RiskBased Security reports that although it notified CabCharge of a misconfigured database leaking customer information and CabCharge seems to have taken steps to secure the data, CabCharge has neither acknowledged the notification nor notified customers: …. Our lead researcher quickly contacted CabCharge.com.au to alert them to the issue. After a few hours of checking on the status of…
Month: May 2016
130 days, 1,500 notifications: Does Dutch breach rule foreshadow GDPR?
Lokke Moerel and Alex van der Wolk write: As we write this, it is now four months since the new data breach notification law in the Netherlands went into effect. Since 1 January 2016, data controllers are obliged to notify the Dutch data protection authority (DPA) and individuals if the security of personal data has been…
Ukrainian hacker admits hacks of MarketWired, PRN, and Business Wire press releases for securities fraud scheme
A Ukrainian hacker today admitted his role in an international scheme to hack into three business newswires, steal yet-to-be published press releases containing non-public financial information, and use the information to make trades that allegedly generated approximately $30 million in illegal profits, U.S. Attorney Paul J. Fishman announced. Vadym Iermolovych, 28, of Kiev, Ukraine, pleaded…
More than 2,000 veterans had their PHI breached in April
Another site that reports on health data breaches tends to report on VA breaches in terms of percentage change from the previous month. DataBreaches.net does not do that because, frankly, there’s no consistent pattern or trend, and month-to-month comparisons don’t strike this blogger as particularly useful. Consider the stats from the last three months’ reports: February Summary:…
Was chatting about marijuana on TheTreesNetwork hazardous to your privacy?
In today’s installment of misconfigured databases, include more than 10 million chat messages from more than 44,000 users on TheTreesNetwork. Chris Vickery, security researcher at Kromtech, writes: I have information on two different breaches to share today. Coincidentally they both involve sites that show videos to their user base. The first has to do with TheTreesNetwork.com,…
El Dorado Hills accountant to notify clients after discovering malware on system
Lynn Talbot, Jr., CPA, CVA is notifying clients after discovering malware on his system. In a letter that will be going out to clients next week, Talbot explains: On April 19, 2016, I detected suspicious activity on a work computer. I immediately took the computer off-line and contacted our IT consultant. The consultant has confirmed unusual…