Sergiu Gatlan reports: Financial software company Intuit discovered that tax return info was accessed by an unauthorized party after an undisclosed number of TurboTax tax preparation software accounts were breached in a credential stuffing attack. A credential stuffing attack is when attackers compile username and passwords that were leaked from previous security breaches and use those credentials to try and…
Category: Hack
VT: Rutland Regional Medical Center notifies patients after employee email accounts hacked
On Feb. 20, Rutland Regional Medical Center in Vermont posted a notice on its web site that says, in pertinent part: Rutland Regional Medical Center (“Rutland Regional”) recently discovered an incident that may affect the security of personal information of certain individuals who received care from its facility. We take this incident very seriously, and…
Privacy Commissioner Publishes Investigation Report on the 2018 Incident of Intrusion into Hong Kong Broadband Network’s Customer Database Affecting 380,000 Customers
February 21 – The Privacy Commissioner for Personal Data, Hong Kong (Privacy Commissioner) Mr Stephen Kai-yi WONG published an investigation report in accordance with section 48(2) of the Personal Data (Privacy) Ordinance (the Ordinance) on the incident of Hong Kong Broadband Network Limited (HKBN)’s inactive database having been intruded in mid-April 2018 (the incident) that…
Police Arrest Infamous Australian Hacker and Alleged Dark Web Drug DealerWanted by the FBI
Bruno reports: One of Australia’s most wanted criminal suspects has now been arrested by New South Whales police. Last Thursday, law enforcement agents nabbed Cody Ronald Ward, the suspect they believe is behind the dark web alias “NSW Great,” an infamous hacker and drug dealer known on the dark web. NSWGreat has been wanted by…
Microsoft says hackers tried to breach European think tanks and non-profit organizations
Saheli Roy Choudhury reports: Microsoft said hackers targeted European think tanks and non-profit organizations which often have contact with government officials. The attacks were carried out late last year through phishing campaigns to steal employee credentials and deliver malware, the tech giant said in a blog post on Wednesday. The company said it detected attacks…
Hacker puts up for sale third round of hacked databases on the Dark Web
Catalin Cimpanu reports: A hacker going by the name of Gnosticplayers has put up for sale another set of hacked databases on a Dark Web marketplace. This is the third round of hacked databases the hacker has published on the Dark Web marketplace known as Dream Market. He previously posted a batch of 16 databases…