The Office of Inadequate Security
Paulina Okunytė reports: After allegedly paying nearly $400,000 for a ransom in May, AT&T is reaching for its wallet again. This time, it’s to settle a cloud breach investigation led by the FCC. In a press release on September 17th, 2024, the Federal Communications Commission (FCC) announced a $13 million settlement with AT&T to resolve…
Ernestas Naprys reports: RansomHub, a ransomware newcomer that rose to prominence this year, has claimed a breach of Japanese company Kawasaki and released 487GB of its data publicly. Last week, Kawasaki’s European headquarters released a statement in which they informed the public that it was recovering from a cyberattack. “At the start of September, Kawasaki…
Lorenzo Franceschi-Bicchierai reports: On Thursday, cybersecurity giant Fortinet disclosed a breach involving customer data. In a statement posted online, Fortinet said an individual intruder accessed “a limited number of files” stored on a third-party shared cloud drive belonging to Fortinet, which included data belonging to “less than 0.3%” of its customers. The company said that…
Connor Jones reports: Security researchers have revealed a litany of failures in the Feeld dating app that could be abused to access all manner of private user data, including the most sensitive images not intended to be kept or shared. Feeld caters to “open-minded individuals” – those specifically interested in exploring alternative relationship models such…
Jonathan Greig reports: The nation’s top cyber watchdogs urged federal agencies to either remove or upgrade an Ivanti appliance that is no longer being updated and has been exploited in attacks. The technology company updated an advisory on Friday warning that a “limited number of customers” were breached through the exploitation of CVE-2024-8190. The bug was announced…
Jonathan Stempel reports: 23andMe will pay $30 million and provide three years of security monitoring to settle a lawsuit accusing the genetics testing company of failing to protect the privacy of 6.9 million customers whose personal information was exposed in a data breach last year. The accord also resolves accusations that 23andMe did not tell…