Amérique du Nord
Klue
In an ironic turn of events, cybersecurity firms themselves have become victims of a supply-chain attack following a breach of market intelligence platform Klue.
Vancouver-based market intelligence provider Klue disclosed on June 19 that hackers stole data from an undisclosed number of customers in a cyberattack between June 11 and 12. The incident affected Klue’s Salesforce integration, leading to data exfiltration from the Salesforce environments of multiple customers. According to the company, the attacker gained access through a compromised legacy credential, used it to obtain OAuth tokens that connected Klue to third-party platforms, including Salesforce, and then accessed data within the customer environments connected to those platforms. Notably, several cybersecurity companies were impacted, including HackerOne, Huntress, OneTrust and Snyk.
Klue said the intrusion was limited to Salesforce instances and did not involve customers’ own systems. Meanwhile, the cybercrime group Icarus has claimed responsibility for the attack and stated on its leak site that it will publish the stolen data if a ransom is not paid.
SourceComment cela pourrait-il affecter votre entreprise ?
This incident highlights a growing reality in cybersecurity: the breach that hurts your organization most may not happen within your own environment at all. A compromise at a trusted vendor or service provider can create a pathway for attackers to access connected systems, applications or sensitive data. Organizations should regularly assess third-party risk, review and limit vendor access privileges, monitor integrations with external platforms and ensure suppliers follow strong security practices. Maintaining visibility into the broader supply chain is becoming just as important as securing internal systems.
États-Unis
Texas Parks and Wildlife Department
The personal data of more than three million Texans may have been exposed in a data breach affecting the Texas Parks and Wildlife Department (TPWD).
According to TPWD, Texas Cyber Command recently detected a cybersecurity incident involving the department’s hunting and fishing license system vendor. The investigation indicates that an unauthorized individual may have accessed driver’s license information, passport numbers (if provided), email addresses, phone numbers and residential addresses belonging to more than three million hunting and fishing license holders. TPWD said that Social Security numbers, dates of birth and financial information, including credit card details, were not compromised.
TPWD has advised affected individuals to remain vigilant for signs of fraud and identity theft by regularly reviewing their credit reports and financial statements for any unauthorized activity.
SourceComment cela pourrait-il affecter votre entreprise ?
Data exposures involving personal information such as addresses, phone numbers, email addresses and identification documents can increase the risk of highly targeted spear-phishing attacks. Cybercriminals often use stolen information to craft convincing messages that appear legitimate and are more likely to trick victims into revealing additional sensitive data. Individuals affected by such incidents should remain vigilant for suspicious communications and monitor their accounts for unusual activity.
États-Unis
Cherry Health
Cherry Health, an independent, non-profit Federally Qualified Health Center (FQHC) based in Michigan, disclosed a data breach that may affect current and former patients and staff members.
In a notice published on June 18, Cherry Health said it detected suspicious activity on its network on or around April 19. The organization launched an investigation with the assistance of third-party specialists and determined that certain information stored on its network was accessed and copied by an unauthorized individual. The total number of affected individuals has not yet been disclosed, as a comprehensive review of the impacted data remains ongoing.
According to the notice, the information potentially exposed includes names, addresses, phone numbers, dates of birth, health insurance information, health insurance ID numbers, patient ID numbers, provider names, service dates and Social Security numbers.
SourceComment cela pourrait-il affecter votre entreprise ?
Health care organizations remain frequent targets of cyberattacks due to the large volumes of sensitive personal and medical information they store. To reduce risk, health care providers should strengthen access controls, continuously monitor for suspicious activity, and ensure staff are trained to recognize potential threats before they escalate into breaches.
États-Unis
Xsolis
Tennessee-based health care technology company Xsolis, Inc., disclosed a data breach affecting nearly 1.4 million individuals.
Xsolis, which provides utilization management and revenue cycle solutions for hospitals, health systems and payers, revealed in a data security notice that it detected unauthorized activity on its systems on January 22. The company said the intrusion stemmed from a targeted phishing attack that occurred two days earlier. According to Xsolis, the attackers gained access to files containing personal and protected health information provided by its clients, including names, dates of birth, addresses, Social Security numbers, health insurance information and medical treatment data.
Meanwhile, the U.S. Department of Health and Human Services (HHS) added the Xsolis incident to its data breach tracker, reporting that 1,396,519 individuals were affected.
SourceComment cela pourrait-il affecter votre entreprise ?
A single click on a convincing phishing email can escalate into a large-scale data breach. Organizations should prioritize ongoing user awareness training to help employees identify increasingly sophisticated phishing attempts. Tapping into technologies such as GenAI can help improve threat detection, identify suspicious communications earlier and deliver more effective, ongoing security awareness training.
Amérique du Nord
Nintendo of America
Nintendo of America confirmed that threat actors stole survey data from its third-party TinyPulse service, which is used internally for employee feedback and engagement.
An extortion-as-a-service group known as Shadowbyt3$ recently claimed to have breached Nintendo of America, the U.S.-based subsidiary of the Japanese gaming giant. The group alleged that it stole nearly 1 GB of internal data, including employee-related information, and demanded a $2 million ransom while giving the company 48 hours to negotiate before leaking the files. According to the threat actors, the stolen data includes names, email addresses, analytics and survey data, bank statements, W-9 forms, employee IDs, progress plans and reports spanning 2016 to 2026.
The incident affected only employees who used TinyPulse and did not impact Nintendo’s gaming operations. Nintendo stated that its own systems were not compromised and that no personal customer or financial data was accessed.
SourceComment cela pourrait-il affecter votre entreprise ?
Third-party breaches have become a common pathway for attackers, allowing attackers to impact organizations even when their own networks and systems remain secure. To reduce risk, businesses should regularly assess vendor security practices, limit third-party access to sensitive data and systems and continuously monitor external integrations and supply chain relationships for potential threats.
