Eugene Daniel reports: Tuesday, Gbadebo Adebiyi, 41, admitted in federal court to participating in a scheme dating back to 2015. Then, Bradley University reported a data breach of employees’ personal information which was used to file false 2014 tax returns. Adebiyi confessed to working with others to collect money from the tax returns. Read more on Central Illinois…
Category: Breach Incidents
With at least 23 incidents and 29,000 victims, the W-2 phishing season is in full swing
Over on Salted Hash, Steve Ragan has also been compiling data on victims of business email compromise (BEC) W-2 phishing scams. BEC W-2 phishing scams are the scams where someone poses as an executive of your organization and sends you an email from an address that at first glance might appear to be real. Their email…
Used government computers bought at auction filled with personal information
The 1980s called…. Scott Noll reports that a KHOU investigation “once again found the City of Houston selling private, personal information through online auctions of used government equipment.” What did they find, you wonder? “On one of the computers, we found a database containing over 100,000 medical records,” explained computer expert Gary Huestis. They do…
Data from 2014 hack of children’s online game Bin Weevils leaked online; hacker claims 20m records
We’ve seen it before – in fact, we seem to be seeing it a lot recently – data from an old hack first being publicly leaked. This time it’s Bin Weevils, a British online children’s game, owned by 55 Pixels. In September 2014, Bin Weevils posted a note on their site that they had discovered a “vulnerability”…
Ca: Victim of arson spree questions ICBC’s handling of privacy breach
There’s a follow-up to a breach that I had described as one of the worst insider breaches at its time – because it put lives at serious risk and some victims were firebombed or shot at. Mi-Jung Lee and Kendra Mangione recently interviewed one of the victims, who continues to have concerns about the handling…
Rewards “R” Us members notified of forced password reset
Toys “R” Us has been notifying members of their Rewards “R” Us program after they obtained evidence of attempts to gain unauthorized access to some accounts. A spokesperson for the retailer tells DataBreaches.net: The vendor responsible for our loyalty program made us aware of unauthorized attempts to access our Rewards member accounts. This appears to be…