Gareth Corfield reports: An email marketing company claiming to hold details on a million UK teachers and school admin personnel was potentially exposing those to the public internet thanks to a misconfigured error page on its website. Not only that, but the Schools Marketing Company (SMC) seemingly dismissed the findings of the infosec company which…
Author: Dissent
“Shoot the Messenger,” Friday edition: Homewood Health resorts to threats and a court order?
In July of this year, CTV News in Canada and DataBreaches.net reported on a breach involving Homewood Health in Canada. Both CTV and this site had become aware of the breach when data allegedly from Homewood showed up on a leak site called Marketo. Marketo claimed to have almost 300 GB of Homewood’s data for…
US govt reveals three more ransomware attacks on water treatment plants this year
Catalin Cimpanu reports: Ransomware gangs have silently hit three US water and wastewater treatment facilities this year, in 2021, the US government said in a joint cybersecurity advisory published today by the FBI, NSA, CISA, and the EPA. The attacks —which had been previously unreported— took place in March, July, and August and hit facilities in Nevada,…
3D printing site Thingiverse suffers major user data breach
Mayank Sharma reports: About 228,000 users of popular 3D printing platform Thingiverse have reportedly had their authentication details stolen and published on the dark web. The news of the leak doesn’t come from Thingiverse itself, but rather from Have I Been Pwned (HIBP), which got hold of the leaked details of the compromised accounts after receiving a tip…
Recent decisions by the Singapore Data Protection
Two recent decisions by the Singapore PDPC. Breach of the Protection Obligation by ChampionTutor 14 Oct 2021 A financial penalty of $10,000 was imposed on ChampionTutor for failing to put in place reasonable security arrangements to protect personal data in its possession. The incident resulted in the personal data being exposed. The PDPC became aware…
Convicted SUNY Plattsburgh hacker’s sentencing adjourned, counsel seeks expert services
Fernando Alba of The Press-Republican reports: Convicted hacker and SUNY Plattsburgh alumnus Michael P. Fish’s sentencing has been adjourned again Thursday. Fish’s attorney asked for a 60-day extension to complete court approved expert witness services requested in August, according to court documents. Fish pleaded guilty to aggravated identity theft, computer intrusion and child pornography possession…