There’s a follow-up to a breach noted previously on this site. Clifford Lo reports: A 30-year-old Hong Kong man was arrested in connection with cyberattacks in which the computers of two travel agencies in the city were hacked and their clients’ sensitive personal information held for ransom, with payouts in bitcoin sought last week. As…
Category: Business Sector
Online Shop Can’t Determine Card Breach Onset Due To “Lack of Backups”
I tweeted about this breach disclosure earlier today after Zack Whittaker called everyone’s attention to it, and I am glad to see that Catalin has written the matter up: In a data breach notification letter submitted to the Office of the Attorney General for the state of California, a makeup product vendor said it could…
UK: Record fines for company, senior staff and private investigators involved in illegal trade in personal information
A firm of loss adjusters has been fined £50,000 for unlawfully disclosing personal data which had been obtained illegally by senior employees and rogue private investigators. A director and a senior member of staff at Kent-based Woodgate and Clark Ltd have also been sentenced to record financial penalties, along with the private investigators involved. The…
Creditseva hacked, personal and sensitive data accessed
CyberWarNews.info has the exclusive on this one: Creditseva has been in the headlines before for the wrong reasons after security researcher Chris Vickery discovered that they had failed to secure a s3 instance which left tens of thousands personal details exposed. Moving on months later and it has come to my attention that Creditseva has now…
Two Hong Kong travel agencies reveal hacks and ransom demands
Ernest Kao, Danny Lee, and Christy Leung report that two travel agencies have disclosed that they have been hacked and ransom demanded. It’s not totally clear from their statements whether these are both ransomware incidents and if they’re by the same threat actor(s). SCMP reports: Goldjoy, which has three branches, revealed on Thursday that unauthorised…
FTC Gives Final Approval to Lenovo Settlement
The Federal Trade Commission has given final approval to a settlement with Lenovo Inc., related to charges that the company harmed consumers by pre-loading software on some laptops that compromised security protections in order to deliver ads to consumers. In its complaint, the FTC charged that beginning in August 2014 Lenovo began selling consumer laptops in…