The Canadian Press reports: The union representing public high school teachers in Ontario says it was the victim of a ransomware attack earlier this year that compromised members’ personal information. The Ontario Secondary School Teachers’ Federation says it discovered in late May that an “unauthorized third party” accessed and encrypted its systems between May 25…
Category: Business Sector
AirAsia victim of ransomware attack, passenger and employee data acquired
AirAsia Group* pledges to be responsible when gathering personal information and to protect privacy “in every possible way.” That’s not a contract, mind you, but just an expression of their commitment. On November 11 and 12, AirAsia Group fell victim to a ransomware attack by Daixin Team. The threat actors, who were the topic of…
Meta Fires Employees and Contractors for Improperly Accessing Users’ Accounts and Selling Them to Hackers
Daniel Kreps reports: Meta, the parent company of Facebook, has fired or disciplined dozens of employees and contractors — including Meta security guards — following an internal probe that revealed they were improperly accessing users’ accounts for reasons including bribery. The Wall Street Journal reports that, for years, the employees and contractors wrongly used Facebook’s internal mechanism for helping password-forgetting…
Whoosh confirms data breach after hackers sell 7.2M user records
Bill Toulas reports: The Russian scooter-sharing service Whoosh has confirmed a data breach after hackers started to sell a database containing the details of 7.2 million customers on a hacking forum. Whoosh is Russia’s leading urban mobility service platform, operating in 40 cities with over 75,000 scooters. On Friday, a threat actor began selling the…
Hong Kong regulator issues investigative report on 2021 Fotomax ransomware incident
The Office of the Privacy Commissioner for Personal Data (PCPD) in Hong Kong published an investigation report today concerning a ransomware attack on the database of Fotomax (F.E.) Limited. From the news release: The investigation arose from a data breach notification lodged by Fotomax with the PCPD on 1 November 2021, which reported that the…
Booz Allen Hamilton Holding Corporation notifies employees of insider breach
Booz Allen Hamilton Holding Corporation has disclosed an insider breach involving the sensitive, personally identifiable information (PII) of active employees as of March 29, 2021. According to their notification, a copy of which was submitted to the Montana Attorney General’s Office, Booz Allen recently learned that while employed by Booz Allen, a former employee obtained…