RNZ reports: AA Traveller said the website was in use between 2003 and 2018 and allowed customers to make travel bookings, enter competitions and take part in surveys. In a statement on its website AA Traveller said it “recently discovered a vulnerability in the application where the AA Traveller information was stored and that an…
Category: Business Sector
Cyber attack prompts security response by Oregon secretary of state
KTVZ reports: A ransomware attack on a campaign finance firm has prompted the Oregon Elections Division to require that 1,100 users of the state’s online campaign contribution reporting system change their passwords, but Sectary of State Shemia Fagan stressed late Monday that the agency’s systems have not been hacked. […] The Oregon Elections Division learned…
OpenSea Discord server hacked, increasing the risk of phishing scams
Ali Raza reports: OpenSea, a non-fungible token marketplace, has become the victim of a hack on its main Discord channel. The breach has allowed the threat actors to post fake announcements about partnerships between OpenSea and other projects. OpenSea shared a screenshot on May 6 showing the fake news about partnerships. The screenshot also contained a link…
IKEA Canada confirms data breach involving personal information of approximately 95,000 customers
Chris Fox reports on an insider-wrongdoing breach that sounds like it was detected and stopped fairly quickly, but not before more than 90,000 customers could have had their data accessed. IKEA says that it has notified Canada’s privacy watchdog following a data breach involving the personal information of approximately 95,000 customers. In a statement provided…
Indian government makes user data collection mandatory for VPNs; Providers debate leaving country
Rahul Verma reports: The Indian government has introduced a new IT policy that requires virtual private network companies (VPNs) to collect extensive customer data and maintain it for five years or more. The directive came from Computer Emergency Response Team, CERT-in. The new policy lists data centers and crypto exchanges under the same provision. The…
Security is a pain for American Dental Association: Ransomware infection feared
Jessica Lyons Hardcastle reports: The Black Basta crime gang has claimed it infected the American Dental Association with ransomware. While the professional association confirmed to The Register it was the victim of a “cybersecurity incident” that occurred on or around April 21, it did not disclose the nature of the attack. As of Friday last week, the organization…