Gareth Halfacree reports on a somewhat atypical breach with a poor incident response by Cool Components: Hobbyist electronics specialist Cool Components has been hit with an apparent data breach in which persons unknown have made off with its customer email list – but the company claims its investigation has turned up no evidence of security issues….
Category: Business Sector
RubberStamps.net, Incipio notify customers of breaches
While uKnowKids had a somewhat despicable disclosure of their breach that involved shooting the messenger, here are two positive examples of breach disclosures I came across this week: RubberStamps.net notified about 7,000 customers that its web site was compromised between November 3, 2015 to December 11, 2015. In a well-written letter, Scott Lee, the President and CEO, Superior Labels, Inc. explained that…
Operation Blockbuster Coalition Ties Sony, Other Destructive Attacks to Lazarus Group
Michael Mimoso reports: The nation-state sponsored hacker group allegedly behind the 2014 attack against Sony Pictures Entertainment has been linked to similar intrusions against a number of companies in South Korea including the Dark Seoul and Operation Troy attacks. A coalition of security companies called Operation Blockbuster, including Kaspersky Lab, Novetta, AlienVault, Invincea, ThreatConnect, Volexity, Symantec,…
WA: Rightside employee tax information stolen in data breach
Ashley Stewart reports: Kirkland-based Rightside was the target of a “highly sophisticated phishing scam,” resulting in the theft of employees’ personal information, according to an email obtained by the Puget Sound Business Journal. The company notified affected employees this week, explaining that it had been the target of a cyber attack for several months and, on…
Spec’s sues insurance provider for legal fees related to data breaches
Ah, here’s the explanation I didn’t have the other day. Joe Martin reports: Houston-based Spec’s Family Partners Ltd. is suing its insurance provider for over $1.3 million in legal fees stemming from two data breaches, according to court documents. Spec’s filed a lawsuit in the Southern District of Texas in Houston Feb. 19 against the…
Thousands of apps running Baidu code collect, leak personal data: research
Jeremy Wagstaff and Paul Carsten report: Thousands of apps running code built by Chinese Internet giant Baidu have collected and transmitted users’ personal information to the company, much of it easily intercepted, researchers say. The apps have been downloaded hundreds of millions of times. The researchers at Canada-based Citizen Lab said they found the problems…