Sean Gallagher reports: The city of Atlanta government has apparently become the victim of a ransomware attack. The city’s official Twitter account announced that the city government “is currently experiencing outages on various customer facing applications, including some that customers may use to pay bills or access court-related information.” According to a report from Atlanta…
Month: March 2018
Prosecution drops five felony charges against Justin Shafer, accepts plea to one misdemeanor charge
In May 2016, the Dallas FBI raided dental integrator and independent researcher Justin Shafer because of allegations that he had accessed an FTP server without authorization. Shafer was subsequently raided twice more, and in March 2017, he was arrested and charged with stalking a federal employee – not hacking or any criminal conduct related to…
How long does it take for a MongoDB to be compromised? Hint: not very long.
Kromtech Security has done a follow-up on reports from last year about misconfigured MongoDB installations having their data deleted and replaced by “ransom” messages. The attackers were having a field day back then, but what is happening now? So Kromtech decided to employ a honeypot. It went live on March 1, 2018. And here’s what happened…
AU: Medical records exposed by flaw in Telstra Health’s Argus software
Ben Grubb reports: A flaw in medical software used by more than 40,000 Australian health specialists and distributed by Telstra has potentially exposed Australians’ medical information to hackers, who have been logging into practitioners’ computers and servers to carry out illegal activities. Read more on Sydney Morning Herald.
ID: School district reports inadvertent disclosure
This item by Dr. Michael Garrett that appeared in the Clearwater Tribune appears to concern Joint School District #171 in Idaho. At approximately 7:35 a.m. on March 19, a supervisor brought to my attention that an employee had discovered personal employee information on the district website. The information was verified in a payroll report which inadvertently…
San Diego City Attorney announces lawsuit against Experian over massive data breach
At first I thought the headline had a typo and that they meant to name Equifax, but they do, indeed, mean Experian. This suit goes back to an incident previously covered on this site that involved Experian acquiring a company, Court Ventures, that had access to another company’s, InfoSearch’s database…. and a bad actor named…