Joseph Lazzarotti and d Maya Atrakchi of JacksonLewis write: In recent years, there has been an uptick of W-2 phishing scams, and their consequences for an employer extend well beyond leaked data, including potential employee class action litigation. Just last week, a federal court in Illinois rejected a motion for class certification in a data…
Category: Business Sector
Goodwin says vendor breach may have exposed client data (updated)
Sara Merken reports: Goodwin Procter experienced an indirect security breach involving a third-party vendor whose services the firm uses for large file transfers, according to an internal memo reviewed by Reuters on Tuesday. Goodwin’s investigation into the matter, which is still ongoing, revealed a “small percentage of our clients may have experienced unauthorized access to…
BR: State-owned energy utility, COPEL, suffers cyberattack (UPDATED)
Bruno Soares reports: Companhia Paranaense de Energia (Copel) suffered cyber attacks last night that caused instability in part of its systems. According to the company, the operation and protection systems detected the attacks and the security protocols were followed, with the suspension of the operation of its computerized environment to protect the integrity of the…
Marketing Company Agrees to Pay $150 Million for Facilitating Elder Fraud Schemes
January 27 — Epsilon Data Management LLC (Epsilon), one of the largest marketing companies in the world, has entered into a settlement with the Department of Justice to resolve a criminal charge for selling millions of Americans’ information to perpetrators of elder fraud schemes. Epsilon entered into a deferred prosecution agreement (DPA) with the Consumer…
Wind River Security Incident Affects SSNs, Passport Numbers
Lindsey O’Donnell reports: Wind River Systems, which develops embedded system software, on Friday warned of a “security incident” that had exposed personnel records. One or more files were downloaded from the company’s network on or around September 29, it said. Affected data included information maintained within the company’s personnel records – including critical data like…
Personal Data of 3 Million+ People Exposed In DriveSure Hack
Once again, breaches are discovered when security firms read forums where data are shared or posted for sale. Risk Based Security discusses what they found involving DriveSure: In a lengthy post to prove the databases’ high quality, the threat actor detailed the leaked files and the user information. Typically, hackers only share valuable segments or…