Brian Krebs reports: Identity thieves have been exploiting a glaring security weakness in the website of Experian, one of the big three consumer credit reporting bureaus. Normally, Experian requires that those seeking a copy of their credit report successfully answer several multiple choice questions about their financial history. But until the end of 2022, Experian’s…
Author: Dissent
Email Reveals AR-15 Pistol Brace Company Hit With Data Breach Ahead Of ATF Ruling
Tyler Duden reports: SB Tactical, one of the most popular AR-15 pistol brace manufacturers, appears to have been hit with a data breach, where customer data, including names, addresses, and credit card information, was leaked online. A snapshot of an email from SB Tactical’s customer support has surfaced on Reddit and Twitter in the last few days…
Toronto hospital network issues ‘code grey’ as digital systems go down
Liam Casey reports: A major Toronto hospital network said its digital systems went down on Monday and it was working to investigate what was causing the outage. The University Health Network issued a “code grey” — a hospital code for system failure — but released few other details about what happened. Read more at CBC….
Des Moines Public Schools cancels Tuesday classes after cybersecurity attack
Samantha Hernandez reports: Des Moines Public Schools has canceled all classes for Tuesday after officials took the district’s internet and network offline Monday morning following what they described as “unusual activity” that was later determined to be an apparent cybersecurity attack. The district issued an announcement Monday afternoon saying offices will be open but staff may be…
UK: Oxford University dating website for staff and students shut down after ‘huge data breach’
Anvee Bhutani and Emma Yeomans report: A dating website for Oxford University students has been accused of breaching student and staff privacy after revealing the name of everyone with a university email address. “OxShag”, set up anonymously by a group of students, promised to help “overworked and undersexed” students find “bookworms with benefits, coursemates keeping…
When ransom negotiations become public, self-inflicted reputation harm may follow
Not all ransomware victims have given up on getting attackers to sign a nondisclosure agreement (NDA), so they can call a ransom payment a “bug bounty” and never disclose that they were the victim of a ransomware incident. At least, that’s how it seems, unless, of course, CyberOptics is going to claim that they were…