I thought I posted something on this already, but apparently I didn’t, so if you hadn’t heard already, an Australian shipbuilder who also has contracts with the U.S. Navy was hacked and the hacker made extortion demands that the firm has refused. Jeremy Kirk reports: Australia’s largest defense exporter says it hasn’t responded to an…
Category: Breach Incidents
British Airways admits CVV data “potentially compromised” in hack
Mark Caswell reports: British Airways has this afternoon issued an update on the recent theft of customer data from its website and mobile app. The carrier said that investigations now show that the details of 77,000 payment cards may potentially have been compromised, including “billing address, email address, card payment information, including card number, expiry…
Hack on 8 adult websites exposes oodles of intimate user data
Dan Goodin reports: A recent hack of eight poorly secured adult websites has exposed megabytes of personal data that could be damaging to the people who shared pictures and other highly intimate information on the online message boards. Included in the leaked file are (1) IP addresses that connected to the sites, (2) user passwords…
What NOT to do when researchers notify you of a breach
This story is going to be straight up, forward and simple. What not to do when a researcher like myself contacts you about a security incident. Every day all around the world researchers are being ignored by those who they attempt to help out. Recently another researcher discovered a open s3 bucket that belong to…
An OCR investigation illustrates the value of investigating small and medium-sized entities
One of the common themes in discussing security is that many organizations are not “mature” yet. And of course, as HIPAA recognizes in its security rule, smaller practices should not be expected to do everything you might expect a larger hospital system to do. But even small or medium-sized entities need to comply with the core…
“AlfabetoVirtual” Pleads Guilty To Hacking Websites For The Combating Terrorism Center At West Point And The New York City Comptroller
There’s an update to the case involving Billy Anderson, aka AlfabetoVirtual, who was pretty busy defacing sites for a year or more. From the U.S. Attorney’s Office, Southern District of New York earlier this week: Geoffrey S. Berman, the United States Attorney for the Southern District of New York, announced that BILLY RIBEIRO ANDERSON, a/k/a “Anderson…