Bumble app, personal messages or profiles, the spokesperson said.
Similarly, Panera Bread said it notified law enforcement after discovering a cybersecurity incident and took steps to address it. A Panera representative said the hacker gained access to the software the company used to store information.
“The information that was affected is contact information,” the representative said, without elaborating.
Match Group, the conglomerate that owns Tinder, Hinge and other dating apps, also confirmed on Wednesday that the company had experienced an internet security incident that affected “a limited amount of customer data” and that it was in the process of notifying users.
A company representative said there was no indication that user credentials, financial information or personal correspondence had been accessed.
A spokesperson for Match told Mashable: “We are aware of claims appearing online related to a recently discovered security incident. Match Group takes the security of our users seriously and acted quickly to stop unauthorized access. We are continuing to investigate with the help of external cybersecurity experts.”
“There is no indication that user credentials, financial information, or private messages were accessed. We believe the incident affected a limited amount of user data, and we are already in the process of notifying individuals accordingly,” the spokesperson continued.
A representative of CrunchBase said that documents on the corporate network were affected, but the company contained the incident.
Match’s system was hacked on January 16, but Bloomberg was unable to determine when exactly the incidents occurred.
Cybersecurity experts recently warned of a social engineering campaign targeting US companies believed to be carried out by a group calling itself ShinyHunters. The group has claimed responsibility for attacks on Bumble, Panera Breach, Match and CrunchBase, although Bloomberg could not independently confirm the claims.
ShinyHunters confirmed on their website earlier this week that they were involved in the Panera Bread data breach that allegedly led to the theft of more than 14 million customer records, according to Mashable. The stolen data reportedly includes customer names, email addresses, phone numbers, home addresses and account details.
Google (Alphabet Inc.)-owned cybersecurity firm Mandiant last week warned against the ShinyHunters campaign, saying the group used new “vishing” techniques to compromise victim organizations’ single sign-on (SAN) credentials and remotely access their systems.
After breaking into a computer system, attackers are turning to software-as-a-service (SaaS) environments to steal sensitive data, Charles Carmacal, CTO of Mandiant, said in a written statement.
He added that the attacker, who calls himself ShinyHunters, approached some victims with a demand to pay them a “reward”.
Please wait…