K.C. Vijayan reports: The Personal Data Protection Commission imposed a $3,000 financial penalty on DataPost, a business printing and mailing solutions provider, for a data breach that led to leaks of personal financial information. The commission, which probed the case, said the sensitive nature of the data was an aggravating factor. But it was mitigated…
Category: Business Sector
GOP data firm that exposed millions of Americans’ personal information is facing its first class-action lawsuit
Natasha Bertrand reports: A data-analytics firm hired by the Republican National Committee last year to gather political information about US voters accidentally leaked the sensitive personal details of roughly 198 million citizens earlier this month. And it’s now facing its first class-action lawsuit. Deep Root Analytics, a data firm contracted by the RNC, stored details of about…
Larson Studios Breaks Silence about TheDarkOverlord hack and extortion (UPDATED)
In an intriguing follow-up to a case I reported in April concerning a hack-extortion incident involving TheDarkOverlord, Janko Roettgers reports that Larson Studios actually paid TheDarkOverlord’s 50 BTC demand. That alone would be surprising and newsworthy (there had been no payments made to the BTC wallet address given in the extortion contract), but Roettgers also…
South Korean Web Hosting Provider Pays $1 Million to Erebus Ransomware Attackers
Ionut Arghire reports: South Korean web hosting company Nayana agreed to pay $1 million in Bitcoin after a ransomware attack hit 153 Linux servers. The attack took place June 10 and resulted in over 3,400 business websites the company hosts being encrypted. According to the Nayana’s initial announcement, the attacker demanded 550 Bitcoins (over $1.6…
The Buckle, Inc. Notification of Security Incident at Some Retail Stores
6/16/17: We became aware that The Buckle, Inc. was a victim of a security incident in which a criminal entity accessed some guest credit card information follow purchases at some of our retail stores. We immediately launched a thorough investigation and engaged leading third party forensic experts to review our systems and secure the affected…
Alleged Canadian hacker may not fight U.S. extradition: lawyer
Alastair Sharp reports: The Canadian accused of helping Russian intelligence agents break into email accounts as part of a massive 2014 breach of Yahoo accounts may waive his right to fight a U.S. extradition request, his lawyer said on Friday. Karim Baratov’s lawyer Amedeo DiCarlo said he is in discussions with the Federal Bureau of…