Antonella Artuso reports: The privacy of 4,500 Ontario Cannabis Store customers was breached through what the online retailer says was a weakness in Canada Post’s tracking website, the Toronto Sun has learned. The information obtained was the buyer’s name or initials, postal code, date of cannabis delivery, the Canada Post tracking number and OCS’ corporate…
Category: Business Sector
Data of nearly 700,000 Amex India customers exposed via unsecured MongoDB server
Catalin Cimpanu reports: The personal details of nearly 700,000 American Express (Amex) India customers have been accidentally left exposed online via an unsecured MongoDB server. The leaky server, which was left exposed online without a password, was discovered three weeks ago by Bob Diachenko, Director of Cyber Risk Research at cyber-security firm Hacken. Most of…
Bankers Life notified more than 566,000 after hack of employees’ email resulted in breach of PHI
The following is a Bankers Life announcement of a security incident that appears on HHS’s public breach tool under the name “CNO Financial Group, Inc.” According to the report to HHS, the breach affected 566,217 members protected health information. On October 25, Bankers Life1 notified certain customers about a data security issue. We take the…
Sim Swapping Crypto Hacking Group Busted in Turkey
From TrustNodes: Turkish police has arrested 11 individuals on suspicion of hacking cryptocurrencies through Sim Swapping. The individuals in question allegedly tricked phone providers into transferring the victim’s phone number to them. Apparently fake IDs were prepared for this operation, according to local crypto media, with the thieves pretending the victim’s phone was stolen. They…
Five Guys notifies employees of data breach
I won’t let this devolve into a debate on who makes the best hamburgers, but Five Guys Enterprises, LLC is notifying its employees about a data breach that affects them. According to a copy of its notification letter, submitted to the California Attorney General’s Office on November 2: On August 6, the firm discovered that…
Bowker Investigating Breach of ISBN Site
Jim Milliot reports: In a notice posted on its website late last week, R.R. Bowker said it has learned that unauthorized charges were being made on its www.myidentifiers.com website, which is responsible for issuing ISBNs. The company said its preliminary investigation has found that the breach appears to have happened over the course of multiple…