ACY Securities describes itself as one of Australia’s fastest growing multi-asset online CFD trading providers. But as first reported by HackRead, the trading firm was leaking 60 GB of user data until independent researcher Anurag Sen persisted in trying to alert them to a misconfigured elasticsearch database. As seen by Hackread, the data included personally…
Category: Breach Incidents
Pysa shuttered its leak site before it ever dumped data from more than half a dozen schools. Here’s what we know so far.
The education sector has always been a relatively easy target for cybercriminals. One group in particular — Pysa — earned a reputation for its ransomware attacks on schools. Despite analyses and alerts in March, 2021 by threat intel firms and the U.S. government indicating that Pysa was a major threat to the education sector in…
Are victims of Netgain ransomware incident first being notified now?
Accounting firm Perkins & Co. in Portland Oregon has submitted a notification to the Vermont Attorney General’s Office about a breach that goes back to 2020 — the Netgain ransomware incident that impacted numerous clients and individuals. According to Perkins’ notification, Netgain first notified them of the breach in December 2020. So why did it…
Today’s exercise in reading between the lines
A recent notification by Aon had DataBreaches wondering exactly what went on with their incident response. Consider their description of what happened: What Happened? On February 25, 2022, Aon identified a cyber incident that, upon investigation, impacted a limited number of systems. Once the incident was discovered, Aon immediately retained leading cybersecurity firms to assist…
Potential privacy breach after documents stolen from abandoned Auckland police station
Rachel Maher reports: Police have alerted the Privacy Commissioner after a burglar broke into the former Auckland police station and stole documents and expired pepper spray. The police were made aware of the break-in while carrying out a search warrant at a Mount Albert address where police property was found. The items found included documents…
Martin University discloses ransomware incident
Martin University in Indianapolis disclosed that they were hit by a ransomware attack on January 3, 2022, and have been investigating the incident since then. As is often the case with these attacks, the university was unable to determine whether there had been actual access to files with personal information. As a result, they are…