Community Edition
Total Tests:
This Week:
Today:
Cyber Law Blog
Phobos Ransomware Admin Extradited From South Korea
November 21, 2024
Dark Web Crypto Mixer Founder Sentenced to Over 12 Years for Money Laundering
November 14, 2024
Global Сybercrime Сrackdown Takes Down Over 22K Malicious IPs And Servers
November 7, 2024
REvil Gang Members Sentenced
October 31, 2024
US Cop Indicted Over Buying Stolen Data
October 24, 2024
Stay in Touch

Get exclusive updates and invitations to our events and webinars:


Your data will stay confidential Private and Confidential

ImmuniWebInternational Media Coverage

T-Mobile customers at heightened risk of phishing attacks in wake of data breach

By Ross Kelly for IT PRO
Friday, January 20, 2023

Dr Ilia Kolochenko, founder of ImmuniWeb, warned that although critical financial data was not stolen in this data breach, the incident could still create significant risks for customers.

Access to customer names and email addresses could be harnessed by threat actors to conduct targeted phishing campaigns in months to come.

“While the financial data of the customers is reportedly safe, the compromised billing details can be aptly exploited by cyber criminals for sophisticated spear phishing attacks aimed, amongst other things, to steal 2FA tokens from other systems,” he said.

API vulnerabilities rising

API vulnerabilities have escalated significantly in recent years as businesses globally continue to embed applications within their service offerings.

Research last year found that 95% of companies had encountered some form of API-related security incident between April 2021 and 2022. A similar study from Imperva revealed that API vulnerabilities cost businesses $75 billion (£60.6 billion) each year.

Gartner’s API Security and Management report last year predicted that, across 2023, APIs will become the most frequent attack vector for threat actors globally.

The consultancy also believes that more than half of data theft will come as a result of insecure or vulnerable APIs.

Kolochenko warned that unprotected APIs are “rapidly becoming one of the primary sources of disastrous data breaches” and creating serious challenges for global businesses.

“The situation is aggravated by shadow IT that now encompasses not only the forgotten, abandoned, or undocumented APIs and web services but also the full spectrum of accidentally exposed APIs from test and pre-production environments that may be hosted or managed by numerous third parties that have privileged access to sensitive corporate data,” he said. Read Full Article


Previous Media Publications:

Forbes: Thousands Of PayPal Accounts Hacked—Is Yours One Of Them?

IT World Canada: Mailchimp hit again by social media attack

This website uses cookies to provide you with a better surfing experience. To learn more, please visit our Privacy Policy. By continuing to use this website you consent to our use of cookies.

Book a Call Ask a Question
Close
Talk to ImmuniWeb Experts
ImmuniWeb AI Platform
Have a Technical Question?

Our security experts will answer within
one business day. No obligations.

Have a Sales Question?
Email:
Tel: +41 22 560 6800 (Switzerland)
Tel: +1 720 605 9147 (USA)
*
*
*
*
Your data will stay private and confidential