In May, 2017, a young man from the U.K. became known as an “accidental hero” for saving the world from the further spread of WannaCry ransomware. But months later, this same hero, Marcus Hutchins, known online as @MalwareTech, was arrested in the U.S. as he tried to fly home after attending the Black Hat and…
Category: Breach Incidents
The 2018 Internet Crime Report is out: a first glance
The The FBI’s Internet Crime Complaint Center (IC3) 2018 Internet Crime Report has been released. The report includes information from 351,936 complaints of suspected Internet crime, with reported losses in excess of $2.7 billion. Here’s a spoiler alert, as I haven’t had time to read the entire report yet. From their summary: This past year,…
Bodybuilding.com experiences data security incident
CBS2 reports: Bodybuilding.com announced Friday that some of their employment-related information may have been accessed in a data security incident. The possible information accessed could have been group health plan subscriber information, such as protected health information of certain employees and former employees. “While the Company has no evidence that personal information was accessed or…
TX: EmCare Says Patient and Employee Personal Data Were Hacked
Jim Silver and Hailey Waller report: EmCare Inc. recently learned an unauthorized party obtained access to a number of employees’ email accounts that contained the personal information of as many as 60,000 individuals, 31,000 of which are patients, the company said in an email. On Feb. 19, the physician-services provider determined the accounts contained some…
Iranian Ride-Hailing App Database Exposure
Bob Diachenko reports: On April 18th, during our regular security audit of nonSql databases with BinaryEdge search engine, I have discovered an open and publicly available MongoDB instance which contained astonishingly sensitive information on Iranian drivers. Information was structured to include the following data fields: Driver first name and last name SSN (10-digits Iranian ID…
Millstone man sentenced for hacking women’s accounts and then uploading their nude images
Vin Ebenau reports: A Monmouth County man will spend five years in prison for hacking into the private cloud based accounts of two women and then stealing lewd videos and images of them which he preceded to post on publicly accessible websites, announced New Jersey Attorney General Gurbir Grewal. Patrick S. Farrell, 37, of Clarksburg…