Over on TechDirt, Karl Bode writes: Gravy Analytics, the parent company of Venntel, is like many dodgy data brokers. The company gleans vast troves of sensitive U.S. behavior and location cellphone data, then generally sells access to that data to a long line of folks. Including the U.S. government, which has increasingly turned to buying…
Category: Business Sector
Hacked on Christmas, DEphoto starts notifying customers, only to be attacked again
The threat actor known as 0mid16B contacted DataBreaches this morning to alert this site to a breach involving a U.K. photo business, DEphoto (DEphoto[.]biz). DEphoto is an established business for school, sports, club, and event photography. According to 0mid16B, they attacked DEphoto on December 25, and acquired the personal information of 555,952 customers, 429,597 orders…
U.S. Army Soldier Arrested in AT&T, Verizon Extortions
Brian Krebs reports: Federal authorities have arrested and indicted a 20-year-old U.S. Army soldier on suspicion of being Kiberphant0m, a cybercriminal who has been selling and leaking sensitive customer call records stolen earlier this year from AT&T and Verizon. As first reported by KrebsOnSecurity last month, the accused is a communications specialist who was recently stationed in South Korea….
Massive VW Group Data Leak Exposed 800,000 EV Owners’ Movements, From Homes To Brothels
Thanos Pappas reports: Many people worry about hackers stealing their personal data, but sometimes, the worst breaches come not from shadowy cybercriminals but straight from the companies we trust. According to a new report from Germany, the VW Group stored sensitive information for 800,000 electric vehicles from various brands on a poorly secured Amazon cloud—essentially leaving…
Japan Airlines recovers from cyberattack, confirms no customer data leaks
Financial Express reports: Japan Airlines (JAL) has resolved a system malfunction caused by a large-scale cyberattack, assuring the customers that no data breaches or virus infections have taken place. The ticket sales for same day flights have started again. However, certain specific domestic flight services such as an upgrade option, airport standby continues to be unavailable….
Today’s insider threat: Ardyss edition
Here’s today’s reminder of the insider threat. And also the external threat. Consider it a pre-holiday twofer. DataBreaches was contacted yesterday by “0mid16B,” the same individual who was responsible for previously hacking The1 Card, Thailand’s most popular loyalty program. In their latest contact, they claim to have successfully attacked Ardyss[.]com and ArdyssLife[.]com, telling DataBreaches, “In…