On March 22, Simon Cohen reported: Free movie streaming site Kanopy has suffered a significant data leak, according to security researcher Justin Paine. Due to an unprotected web log database, which could be publicly accessed without authentication of any kind, Paine believes that the company has been leaking “roughly 26-40 million log lines per day beginning…
Category: Business Sector
A family tracking app was leaking real-time location data
Zack Whittaker reports: A popular family tracking app was leaking the real-time locations of more than 238,000 users for weeks after the developer left a server exposed without a password. The app, Family Locator, built by Australia-based software house React Apps, allows families to track each other in real-time, such as spouses or parents wanting…
Ransomware Forces Two Chemical Companies to Order ‘Hundreds of New Computers’
Lorenzo Franceschi-Bicchierai reports: A ransomware attack appears to have affected two American chemicals companies, Motherboard has learned. Hexion and Momentive, which make resins, silicones, and other materials, and are controlled by the same investment fund, were hit by the ransomware on March 12, according to a current employee. An internal email obtained by Motherboard and…
Class Certification Denied for Data Breach Claim Brought by Bank Against Retailer
Balch & Bingham LLP write: Last week, the U.S. District Court for the Middle District of Alabama denied Southern Independent Bank’s (“Southern Independent’s”) motion for class certification following a data breach which allegedly affected over 2,000 financial institutions across the country. Southern Independent, a community bank located in south Alabama, brought a class action complaint…
Man paid hacker to get nude photos from UCF student’s Snapchat account, police say
I missed this one when it first appeared, but it’s worth posting so that parents can once again remind their kids about online safety. Read the full news story on this one as it provides a lot of details about the hacker convincing the victim to give him the login credentials to her account, and…
Sacked IT guy annihilates 23 of his ex-employer’s AWS servers
Lisa Vaas reports: An employee-from-hell has been jailed after he got fired (after a measly four weeks), ripped off a former colleague’s login, steamrolled through his former employer’s Amazon Web Services (AWS) accounts, and torched 23 servers. […] As the Mirror reported during Needham’s January trial, the IT worker was sacked after a month of…