January 27 — Epsilon Data Management LLC (Epsilon), one of the largest marketing companies in the world, has entered into a settlement with the Department of Justice to resolve a criminal charge for selling millions of Americans’ information to perpetrators of elder fraud schemes. Epsilon entered into a deferred prosecution agreement (DPA) with the Consumer…
Category: Business Sector
Wind River Security Incident Affects SSNs, Passport Numbers
Lindsey O’Donnell reports: Wind River Systems, which develops embedded system software, on Friday warned of a “security incident” that had exposed personnel records. One or more files were downloaded from the company’s network on or around September 29, it said. Affected data included information maintained within the company’s personnel records – including critical data like…
Personal Data of 3 Million+ People Exposed In DriveSure Hack
Once again, breaches are discovered when security firms read forums where data are shared or posted for sale. Risk Based Security discusses what they found involving DriveSure: In a lengthy post to prove the databases’ high quality, the threat actor detailed the leaked files and the user information. Typically, hackers only share valuable segments or…
Report: American Cable and Internet Giant Comcast Exposed Development Database Online
This is a leak that deserves its own post. Website Planet reports: On December 1st, 2020 the WebsitePlanet research team in cooperation with Security Researcher Jeremiah Fowler discovered a non-password protected database that contained over 1.5 billion records. There were references to Comcast throughout the database including multiple subdomains, urls, and internal IP addresses. The publicly visible…
FTC Gives Final Approval to Settlement with Zoom over Allegations the Company Misled Consumers about Its Data Security Practices
The Federal Trade Commission finalized a settlement with Zoom Video Communications, Inc., over allegations it misled consumers about the level of security it provided for its Zoom meetings and compromised the security of some Mac users. The final order requires Zoom to implement a comprehensive security program, review any software updates for security flaws prior to release and ensure…
Lawmakers press NSA for answers about Juniper hack from 2015
Justin Katz reports: A group of Democratic lawmakers is calling on the National Security Agency to account for its part in the five-year-old breach of Juniper Networks, following a congressional investigation of the company last year. “The American people have a right to know why NSA did not act after the Juniper hack to protect…