Golf Punk reports: The exclusive Wentworth Club in Surrey home to the European Tour has suffered a data breach with membership data stolen. The club’ membership, which reads like a whos who of the rich and famous, has been informed by the club and asked to remain vigilant. The entire membership of over 4,000 members…
Category: Business Sector
FIN11 e-crime group shifted to CL0P ransomware and big game hunting
Derek B. Johnson reports: The financially motivated FIN11, which increasingly incorporated CL0P ransomware into their operations in 2020, appeared to rely on low-effort volume techniques like spamming malware for initial entry, but put a substantial amount of effort into each follow-up compromise. “Several of their recent ransom notes explicitly name data stolen from workstations that…
Cn: 30 Firms Reprimanded Over Data Privacy Violations in Guangdong
Regulation Asia reports: The Guangdong Communications Administration ordered 30 firms including banks and securities firms to fix the breaches and revamp their mobile phone apps. China’s GDCA (Guangdong Communications Administration) has reprimanded 30 banks, financial services and fintech firms for unauthorised data access and collection through their mobile phone apps, the SCMP reports. The GDCA alleges that…
Cybercriminals are Bypassing Multi-factor Authentication to Access Organisation’s Cloud Services
Graham Cluley writes: The US Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning to companies to better protect their cloud-based accounts after several recent successful attacks. According to an advisory published by CISA, an increasing number of attacks have succeeded as more employees have begun to work remotely with a variety…
Ph: Privacy Commission summons operators of website that exposed car owners’ personal data
There’s an update to a data leak situation previously noted on this site. It’s always interesting to me to see how other countries handle privacy violations or data leaks. It looks like the NPC has the authority — and uses it — to order ISPs to block access to problematic web sites that violate privacy….
Hy-Vee agrees to settle the class action lawsuit over payment card data breach
In August, 2019, Hy-Vee announced that it was investigating a payment card breach affecting customers who had used some of their fuel pumps, drive-thru coffee shops, and restaurants. Three days later, Brian Krebs reported: On Tuesday of this week, one of the more popular underground stores peddling credit and debit card data stolen from hacked…