Catalin Cimpanu reports: Video sharing platform DailyMotion announced on Friday that it was the victim of a credential stuffing attack, ZDNet has learned. […] According to an email sent out to impacted customers, and seen by ZDNet, the credential stuffing started last weekend, on January 19, and appears to have been successful in some cases,…
Month: January 2019
MY: Over 1 Million UiTM Students and Alumni Personal Details Leaked Online
Vijandren reports: A total of 1,164,540 records, belonging to students who enrolled for various courses at Universiti Teknologi Mara (UiTM) between 2000 and 2018 has been breached and leaked online. The leaked data includes detailed records of students from the UiTM main campus in Shah Alam, as well as it’s 13 autonomous state campuses around the…
CO: Critical Care, Pulmonary & Sleep Associates notifies almost 24,000 patients after hack of employee email accounts
Critical Care, Pulmonary & Sleep Associates in Colorado has notified 23,377 patients of a privacy incident. Their on-site notice offers a useful reminder that while bad actors may be seeking to engage in financial theft or fraud, when files with ePHI are connected to employee email accounts, patients and HHS may wind up needing to be…
GA: Mount Zion student pleads not guilty to computer hacking to avoid homework
Tony Reid reports the update to a story previously noted on this site: A Mount Zion High School student is pleading not guilty to three charges of tampering with computers after police said he shut down his school district’s computer network while trying to sabotage a homework assignment. Gage C. Hart, 18, appeared in Macon…
UK: Theology lecturer breaches confidentiality in mass email
Melissa Tutesigensi reports: A private email containing sensitive information about a student was sent to all Theology undergraduates this morning. The discussion about a student’s mental health and attendance was accidentally forwarded to several hundred students. The student was explicitly named in the email and specific details about their university life were highlighted. In the…
United States: National Futures Association Adopts Notification Requirement For Certain Cybersecurity Incidents
Jeffrey P. Taft and Matthew Bisanz of Mayer Brown write: On January 7, 2019, the National Futures Association (“NFA”) announced that it had adopted amendments to its information security requirements that include a cybersecurity incident notification obligation.1 As discussed below, the NFA’s amendments represent the continued maturation of information security in the US financial services…