Simon Elvery, Emily Sakzewski, and Matt Liddy report: The personal details of job applicants and staff at a range of major Australian companies and government agencies have potentially been exposed in a “significant” data breach and extortion attempt against Australian recruitment company Finite. Hackers have accessed and released sensitive data that includes resumes, offers of employment,…
Author: Dissent
Gumtree classifieds site leaked personal info via the F12 key
Bill Toulas reports: British classifieds site Gumtree.com suffered a data leak after a security researcher revealed that he could access sensitive personally identifiable data of advertisers simply by pressing F12 on the keyboard. When pressing the F12 key in a web browser, the application will open the developer tools console, which allows you to view…
Facebook takes down accounts for seven “cyber-mercenary” firms
Catalin Cimpanu reports: Meta (formerly Facebook) said today that it suspended accounts on its Facebook and Instagram platforms operated by seven companies that provide surveillance and cyber-mercenary services. Meta said these companies targeted users with links to phishing sites and malware in order to collect login credentials and infect them with malware. Read more at…
NY Man Pleads Guilty in $20 Million SIM Swap Theft
Brian Krebs reports: A 24-year-old New York man who bragged about helping to steal more than $20 million worth of cryptocurrency from a technology executive has pleaded guilty to conspiracy to commit wire fraud. Nicholas Truglia was part of a group alleged to have stolen more than $100 million from cryptocurrency investors using fraudulent “SIM swaps,” scams…
Desjardins reaches $200M class action settlement in wake of data breach
The Canadian Press reports that Mouvement Desjardins has reached a $200-million settlement with plaintiffs in a class action suit launched after a massive data breach in June 2019. The settlement has to be approved by the Superior Court of Quebec. Read more at Montreal Gazette. A press release issued by plaintiffs’ counsel states, in part:…
Threat actors pose as pharmacists, get business associates to send them patient records
Harbor Health in Massachusetts has notified at least one patient whose data was compromised by an attack on ScansStat Technologies. According to a December 13 letter from Jesse A. Shipley, HHSI’s Director of Compliance & Risk Management, on November 12, ScansStat Technologies informed them that bad actors posing as pharmacies had managed to get ScansStat…