As long-time readers know, DataBreaches has occasionally run into difficulties when trying to helpfully notify entities of their data leaks or breaches. In other cases, independent researchers have also reported frustration with trying to get entities to respond to responsible disclosures. More often than not, initial attempts at disclosure are ignored or go to spam…
Year: 2025
Department of Defense civilian employee pleads guilty to taking classified documents
Today’s reminder of the insider threat, from the U.S. Attorney’s Office for the Eastern District of Virginia: ALEXANDRIA, Va. – A civilian electrical engineer for the Department of Defense pled guilty today to unauthorized removal and retention of classified material. According to court documents, Gokhan Gun, 51, of Falls Church, was born in Istanbul, Turkey,…
Data breach at stalkerware SpyX affects close to 2 million, including thousands of Apple users
Zack Whittaker reports: A consumer-grade spyware operation called SpyX was hit by a data breach last year, TechCrunch has learned. The breach reveals that SpyX and two other related mobile apps had records on almost two million people at the time of the breach, including thousands of Apple users. The data breach dates back to…
DOGE to Fired CISA Staff: Email Us Your Personal Data
Brian Krebs reports: A message posted on Monday to the homepage of the U.S. Cybersecurity & Infrastructure Security Agency (CISA) is the latest exhibit in the Trump administration’s continued disregard for basic cybersecurity protections. The message instructed recently-fired CISA employees to get in touch so they can be rehired and then immediately placed on leave, asking employees…
Hong Kong passes its first cybersecurity bill covering critical infrastructure
Lo Hoi-ying reports: Hong Kong’s legislature has approved the city’s first bill targeted at cybersecurity for computer systems needed for critical infrastructure, with operators facing fines of up to HK$5 million (US$643,000) for failing to keep them up to date. The Legislative Council on Wednesday passed the Protection of Critical Infrastructure (Computer System) Bill amid…
Casual White House Starlink Use Is A Cybersecurity Nightmare, A Transparency Problem, And A Weird Marketing Stunt
from the but-her-emails dept at TechDirt: Wed, Mar 19th 2025 05:26am – Karl Bode It’s best to view Elon Musk’s DOGE as an attack. While right wing propaganda (and gullible media outlets and politicians) frame DOGE as a “cost saving” effort at “improving government efficiency,” that’s just flimsy-ass cover for its real purpose: the dismantling of corporate…