Paul Bischoff reports: Telmate, a service used by incarcerated inmates at US prisons to communicate with their friends and loved ones, has exposed a database containing tens of millions of call logs, private messages, and personal information about inmates and their contacts. The database was exposed on the web without a password or any other…
Category: Business Sector
AU: Hackers foiled in attempt to steal $90,000 from church abuse survivor in email compromise scam
Airlie Ward reports on yet another case where hackers try to intercept/scam home buyers by posing as their real estate brokers or lawyers and having them wire money to them. In this case, the home buyer was the victim of child sexual abuse by the church, and was using the settlement to buy a home,…
RCMP charge 2 Montreal men in cyberattacks at Canadian Tire, BMO and Simplii
CBC reports: The RCMP have laid charges against two Montrealers after an investigation into high-profile cyberattacks at Canadian Tire, Bank of Montreal and Simplii a few years ago. The RCMP said in a press release Thursday that Jacob Costanzo-Peterson and Félix Costanzo-Peterson have been charged with unauthorized use of a computer, identity theft and possession of a device…
AusCERT says alleged DoE hack came from a third-party
Catalin Cimpanu reports: The Australian Computer Emergency Response Team (AusCERT) denied claims today that hackers had breached the Department of Education, Skills, and Employment (DoE), and downloaded the personal details of more than one million students, teachers, and staff. Rumors of a supposed hack first surfaced yesterday after a hacker shared an archive file on…
American Payroll Association notifies people of cyberattack on site
The American Payroll Association (“APA”) is notifying people about breach discovered in mid-July. What Happened? The APA experienced a skimming cyberattack in which personal information was accessed by unauthorized individuals. The source of the cyberattack is thought to have been a vulnerability in APA’s content management system, which allowed a “skimmer” to be installed on…
Amphastar Pharmaceuticals discovers that threat actors had exfiltrated employee data in May ransomware attack
On July 21, the DoppelPaymer ransomware threat actors added Amphastar Pharmaceuticals to their leak list. They also uploaded a number of files as proof of access and exfiltration. It was because of that listing that Amphastar eventually discovered that employee data had been stolen in a May attack. On August 27, Amphastar sent notification letters…