Lucas Ropek reports: General Motors suffered a hack that exposed a significant amount of sensitive personal information on car owners—names, addresses, phone numbers, locations, car mileage, and maintenance history. The Detroit-based automaker revealed details of the incident in a breach disclosure filed with the California Attorney General’s Office on May 16. Read more at Gizmodo.
Author: Dissent
Ng: Robbers attack NPC office, steal birth certificates
Fikayo Olowolagba reports: The National Population Commission (NPC) Badagry office located at Town Hall near Topo Garage, in Lagos State has been attacked by robbers. A staff member of the commission, Mrs Funmilayo Bojrenu told the News Agency of Nigeria (NAN) in Badagry that vital documents belonging to NPC were stolen. Read more at Daily…
UK: Two More Nails in the Coffin for Opportunistic Data Breach Claims
Victoria Leigh of Squire Patton Boggs writes: Following on from a string of cases in 2021 concerning minor data breaches (see our earlier article here), two further cases in Q1 of 2022 have continued the trend of High Court scepticism. Such compensation claims, usually involving multiple causes of action, often find themselves trimmed down and sent…
Israeli Ministry Illegally Shared Biometric Images of Millions With Unknown Agency
Josh Breiner and Bar Peleg report: The Population and Immigration Authority illegally shared in the past seven years the facial images of millions of Israelis with an unnamed government agency. The actions of the Interior Ministry division were disclosed in an official report published last week by Roy Friedman, the head of the Israel National…
Bayonne Police Sergeant Charged With Unauthorized Use of Law Enforcement Database
Statement by the Hudson County Prosecutor’s Office: Hudson County Prosecutor Esther Suarez has released the following information: On Tuesday, May 24, 2022, a Bayonne Police Sergeant was arrested on a computer crime charge involving the unauthorized use of a law enforcement database. Richard Killmer, 33, is charged with one count of Computer Theft in violation…
Fake Windows exploits target infosec community with Cobalt Strike
Lawrence Abrams reports: A threat actor targeted security researchers with fake Windows proof-of-concept exploits that infected devices with the Cobalt Strike backdoor. Whoever is behind these attacks took advantage of recently patched Windows remote code execution vulnerabilities tracked as CVE-2022-24500 and CVE-2022-26809. Read more at BleepingComputer.