Publications & Analyses
Argus Flow releases, platform announcements, press updates, and cybersecurity analyses.
Infinite Campus Breach Hits 137K School Staff Accounts
The notorious cybercrime gang ShinyHunters stole personal information from over 137,000 staff accounts in an attack on the widely used Infinite Campus system. The breach occurred via a third-party Salesforce application.
Maine Shuts Down Data Breach Portal Over Fake Submissions
The Maine Attorney General's Office has suspended its data breach notification portal, established after a massive breach last year, due to a flood of fake and misleading submissions by unknown actors. The move has caused further concern for 1.3 million affected residents.
Maine Shuts Down Portal After Fake Breach Disclosures
Maine has taken its official data breach notification portal offline after fraudulent and misleading breach announcements were published on the state's website. The incident shows how public transparency tools can be abused, prompting officials to review procedures to prevent future misuse.
Maine Breach Portal Abused for Fake Disclosures
In an unusual misinformation campaign, fraudulent data breach disclosures were submitted to Maine's official breach portal. These notices, published without verification, were later denied by the implicated companies.
Coupang Fined a Record Sum for Massive Data Breach
South Korea's data protection regulator, PIPC, has imposed a record fine of approximately $409 million on e-commerce giant Coupang following a massive data breach that affected over 37 million customers. This marks the largest data protection fine in the country's history.
Major Data Breach at Nottingham University
The University of Nottingham has confirmed a massive data breach affecting over 450,000 current and former students. Attackers gained access to the university's student records system, compromising sensitive information.
ShinyHunters Targets Oracle PeopleSoft Servers in Attacks
The notorious cybercrime gang ShinyHunters claims to have stolen data from over 100 organizations by exploiting critical vulnerabilities in Oracle PeopleSoft servers. The technical details behind the attacks and who is at risk are causing concern.
Japan Power Firm Loses Drive With Customer Data
One of Japan's leading power companies has announced the loss of a portable storage device containing the personal information of tens of thousands of its customers. The incident once again shows that the weakest link in the cybersecurity chain is often human and physical error.
ServiceNow Flaw Exploited to Steal Customer Data
The cybersecurity world is buzzing with news of a vulnerability in the enterprise cloud computing giant ServiceNow, which is being actively exploited. Unidentified attackers have used this flaw to gain unauthorized access to numerous customer instances.
Your AI Assistant Just Fell for a Phishing Scam
The OpenClaw AI email assistant, promising productivity, succumbed to even the simplest phishing attacks in a cybersecurity simulation. The result: it spilled user data.
ServiceNow API Flaw Exposes Customer Data
Cloud computing giant ServiceNow has confirmed a security incident where attackers exploited an unauthenticated API endpoint, allowing them to query customer data. The event raises serious questions about the platform's reliability.
SoFi Hong Kong Becomes a Vendor's Victim
Fintech giant SoFi's Hong Kong operation has confirmed that customer data was stolen following a breach at a third-party partner's database. The incident once again highlights the dangers of supply chain attacks.