From a new blog post by Microsoft: In recent weeks, we have seen evidence that Midnight Blizzard is using information initially exfiltrated from our corporate email systems to gain, or attempt to gain, unauthorized access. This has included access to some of the company’s source code repositories and internal systems. To date we have found…
Category: Business Sector
41 State Attorneys General tell Meta to do better in preventing and mitigating account takeovers
A coalition of state attorneys general have sent a letter to Meta asking them to do more to help users whose accounts have been hacked or taken over. The letter to Meta’s Chief Legal Officer begins: Dear Ms. Newstead: We, the undersigned attorneys general (the “State AGs”), write to request immediate action to address the…
Hacker’s attempt to sue police is ‘abuse of process’
RL360 Insurance Company Limited is an international offshore savings, protection and investment provider, headquartered in the Isle of Man. According to Wikipedia, it is part of the International Financial Group Limited. Threefm reports that John Henry Griffin, a former RL360 employee who was convicted of unauthorized access to data and unlawful acquisition of personal data,…
Fraudster’s fake data breach claims should remind media to be careful what we report
Over the past few weeks, DataBreaches had occasionally checked a dark web leak site by an individual or group called “Mogilevich.” However, DataBreaches didn’t report on any of their claimed victims because the site and the claims seemed sketchy and there was no confirmation. DataBreaches will not name and shame those sites or outlets that…
Au: Privacy Watchdog to investigate HWL Ebsworth over security and notifications
Jeremy Nadel reports: The investigation will cover whether the law firm violated the Privacy Act by failing to protect sensitive data or properly notifying individuals affected by the breach. The breach saw 1.1TB of data lost to hackers and impacted 65 government agency clients’ data as well as data belonging to private firms as well. The Office of…
U.S. Internet Leaked Years of Internal, Customer Emails
Brian Krebs reports: The Minnesota-based Internet provider U.S. Internet Corp. has a business unit called Securence, which specializes in providing filtered, secure email services to businesses, educational institutions and government agencies worldwide. But until it was notified last week, U.S. Internet was publishing more than a decade’s worth of its internal email — and that of thousands of…