MIX reports: Fledgling cryptocurrency startup Sentinel Chain, which promised to “unlock the economic potential” of the poor, launched its initial coin offering (ICO) earlier this week, but it missed one thing: a critical vulnerability that made it possible to scrape its users’ personal data, including their emails and passport images. Shortly after kicking off its…
Month: February 2018
Personal data of 500,000 Nova Poshta clients allegedly leaked to dark web
Kostiantyn Tsentsura reports: The largest private delivery company in Ukraine, Nova Poshta, has been accused of leaking the personal information of hundreds of thousands of its users to the dark web. […] According to Papyshev, the seller is offering two databases: the first has 500,000 records of clients, with their full names, phone numbers, city…
What to Know About ED’s New Stance On Data Breach Reporting
Sean Tassi reports: Until recently, colleges and universities that experienced a data breach had no unique reporting obligations to the U.S. Department of Education. Institutions were expected to analyze security incidents under applicable federal and state laws and, when appropriate, notify affected individuals and appropriate federal and state agencies. Because the Family Educational Rights and…
IL: Reinstated school district IT Director sues school board over breach response
In May, 2016, this site noted a breach report from Abingdon-Avon School District in Illinois. One month later, we noted a news report that their IT Director, identified at the time as Mark Rodgers (sic), had been arrested, although it wasn’t clear if the felony eavesdropping charges were directly related to the breach. Not reported…
Thirty-six Defendants Indicted for Alleged Roles in Transnational Criminal Organization Responsible for More than $530 Million in Losses from Cybercrimes
A federal indictment was unsealed today charging 36 individuals for their alleged roles in the Infraud Organization, an Internet-based cybercriminal enterprise engaged in the large-scale acquisition, sale, and dissemination of stolen identities, compromised debit and credit cards, personally identifiable information, financial and banking information, computer malware, and other contraband. Following the return of a nine-count…
PKR man to sue MCMC over massive telco data leak affecting 46.2 million
Malaysiakini reports that a lawsuit is being filed over a massive breach in 2014 that affected 46.2 million and was first disclosed in 2017: The Malaysian Communications and Multimedia Commission (MCMC) is set to face a civil suit from PKR communications director Fahmi Fadzil over the 2014 data leak of the personal information of more than…