So the headline’s a bit of clickbait as there’s nothing really strange going on, but it’s still a useful reminder situation….. Simon Sharwood and Kat Hall report on a case where someone found a spread sheet exposed/indexed by Google. And although the company believed that they had gotten everything removed, weeks later it was still…
Category: Business Sector
AMP Global Clearing LLC fined for lax security
A monetary penalty resulted from a misconfigured backup uncovered by Chris Vickery, who was then with Kromtech Security. It was reported publicly in April, 2017 by a number of outlets, including The Daily Dot. This was one of those cases where a vendor’s mistake turned out to be costly. The Commodity Futures Trading Commission (CFTC)…
Entergy notifies employees of W-2 breach involving TALX portal
So this is not a W-2 phishing situation, but TALX – a wholly-owned subsidiary of Equifax – is working with Entergy to notify former and current Entergy employees whose 2016 W-2 data may have been acquired by criminals from the TALX portal. In a letter to the New Hampshire Attorney General’s Office, counsel for TALX…
Aperio Group client account data breached by successful phishing attack
On January 30, Aperio informed advisors of a data breach that occurred when two employees’ email accounts were compromised by successful phishing attacks that resulted in auto-forwarding email from those accounts to two external accounts. Aperio discovered the problem on January 11, 2018, and their investigation determined that all emails sent to those two accounts between…
Equifax Hack Might Be Worse Than You Think
AnnaMaria Andriotis reports: Hackers in the Equifax Inc. breach accessed more of consumers’ personal information than the company disclosed publicly last year. Equifax said, in a document submitted to the Senate Banking Committee and reviewed by The Wall Street Journal, that cyberthieves accessed records across numerous tables in its systems that included such data as…
Voter, Bee databases hit with ransomware attack
Adam Ashton reports: Two Sacramento Bee databases on a third-party computer server were seized last month by an anonymous hacker who demanded The Bee pay a ransom in Bitcoin to get the data back. The intrusion, which was discovered by a Bee employee last week, exposed one database containing California voter registration data from the…