Bigger companies may pay bigger fines, but smaller fines do not mean smaller impact when it comes to dealing with sensitive information, as in this case. The Information Commissioner’s Office (ICO) has fined transgender charity Mermaids £25,000 for failing to keep the personal data of its users secure. The ICO’s investigation began after it received a…
Author: Dissent
Morgan Stanley reports data breach after vendor Accellion hack
People are first finding out NOW? Look at this timeline, provided by Sergiu Gatlan in his reporting on BleepingComputer: Guidehouse notified Morgan Stanley in May 2021. Guidehouse had been breached in January through the Accellion vulnerability. Guidehouse discovered the breach in March and the impact to Morgan Stanley customers in May. Why didn’t Guidehouse discover the…
‘Shut down everything:’ Global Kaseya ransomware attack takes a small Maryland town offline
Chris Velazco and Rachel Lerman report: It was just after 12:30 p.m. on the Friday before the Fourth of July holiday when a warning popped up on Laschelle McKay’s computer screen. McKay, the town administrator for Leonardtown, Md., didn’t even have time to read the whole message before it disappeared and her computer froze. “Everything…
Bug bounties: Here’s how much Microsoft paid out to security researchers last year
Liam Tung reports: Microsoft has revealed it awarded 341 researchers a total of $13.6 million during the past year for reporting security vulnerabilities in its bug bounty programs. The awards were issued between July 1, 2020 and June 30, 2021 and is slightly less than what it paid out in 2019. That year, Microsoft tripled the awards…
UK: Years in jail for Cambridgeshire computer hacker who blackmailed victims
itv reports: A computer hacker from Linton in Cambridgeshire has been sentenced to two and a half years in prison after a number of blackmail and computer offences. Police described 20-year-old Alexander Marsh as ‘manipulative’ after he was caught harvesting personal information, including intimate images from people in Suffolk. Marsh first came to the attention…
Sg: Spooked by website hacking, ad firm beefs up security, stops using default passwords
Kenny Chee reports: A simple, default password shared by employees was possibly the weak link that allowed hackers to break into advertising and creative agency Splash Productions‘ website and deface it. The incident, which happened about five to six years ago, was a wake-up call that spurred the company to drastically improve its cyber security…