The Information Commissioner’s Office (ICO) has fined Facebook £500,000 for serious breaches of data protection law. In July, the ICO issued a Notice of Intent to fine Facebook as part of a wide ranging investigation into the use of data analytics for political purposes. After considering representations from the company, the ICO has issued the…
Category: Business Sector
Security company sued after alleged information leak
Oops. I missed this one when WTOC first reported it on October 17th: Dozens of social security numbers connected to work hours and rates of pay are at risk of being used by criminals because of the actions of a security firm supervisor. Those are the allegations in a lawsuit filed by a Savannah law…
TRITON Attribution: Russian Government-Owned Lab Most Likely Built Custom Intrusion Tools for TRITON Attackers
FireEye writes: In a previous blog post we detailed the TRITON intrusion that impacted industrial control systems (ICS) at a critical infrastructure facility. We now track this activity set as TEMP.Veles. In this blog post we provide additional information linking TEMP.Veles and their activity surrounding the TRITON intrusion to a Russian government-owned research institute. FireEye…
Data leak at consulting firm handling fundraisers for the Democratic party
Catalin Cimpanu reports: A Maryland consulting firm that handles political fundraisers for the Democratic Party has left fundraiser data and passwords to databases storing voter records exposed online via an unsecured network attached storage (NAS) device. The exposed data was found last week by Bob Diachenko, Director of Cyber Risk Research at Hacken, a cyber-security…
Cathay Pacific flags data breach affecting 9.4 million passengers
Reuters reports: Cathay Pacific Airways said on Wednesday (Oct 24) that data of about 9.4 million passengers of Cathay and its unit Hong Kong Dragon Airlines had been accessed without authorisation. Cathay said 860,000 passport numbers, about 245,000 Hong Kong identity card numbers, 403 expired credit card numbers and 27 credit card numbers with no…
Update: TIO Networks notifies consumers of breach going back to 2014 or earlier
TIO Networks USA was acquired by PayPal in July, 2017. Months later, they reported, services were suspended after discovery of vulnerabilities. Investigation into those vulnerabilities resulted in TIO having to report that it had been hacked by 2014 and possibly earlier. According to information provided in December, 2017, 1.6 million consumers were affected. From their…