Once again, a service owned and control by a division of official Sony Entertainment has slipped up. This time, their error exposed a elasticsearch server leaking log entries that feed into a third-party tool. Sony is no stranger when it comes to reports of poor infosecurity and hacking incidents, but it is not often we…
Category: Business Sector
China Citizen Watch (Finally) Secures 150TB of Leaking Data
China Citizen Watch, the official Chinese division of the Japanese watch giant Citizen, and Bulova Watch Company (a Citizen brand in the U.S.) have both been affected because China Citizen Watch or its hosting company left an unsecured RSYNC server online with more than 150TB of files. Cursory skimming of the files, necessitated by Citizen…
Ca: Manitoba insurance company struck by ransomware attack
Canadian Press reports: A Manitoba-based insurance and financial brokerage that has clients across the Prairies has been hit by a ransomware attack that it hadn’t publicly disclosed. Andrew Agencies, based in Virden, appears on a list of targets published online this week by an international cybercriminal gang. Read more on CHVN.
AU: Nine more charges for NSW data breach accused
Steven Trask reports: The Sydney IT contractor allegedly responsible for a massive data breach that cost an ASX-listed property evaluation company more than $8 million is now facing additional charges. Stephen Grant allegedly accessed and published more than 170,000 data sets including names, addresses, contact numbers, property valuations and driver’s licences between September 2017 and…
CMS Blue Button API Coding Error Potentially Exposes Health Data
Jessica Davis reports: December 18, 2019 – The Centers for Medicare and Medicaid Services has taken its Blue Button 2.0 API offline, as it investigates a coding error that potentially exposed the protected health information of about 10,000 beneficiaries. The BB2.0 platform is used by Medicare beneficiaries to authorize third-party applications to access their Medicare claims data. The system…
Ca: Shaw customers notified of data breach that happened back in June
Alanna Kelly reports: Shaw customers have been notified by mail about a security risk after a company laptop containing some people’s personal information was stolen months ago. In a letter to customers, Shaw Communications Inc. said the computer belonging to a Shaw employee was stolen on June 22. Read more on CTV. CBC News reported…