I tweeted about this breach disclosure earlier today after Zack Whittaker called everyone’s attention to it, and I am glad to see that Catalin has written the matter up: In a data breach notification letter submitted to the Office of the Attorney General for the state of California, a makeup product vendor said it could…
Category: Business Sector
UK: Record fines for company, senior staff and private investigators involved in illegal trade in personal information
A firm of loss adjusters has been fined £50,000 for unlawfully disclosing personal data which had been obtained illegally by senior employees and rogue private investigators. A director and a senior member of staff at Kent-based Woodgate and Clark Ltd have also been sentenced to record financial penalties, along with the private investigators involved. The…
Creditseva hacked, personal and sensitive data accessed
CyberWarNews.info has the exclusive on this one: Creditseva has been in the headlines before for the wrong reasons after security researcher Chris Vickery discovered that they had failed to secure a s3 instance which left tens of thousands personal details exposed. Moving on months later and it has come to my attention that Creditseva has now…
Two Hong Kong travel agencies reveal hacks and ransom demands
Ernest Kao, Danny Lee, and Christy Leung report that two travel agencies have disclosed that they have been hacked and ransom demanded. It’s not totally clear from their statements whether these are both ransomware incidents and if they’re by the same threat actor(s). SCMP reports: Goldjoy, which has three branches, revealed on Thursday that unauthorised…
FTC Gives Final Approval to Lenovo Settlement
The Federal Trade Commission has given final approval to a settlement with Lenovo Inc., related to charges that the company harmed consumers by pre-loading software on some laptops that compromised security protections in order to deliver ads to consumers. In its complaint, the FTC charged that beginning in August 2014 Lenovo began selling consumer laptops in…
UK: Pro-Union donors named in data leak
Hamish Macdonell reports: An investigation has been launched into a data security breach at an anti-independence campaign group in which hundreds of donor names and contact details were leaked. Scotland In Union said it had reported the breach to police and was trying to contact all those affected. The names, addresses, emails and phone numbers…