Catalin Cimpanu reports: Microsoft said it identified more than 40 of its customers that installed trojanized versions of the SolarWinds Orion platform and where hackers escalated intrusions with additional, second-stage payloads. The OS maker said it was able to discover these intrusions using data collected by Microsoft Defender antivirus product, a free antivirus product built…
Category: Business Sector
UK: People’s Energy data breach affects all 270,000 customers
Zoe Kleinman reports: The company People’s Energy has contacted all its 270,000 current customers, following a data breach. Co-founder Karin Sode told BBC News an entire database had been stolen by hackers and included information on previous customers. Data stolen included names, addresses, dates of birth, phone numbers, tariff and energy meter IDs, she said….
Cyberattack hits Israeli companies, with Iran reportedly the likely culprit
Oops. I missed this one last week. Stuart Winer reports: A major cyberattack earlier this month hit dozens of Israeli logistics companies, with hackers making off with information from servers, according to a report of the incident by one of the victims filed Sunday to the Tel Aviv Stock Exchange. The attack hit Amital Data,…
Suspected Russian hacking spree extended beyond SolarWinds users
Joseph Menn reports: The massive hacking campaign disclosed by U.S. officials this week and tentatively attributed to the Russian government extended beyond users of pervasive network software that had been compromised. “The SolarWinds Orion supply chain compromise is not the only initial infection vector this APT actor leveraged,” said DHS’s Cybersecurity and Infrastructure Security Agency,…
Security breach on Emirati website leads to leaked info of Israelis
Tobias Siegal reports: An Emirati website has leaked the personal information of thousands of Israelis who used it for planning their trip to Dubai, the N12 news site reported Thursday. The Dubai-based website Sharaf Travels was used by many Israelis who took the exciting opportunity to vacation in Dubai, as new Middle East destinations traditionally closed to…
Company that Provides Travel Emergency Services Settles FTC Allegations it Failed to Secure Sensitive Consumer Data
It feels like it’s been a while since we’ve seen an FTC data security case (well, apart from Zoom’s issues). Today, FTC issued a press release about a settlement stemming from SkyMed International’s misconfigured elastic search instance that exposed more than 130,000 people’s information. The exposed data were discovered by Jeremiah Fowler and reported in…