Gabrielle Russon reports on your latest reminder of the insider threat: A fired Disney World employee is accused of hacking into an online system and altering Disney World restaurant menus by changing fonts and prices, adding profanity and manipulating the food allergy warnings, according to new federal documents. The cyberattack caused at least $150,000 in damage…
Harvey Cashore, Daniel Leblanc report: At the height of this year’s tax season, the Canada Revenue Agency discovered that hackers had obtained confidential data used by one of the country’s largest tax preparation firms, H&R Block Canada. Imposters used the company’s confidential credentials to get unauthorized access into hundreds of Canadians’ personal CRA accounts, change…
Over on SuspectFile, Marco A. De Felice writes: In August 2023, Postel S.p.A., a leading Italian company in the postal services and digital communications sector, became the victim of a serious cyberattack. The Medusa cybercriminal group exploited unresolved vulnerabilities in the company’s systems, gaining access to a large amount of sensitive data. This breach raised significant…
Washington D.C., Oct. 22, 2024 — The Securities and Exchange Commission today charged four current and former public companies – Unisys Corp., Avaya Holdings Corp., Check Point Software Technologies Ltd, and Mimecast Limited – with making materially misleading disclosures regarding cybersecurity risks and intrusions. The SEC also charged Unisys with disclosure controls and procedures violations….
Sammy Heung reports: Hong Kong’s privacy watchdog has found a prominent sports club had been in breach of privacy regulations in the run-up to a large-scale leak involving about 72,000 members’ personal information. The Office of the Privacy Commissioner for Personal Data said on Tuesday that the South China Athletic Association (SCAA) had failed to…
Lawrence Abrams reports: Cisco confirmed today that it took its public DevHub portal offline after a threat actor leaked “non-public” data, but it continues to state that there is no evidence that its systems were breached. “We have determined that the data in question is on a public-facing DevHub environment—a Cisco resource center that enables…