P.R. Lockhart reports: Almost two months after revelations that the government had posted personal information of undocumented victims of abuse in a publicly searchable database, US Customs and Immigration Enforcement says that it has corrected the issue. In May, Mother Jones reported that the names of undocumented abuse victims were searchable in the Department of Homeland Security’s…
Category: U.S.
Lucchese computer hacker sentenced to 18-months in federal prison
Andra Litton has the follow-up to a case previously noted on this site: A disgruntled ex-employee of Lucchese Boots was sentenced to 18-months in federal prison and ordered to pay $57,396.76 in restitution Wednesday after pleading guilty to one count of transmission of a program to cause damage to a computer. The computer breach happened…
Dow Jones Data Leak Results from Amazon AWS Configuration Error
Kelly Sheridan reports: A data leak at Dow Jones & Co. exposed the personal information of millions of customers after a public cloud configuration error. This marks the fifth major public cloud leak in the past several months after similar incidents affected Verizon, the WWE, US voter records, and Scottrade. This mistake compromised millions of…
Schools’ information up for sale on darknet?
Another listing I stumbled across while browsing what’s for sale on the darknet offered emails from what the seller claimed are .edu, dadeschools.net, and k12.wi.us, among other sources. The vendor, “dnu2k,” was asking $16.94 and claimed to have “Only 1 in stock!” I contacted the vendor to try to obtain more information, and (s)he replied that…
Veterans Administration responds to Freedom of Information request; releases breach reports
So what did we miss because the Veterans Administration stopped posting their monthly breach reports to Congress on their web site? DataBreaches.net filed a Freedom of Information request on June 7, and the VA has responded by providing all of the requested monthly reports for the period May, 2016 – June 7, 2017. As an…
Atlanta neurological clinic notifies patients of ransomware attack AND an older hack
In the process of investigating a ransomware incident, Peachtree Neurological Clinic discovered an earlier hack going back to February 2016. They posted the following notice on their web site: Peachtree Neurological Clinic, P.C. (“PNC”) of Atlanta, Georgia has advised its patients of a privacy event that may have compromised certain personal information. The events are…