It is always a bit awkward when threat actors reveal a breach before the victim releases their version of events. In this case, home safety giant ADT notified the SEC about a breach after data from it was already being leaked on a hacking forum. On July 31, a forum user with a high positive…
Category: Business Sector
Personal Data of 3 Billion People Stolen in Hack, Suit Says
Cassandre Coyer reports: Jerico Pictures Inc., a background-check company doing business as National Public Data, exposed the personal information of nearly 3 billion individuals in an April data breach, a proposed class action says. On April 8, a cybercriminal group by the name of USDoD posted a database entitled “National Public Data” on a dark…
Ring, Ring, it’s the FCC Calling- TracFone to Pay $16M to Settle FCC Investigation
Liisa M. Thomas, Tracy Chau, and Kathryn Smith of SheppardMullin write: TracFone, the pre-paid phone company, recently settled with the FCC over allegations that the company failed to protect customer information during three different data incidents. According to the FCC, in each of the incidents, threat actors gained access to customer information, including names, addresses, and features…
CA: Legal services vendor hacked in April, medical information acquired by hacker
Another legal services vendor discloses a breach: Compex Legal Services Inc. (“Compex”) recently discovered an incident that may have impacted the privacy of information related to certain individuals. Compex provides record retrieval and litigation support services to insurance carriers, third party administrators and law firms. As Compex continues to investigate and work toward notifying impacted…
North Korean Hackers Targeted Cybersecurity Firm KnowBe4 with Fake IT Worker
James Coker reports: Cybersecurity awareness training company KnowBe4 has revealed it was duped into hiring a fake IT worker from North Korea, resulting in attempted insider threat activity. The malicious activity was identified and prevented before any illegal access was gained or any data was compromised on KnowBe4 systems. In a blog published on July 23,…
Hacked in 2022, Dell & Dean law firm first notifying affected clients now
From DataBreaches’ “Now what does THIS mean?” file, a notification letter from Dell & Dean PLLC, a law firm in New York. On July 17, Dell & Dean’s external counsel notified the Maine Attorney General’s Office about a breach in September 2022 that affected 6,803 people. A copy of the firm’s notification letter was appended…