Ben Edwards reports: UK listed law firm Gateley said that it has suffered a cyberattack, according to a filing to the London Stock Exchange on Wednesday. The firm’s incident response is described in somewhat interesting terms: “The impacted data was traced quickly and deleted from the location to which it had been downloaded and there…
Category: Business Sector
UK’s Cake Box says customers informed about 2020 data breach
Aby Jose Koilparambil reports: UK-based cake maker and retailer Cake Box Holdings Plc (CBOX.L) said on Thursday it had informed customers about a data breach in 2020 that might have compromised their personal information. Source: U.S. News Somewhat surprisingly in this day and age, Reuters also reported that shares of the stock fell 8%. As we’ve seen…
Your Pricey Peloton Has Another Problem For You To Sweat Over
Savannah Sicurella reports: Peloton users have something new to worry about. In a new report, security company McAfee says hackers can gain remote access to a Peloton bike’s camera and microphone and can monitor users. The attackers can also add apps disguised as Netflix and Spotify to encourage users to input login credentials for later malicious…
Smoking Out a DARKSIDE Affiliate’s Supply Chain Software Compromise
Tyler McLellan, Robert Dean, Justin Moore, Nick Harbour, Mike Hunhoff, Jared Wilson, Jordan Nuce of FireEye report: Mandiant observed DARKSIDE affiliate UNC2465 accessing at least one victim through a Trojanized software installer downloaded from a legitimate website. While this victim organization detected the intrusion, engaged Mandiant for incident response, and avoided ransomware, others may be…
Alibaba Falls Victim to Chinese Web Crawler in Large Data Leak
Yang Jie and Liza Lin report: A Chinese software developer trawled Alibaba Group Holding Ltd. ’s popular Taobao shopping website for eight months, clandestinely collecting more than 1.1 billion pieces of user information before Alibaba noticed the scraping, a Chinese court verdict said. The software developer began using web-crawling software he designed on Taobao’s site starting in November…
SEC Settles Enforcement Action for Disclosure Controls Violations Stemming from Data Security Incident
Kate Hanniford writes: The SEC has settled an enforcement action against a large title insurer in connection with public statements and disclosures made by the company in May 2019 relating to a data security incident. The underlying data security incident was the subject of the first set of charges brought by the New York Division of Financial…