Facebook fined $18.6M over string of 2018 breaches of EU’s GDPR
Natasha Lomas reports: Facebook’s parent company, Meta, has been fined €17 million (~$18.6 million) by the Irish Data Protection Commission (DPC) over a string of historical data breaches. The security...
View ArticleHidden privacy lessons in the FTC’s CafePress security enforcement
Cobun Zweifel-Keegan writes: In its most recent cybersecurity enforcement decision, the U.S. Federal Trade Commission announced a draft settlement agreement with the current and former operators of the...
View ArticleTransUnion hackers demand R224-million ransom — threaten to leak Absa, FNB,...
MyBroadband follows up on a story initially broken by ITWeb yesterday. They now report: The South African division of US-based consumer credit bureau TransUnion has suffered a ransomware attack. In a...
View ArticleHackers hit Hood. Dairy shut down milk production this week after ‘cyber...
Anissa Gardizy reports: It’s not just passwords, credit card data, or personal records. Now, it appears the hackers have come for our milk and Hoodsies. H.P. Hood Dairy said Friday that it was the...
View ArticleRussian pipeline company Transneft hit by data leak dedicated to Hillary Clinton
Corin Faife reports: As the Russian invasion of Ukraine moves into its third week, unconventional actors continue to target Russian state-backed businesses with a string of hacks and data leaks — the...
View ArticleHackers hit Mass. background-check firm used by state agencies, universities
Dan Adams reports: Computer hackers made off with highly sensitive personal records on more than 164,000 job-seekers and license applicants in a virtual “smash and grab” attack last November on...
View ArticlePolish SA: record fine of almost $1.2 million imposed on Fortum Marketing and...
Seen at the European Data Protection Board, a decision from the Polish S.A.: Background information Date of final decision: 19 January 2022 Cross-border case or national case: National Case....
View ArticleBlockFi confirms unauthorized access to client data hosted on Hubspot
Arijit Sarkar reports: New Jersey-based crypto financial institution BlockFi confirmed a data breach incident via one of its third-party vendors, Hubspot. BlockFi’s proactive warning about the breach...
View ArticleOkta, Microsoft both investigating new claims by Lapsus$ hacking group
Ax Sharma reports: Okta, a leading provider of authentication services and Identity and access management (IAM) solutions says it is investigating claims of data breach. On Tuesday, data extortion...
View ArticleMicrosoft confirms they were hacked by Lapsus$ extortion group
Lawrence Abrams reports: In a new blog post published tonight, Microsoft has confirmed that one of their employee’s accounts was compromised by Lapsus$, providing limited access to source code...
View ArticleLondon police make arrests related to Lapsus$
BBC reports: A 16-year-old from Oxford has been accused of being one of the leaders of cyber-crime gang Lapsus$. The teenager, who is alleged to have amassed a $14m (£10.6m) fortune from hacking, has...
View ArticleData leak at Desjardins: Industry watchdog wants to ban mortgage broker
Hugo Joncas reports (machine translation follows): Mathieu Joncas, who is also a private lender, bought confidential information on “150,000 to 200,000” Desjardins customers without ensuring their...
View ArticleHotel WiFi across MENA compromised and exposing private data
Kareem Chehayeb reports: Pakistani cybersecurity researcher Etizaz Mohsin was in a hotel room in Qatar when he unexpectedly discovered a technical vulnerability in its internet system that exposed the...
View ArticleMansfield company hacked, personal information stolen
Oops — I missed this one last week. George W. Rhodes reported: The computer system of a Mansfield company that does background checks for employers was hacked and the perpetrators got away with the...
View ArticleLapsus$ found a spreadsheet of passwords as they breached Okta, documents show
Zack Whittaker reports on the Sitel compromise after not previously disclosed documents were obtained by independent security researcher Bill Demirkapi: The Lapsus$ hackers used compromised credentials...
View ArticleTraffic at major Ukrainian internet service provider Ukrtelecom disrupted
Andrea Peterson reports: Web traffic from major Ukrainian internet service provider Ukrtelecom was disrupted Monday, causing one of the most widespread internet outages in the country since Russian...
View ArticleCreepy Spyware Company Goes Broke
Lucas Ropek reports: FinFisher is no more. Long accused of helping authoritarian governments to spy on political dissidents and activists, the creepy surveillance company has abruptly shut down amidst...
View Article“Anonymous” hacktivists continue to try to help Ukraine
In response to Russia’s invasion of Ukraine, a number of hacktivists have targeted Russia, hoping to be of help to Ukraine. It is not clear to what extent they have helped Ukraine by hitting the...
View ArticleInfinity’s Ronin Network Says About $620M Stolen In Major Security Breach
Shanthi Rexaline reports: Ronin, an Ethereum-linked sidechain made by Sky Mavis specifically for Axie Infinity disclosed Tuesday a major security breach that led to the theft of about $620 million in...
View ArticleNetwork cavity blamed for data breach at Japanese candy maker Morinaga
John Leyden reports: Japanese confectionary manufacturer Morinaga has warned that a suspected data breach of its online store may have exposed the personal information of more than 1.6 million...
View Article