Tyler Carter reports: Officials say students’ private information was exposed at Hilliard Bradley High School. Authorities say two students are to blame. Court documents state that a student at Hilliard Bradley High School hacked into a school computer and stole other students’ login information. Read more on NBC4. The report cites the police as saying…
Month: January 2017
Hooray for transparency: Massachusetts puts data breach archive online
The state’s announcement: The Office of Consumer Affairs and Business Regulation today announced the online public availability of its Data Breach Notification Archive. The Massachusetts Data Security Law (M.G.L. c.93H) requires any entity that keeps a Massachusetts resident’s personal information to notify affected residents, the Office of Consumer Affairs and Business Regulation, and the Attorney…
MongoDB Databases Held Up for Ransom by Mysterious Attacker
Catalin Cimpanu reports: An attacker going by the name of Harak1r1 is hijacking unprotected MongoDB databases, stealing their content, and asking for a Bitcoin ransom to return the data. These attacks have been happening for more than a week and have hit servers all over the world. The first one to notice the attacks was…
Customer records from used car dealership found dumped in Detroit’s Brightmoor area
If you were a customer of Get Fresh Auto in Detroit, you may want to read a report by Randy Wimbley for Fox2. Contacted after a watchdog found customer information just dumped on a debris-littered street, the used car dealership’s owner’s responses to the reporter’s questions about how the papers wound up there reminded me of Sgt. Schultz in Hogan’s Heroes. “As soon…
Changing other people’s flight bookings is too easy
Lucian Constantin reports: The travel booking systems used by millions of people every day are woefully insecure and lack modern authentication methods. This allows attackers to easily modify other people’s reservations, cancel their flights and even use the refunds to book tickets for themselves, according a team of researchers who analyzed this online ecosystem. Karsten…
UK: Derbyshire computer hacker who broke into a company’s emails is now helping it get secure
Kit Sandeman reports that a 24-year-old man from London who was arrested after targeting an unnamed organization in Derbyshire has been given a “restorative justice” option: The man admitted accessing email accounts by using information found on social media sites such as LinkedIn and Facebook to identify targets, and bypass their security questions. This then…