Juris Graney reports: Malware installed on more than 300 computers put over 3,000 University of Alberta students at risk late last year, but because of a police probe resulting in charges against a 19-year-old man, the breach wasn’t shared campus-wide until Thursday. In a statement posted to its website, Gordie Mah, the chief information security…
Month: January 2017
Misconfigured MongoDB database exposes sleep disorder program patients’ information
I blacked out while driving and wrecked …. So begins a message that was just one of more than 1,000 messages and more than 1,200 patient profiles exposed to the world because a sleep disorder clinic serving military personnel had a misconfigured MongoDB database that was indexed by Shodan. Thankfully, the files were still intact when MacKeeper Security Research…
FTC Charges D-Link Put Consumers’ Privacy at Risk Due to the Inadequate Security of Its Computer Routers and Cameras
The Federal Trade Commission filed a complaint against Taiwan-based computer networking equipment manufacturer D-Link Corporation and its U.S. subsidiary, alleging that inadequate security measures taken by the company left its wireless routers and Internet cameras vulnerable to hackers and put U.S. consumers’ privacy at risk. In a complaint filed in the Northern District of California,…
Ashley Madison Data Breach Claims Should Be Arbitrated, Company Says
Amanda Bronstad reports: AshleyMadison.com’s parent company is hoping to knock out more than 20 class actions filed over its 2015 data breach by invoking online arbitration agreements the plaintiffs signed when they subscribed to its matchmaking services. The move to arbitrate comes after Avid Life Media Inc., which has been rebranded as Ruby Corp., agreed…
PH: ‘Comeleak’: Poll chief rapped for data breach, may face criminal prosecution
Vito Barcelo reports: The National Privacy Commission found the Commission on Elections liable for violating the Data Privacy Act of 2012 and recommended the criminal prosecution of Chairman J. Andres D. Bautista for “the worst recorded breach on a government-held personal database in the world” last March. In a decision, dated Dec. 28, on NPC Case…
Instances of new and destructive ransomware grow rapidly
If you are following what’s happening with hackers attacking misconfigured MongoDB databases, wiping the data, and then demanding ransom for its return, then you’ll know that although this problem seemed to start on or around December 21 with an actor known as “Harak1r1,” within days of it garnering media attention, we saw almost identical warning…