Russian national Yevgeniy Nikulin has been in custody for four years now on charges he hacked LinkedIn, Dropbox, and the now-defunct FormSpring in 2012. His trial was scheduled to begin in a federal court in California in March, but then the coronavirus pandemic delayed it. The trial finally got going, but how solid is the…
Category: Hack
Hackers hijack Twitter account of Russia’s Ministry of Foreign Affairs, offer to sell stolen data
Graham Cluley writes: Normally the official Twitter account of Russia’s Foreign Ministry’s Crisis Management Centre does not make for the most fascinating read. Normally @MID_travel simply retweets messages from other Russian government departments or embassies, as it offers advice on how Russian citizens can remain safe abroad. But on July 2nd, the account was compromised by hackers…
Why should the health plan offer credit monitoring in this case? (UPDATED)
I was reading yet another press release about an incident involving protected health information. This one was from Independence Blue Cross in Philadelphia. Let me start by quoting the relevant part and then I’ll meet you on the other side: On May 8, 2020, the Independence Blue Cross Privacy Office was notified that certain member information…
Hackers obtain Covid-19 patient database in protest at treatment of Indian health workers
Joe Wallen reports: Hackers claim they have accessed the personal data of 80,000 Covid-19 patients in New Delhi stored on a local government website, in protest at the treatment of beleaguered healthcare workers. The Kerala Cyber Hackers group says it broke into the Delhi Government’s Delhi State Health Mission website in less than 10 minutes on Saturday night. Read…
Seller floods hacker forum with data stolen from 14 companies
Lawrence Abrams reports: A data breach broker is selling databases containing user records for 14 different companies he claimed were breached by hackers in 2020. When a company is breached, threat actors will typically download accessible databases, including account records. These databases are then sold directly to other threat actors, or the hackers utilize data…
Turkey: KVKK fines gaming company TRY 1,100,000 for breach notification violations
OneTrust DataGuidance reports: The Personal Data Protection Authority (‘KVKK’) published, on 23 June 2020, its decision (‘the Decision’) of 16 April 2020, fining a gaming company a total of TRY 1,100,000 (approx. €142,980) for data breach notification violations. In particular, the Decision concerns a data breach suffered by the gaming company in which hackers were…