Vito Pilieci reports: The Office of the Privacy Commissioner of Canada will monitor American credit agency Equifax Inc. for the next six years after an investigation into a massive data breach of personal information at the firm in 2017. […] The commissioner has also released a “compliance agreement” with the company that cracks down on…
Category: Business Sector
Yahoo strikes $117.5 million data breach settlement after earlier accord rejected
Jonathan Stempel reports: Yahoo has struck a revised $117.5 million settlement with millions of people whose email addresses and other personal information were stolen in the largest data breach in history. The proposed class-action settlement made public on Tuesday was designed to address criticisms of U.S. District Judge Lucy Koh in San Jose, California. She…
Pick-Six: Intercepting a FIN6 Intrusion, an Actor Recently Tied to Ryuk and LockerGoga Ransomware
From a recent report by Brendan McKeague, Van Ta, Ben Fedore, Geoff Ackerman, Alex Pennino, Andrew Thompson, Douglas Bienstock of FireEye: Recently, FireEye Managed Defense detected and responded to a FIN6 intrusion at a customer within the engineering industry, which seemed out of character due to FIN6’s historical targeting of payment card data. The intent…
Senate Permanent Subcommittee on Investigations Rips Into Equifax Over Its Massive 2017 Data Breach.
So the Congressional report on Equifax’s massive 2017 databreach was released. The title gives you a clue as to what you can expect to read in it: HOW EQUIFAX NEGLECTED CYBERSECURITY AND SUFFERED A DEVASTATING DATA BREACH STAFF REPORT PERMANENT SUBCOMMITTEE ON INVESTIGATIONS UNITED STATES SENATE The report is 71 pages, and the following is…
UK: Law Firm Launches $6.5 Million Action Against Ticketmaster Over Data Breach
Richard Smirke reports: A British law firm has launched a £5 million ($6.5 million) legal action against Ticketmaster following last year’s security breach, which is believed to have affected up to 40,000 U.K. customers. […] The U.K. arm of Ticketmaster detected a major security breach on June 23, 2018 when it identified malicious software on…
Chinese companies have leaked over 590 million resumes via open databases
Catalin Cimpanu reports: Chinese companies have leaked a whopping 590 million resumes in the first three months of the year, ZDNet has learned from multiple security researchers. Most of the resume leaks have occurred because of poorly secured MongoDB databases and ElasticSearch servers that have been left exposed online without a password, or have ended up online…