What should states do when notification is made but took more than one year? Are explanations sufficient to avoid any penalties for late notice? Here’s a case where notice to some individuals was made more than 7 months after discovery of a problem, but others did not get notified for more than one year. Read…
Category: Business Sector
Booking data stolen from Japanese short-time love hotel booking service HappyHotel
Duncan Riley reports: Japanese short-time love hotel search engine HappyHotel has suffered a data breach in which the details of clients were accessed by unknown hackers. The breach occurred on Dec. 22, with usernames, passwords, date of birth, phone numbers and home addresses of customers all being stolen. “Love hotels” are accommodations where people take…
KS: Computer Programmer Sentenced In Cyberattack Threat Case
A Wichita computer programmer was sentenced today to three years federal probation and a $2,000 fine for threatening cyberattacks against two web sites that posted criticism of Wichita lawyer Brad Pistotnik, U.S. Attorney Stephen McAllister said. David Dorsett, 37, Wichita, Kan., pleaded guilty to two counts of making extortionate threats via the internet. In his…
What OPSEC? Member of “thedarkoverlord” allegedly used his personal details to set up hacking and extortion-related accounts.
In what seems like a mind-boggling OPSEC #FAIL, a U.K. man associated with thedarkoverlord allegedly used his real details to create bank accounts as well as to open email accounts, phone numbers, vpn, Twitter, and PayPal accounts that thedarkoverlord used as part of its operations to hack and extort victims. For a group that signed…
FTC Finalizes Settlement with Utah Company and its former CEO over Allegations they Failed to Safeguard Consumer Data
The Federal Trade Commission has granted final approval to a settlement with a Utah-based technology company related to allegations that the firm failed to put in place reasonable security safeguards, allowing a hacker to access the personal information of more than a million consumers. The FTC alleged that InfoTrax Systems, L.C. and its former CEO Mark Rawlins failed to…
Maze Ransomware Sued for Publishing Victim’s Stolen Data; Irish ISP hosting MazeNews takes down site
Lawrence Abrams reports: The anonymous operators behind the Maze Ransomware are being sued by a victim for illegally accessing their network, stealing data, encrypting computers, and publishing the stolen data after a ransom was not paid. The company suing Maze is Southwire, a leading wire and cable manufacturer from Carrollton, Georgia, who was attacked in December…