Seen on Netcom-Kassel (translation): Information according to Paragraph 109a TKG, 34 GDPR on a security incident (status: 05.02.2021) On Monday, January 18, 2021, the Netcom Kassel Gesellschaft für Telekommunikation mbH was the target of a hacker attack. Some of the general IT systems were affected by the attack, which is why they are currently only…
Category: Business Sector
The Eleventh U.S. Circuit Weighs in on Data Breach Standing Issues
Alfred Saikali of Shook, Hardy & Bacon L.L.P. writes: Yesterday, in a 26-page opinion, the 11th U.S. Circuit Court of Appeals has weighed in on two important questions in the world of privacy and data breach litigation. First, does a plaintiff have standing where he was exposed to a substantial risk of future identity theft, even…
SitePoint hacked: Hashed, salted passwords pinched from web dev learning site via GitHub tool pwnage
Gareth Corfield reports: SitePoint, an Australian learn-to-code publishing website, has been compromised while promoting the book Hacking for Dummies on its homepage. Reg reader Andy told us: “Got an email from SitePoint this morning saying that they had been hacked and some non-important (to them) stuff like names, email addresses, hashed passwords etc might have been stolen. Coincided with…
Alleged breaches impacting Indians, Malaysians, under investigation
India: Airtel continues to deny that it had a breach affecting more than 2.5 million subscribers’ data, despite reports and seeming evidence to the contrary. According to a statement they issued, the threat actors who call themselves “Red Rabbit Team” have made various claims over the past 15 months. “This group has been in touch…
BR: Eletronuclear administrative network suffers ransomware attack
Luis Queiroz reports (translation): In a statement to the market, Eletrobras ensures that the systems of the administrative network of the subsidiary Eletronuclear are not connected, for security reasons, with the operating systems of the nuclear plants Angra I and Angra II. IT teams were able to contain the attack and prevent damage to the…
Security firm Stormshield discloses data breach, theft of source code
Catalin Cimpanu reports: French cyber-security firm Stormshield, a major provider of security services and network security devices to the French government, said today that a threat actor gained access to one of its customer support portals and stole information on some of its clients. The company is also reporting that attackers managed to steal parts…