Dan Milmo reports: The Guardian has confirmed it was hit by a ransomware attack in December and that the personal data of UK staff members has been accessed in the incident. The Guardian Media Group’s chief executive, Anna Bateson, and the Guardian’s editor-in-chief, Katharine Viner, confirmed the news in an update emailed to staff on…
Category: Business Sector
Update about an alleged incident regarding Twitter user data being sold online
From Twitter, today: …. In response to recent media reports of Twitter users’ data being sold online, we conducted a thorough investigation and there is no evidence that data recently being sold was obtained by exploiting a vulnerability of Twitter systems. We also want to share an update about an incident that took place earlier this year,…
Captify’s Your Patient Advisor advises more than 244,000 consumers of payment card breach
Your Patient Advisor by Captify started notifying people in mid-December of a security breach that occurred in 2019 and continued for years. Captify Health (“Your Patient Advisor”) is an online retailer of colonoscopy preparation kits. In March of 2021, they were contacted about the fraudulent use of consumer credit cards potentially related to their payment…
Identity Thieves Bypassed Experian Security to View Credit Reports
Brian Krebs reports: Identity thieves have been exploiting a glaring security weakness in the website of Experian, one of the big three consumer credit reporting bureaus. Normally, Experian requires that those seeking a copy of their credit report successfully answer several multiple choice questions about their financial history. But until the end of 2022, Experian’s…
When ransom negotiations become public, self-inflicted reputation harm may follow
Not all ransomware victims have given up on getting attackers to sign a nondisclosure agreement (NDA), so they can call a ransom payment a “bug bounty” and never disclose that they were the victim of a ransomware incident. At least, that’s how it seems, unless, of course, CyberOptics is going to claim that they were…
What Twitter’s 200 million email leak really means
Lily Hay Newman reports: After reports at the end of 2022 that hackers were selling data stolen from 400 million Twitter users, researchers now say that a widely circulated trove of email addresses linked to about 200 million users is likely a refined version of the larger trove with duplicate entries removed. The social network…