Long-time readers know that this blogger has encountered some interesting situations over the years in response to trying to engage in responsible disclosure of leaks or incidents. As just a few examples (apart from all the lawsuit threats for exposing leaks or incidents), this blogger was: — threatened with being infected with HIV by angry…
Category: Breach Incidents
Responding to a CBS story on Palos Community Consolidated School District 118
On August 10, DataBreaches.net reported on several school districts hit by ransomware attacks. One of the districts discussed in that report was Palos Community Consolidated School District 118 in Illinois. In that section of the report, DataBreaches.net summarized some of the personnel and student data we had found in the threat actors’ data dump: There…
FocaLeaks claims to have hacked El Salvador Police, gained access to records on civilians, agents, and criminal investigations
Hacktivists known as FocaLeaks claim to have hacked and exfiltrated data on 37,000 agents of Policía Nacional Civil de El Salvador (PNC). The information can allegedly be used to access government records on all citizens and to access criminal investigations. Ransomware attacks on police departments have made headlines a number of times over the past…
ALTDOS claims to have hacked one of Malaysia’s biggest conglomerates
Threat actors known as ALTDOS continue to romp their way through attacks on ASEAN entities, garnering very little media attention as they acquire and dump millions of consumer records and proprietary information on businesses. The majority of the victims whose data they have dumped appear to be from Singapore and Thailand, but they do have…
EventBuilder misconfiguration exposed event registrants’ information
If you ever used EventBuilder to register as an attendee at an event, then you may be among those whose personal information has been exposed in a leak estimated to have affected more than 100,000 people. The leak was spotted by Bob Diachenko and responsibly disclosed by Diachenko and Clario Tech according to a new report…
Getting caught up: Conti domains seized by Irish Garda
A story by Stephen Breen inThe Irish Sun yesterday included reference to an update on the HSE attack by Conti: Earlier this month, cops seized several websites belonging to the Russian gang behind the attack in a major “disruption operation”. If anyone logs on to the sites they will see a screen warning the site…