The attack started on June 6 when a threat actor impersonated a company employee in order to their compromise business credentials.
AT&T said threat actors had accessed an AT&T workspace on a third-party cloud platform and were able to exfiltrate customer call and text records.
An unknown attacker compromised a customer database for Dropbox Sign and accessed authentication information such as OAuth tokens and MFA data.
The Verizon 2024 Data Breach Investigations Report shows a 180 percent increase in the use of vulnerability exploits in breaches from last year, thanks to MOVEit Transfer and other bugs.
HPE's disclosure of the breach comes days after Microsoft said the same group was able to access corporate email accounts of its senior leadership team.