Pegasus Airlines, a Turkish low-cost carrier, has accidentally leaked around 6.5TB of personal information of flight crew, flight data, and source code after misconfiguring an AWS bucket. Read more at Teiss.
Category: Business Sector
Are victims of Netgain ransomware incident first being notified now?
Accounting firm Perkins & Co. in Portland Oregon has submitted a notification to the Vermont Attorney General’s Office about a breach that goes back to 2020 — the Netgain ransomware incident that impacted numerous clients and individuals. According to Perkins’ notification, Netgain first notified them of the breach in December 2020. So why did it…
Today’s exercise in reading between the lines
A recent notification by Aon had DataBreaches wondering exactly what went on with their incident response. Consider their description of what happened: What Happened? On February 25, 2022, Aon identified a cyber incident that, upon investigation, impacted a limited number of systems. Once the incident was discovered, Aon immediately retained leading cybersecurity firms to assist…
Hacker Steals Database of Hundreds of Verizon Employees
Lorenzo Franceschi-Bicchierai reports: A hacker has obtained a database that includes the full name, email address, corporate ID numbers, and phone number of hundreds of Verizon employees. …. The hacker contacted Motherboard last week to share the information. The anonymous hacker said they obtained the data by convincing a Verizon employee to give them remote…
Hackers Know Where You’ve Been Driving: General Motors Discloses Data Breach
Lucas Ropek reports: General Motors suffered a hack that exposed a significant amount of sensitive personal information on car owners—names, addresses, phone numbers, locations, car mileage, and maintenance history. The Detroit-based automaker revealed details of the incident in a breach disclosure filed with the California Attorney General’s Office on May 16. Read more at Gizmodo.
Decisions by the Personal Data Protection Commissioner of Singapore
The Personal Data Protection Commissioner of Singapore announced several new decisions this week. Here are three of them: A financial penalty of $2,000 was imposed on Southaven Boutique for failing to put in place reasonable security arrangement to prevent the unauthorised access of its customers’ personal data in its Point-Of-Sale system server. Read more. A…