Catalin Cimpanu reports: According to a new report published today by US cyber-security firm FireEye, there’s a clear and visible distinction between North Korea’s hacking units –with two groups specialized in political cyber-espionage, and a third focused only in cyber-heists at banks and financial institutions. For the past four years, ever since the Sony hack…
Month: October 2018
GA: Gwinnett Medical Center investigating possible data breach
Update: After posting the article below, this site was contacted by the Twitter user who was posting data on Twitter, @baidu3250617231 provided additional proof, including pictures allegedly taken from an Axis camera. Other details were also provided to Steve Ragan of Salted Hash. Steve Ragan of Salted Hash has a possible breach report involving Gwinnett Medical Center (GMC) that…
NY: Honeoye Falls-Lima school computer networks hacked; student records, personal information breached [UPDATED]
Sean Lahman reports: Officials with the Honeoye Falls-Lima school district have acknowledged an illegal intrusion into a computer system that stores students’ grades and other personal information. A spokesperson for the Monroe County Sheriff’s Office said that the breach began on August 1 when “an unknown suspect was able to hack the Superintendent’s account.” It is…
St. Petersburg timeline on Click2Gov raises questions as to whether the vendor was proactive or not
I have commented on the Click2Gov breach a few times — mostly wondering aloud why so many customers do not seem to have been made aware that they needed to update immediately, etc. Both RBS and FireEye have both discussed the Click2Gov incident in more depth. But now look at this disclosure from St….
Oklahoma DHS could have sent private medical info to wrong addresses
Dale Denwalt reports: Officials at the Department of Human Services said Monday that a small number of clients were affected this year by a computer error that labeled envelopes with incorrect addresses. A labeling error affected notices that informed patients and their guardians about changes to their plan of care. Letters were meant for people…
Website flaw exposed a Canadian ISP’s entire customer database
Zack Whittaker reports: Canadian internet provider Altima Telecom has fixed a flaw in its website that could have given an attacker full access to its customer database. The customer database was connected to the company’s website, but could be remotely accessed with a blind SQL injection attack. Daley Borda, founder of Underdog Security, found the…