Zack Whittaker reports: It feels like every other day another tech startup is caught red-faced spilling reams of data across the internet because of a lapse in security. But even for technology giants like Amazon, it’s easy to make mistakes. Security researcher Anurag Sen found a database packed with Amazon Prime viewing habits stored on an internal Amazon server that…
Category: Business Sector
Aurubis says it was target of cyberattack
Reuters reports: Aurubis, Europe’s biggest copper smelter, said it had been the target of a cyberattack overnight that has forced it to shut down its IT systems and disconnect them from the internet. “The IT systems are currently being examined,” Aurubis said on Friday, adding that it was reviewing the scope of the impact. Read…
FTX to give a ‘one-time’ $6M compensation to phishing victims
Jesse Coghlan reports: Cryptocurrency exchange FTX will provide around $6 million in compensation to victims of a phishing scam that allowed hackers to conduct unauthorized trades on certain FTX users’ accounts. FTX founder and CEO Sam Bankman-Fried posted in a Twitter thread on Oct. 23 that the exchange generally doesn’t award compensation to its users “phished by fake versions of…
Hive claims ransomware attack on Tata Power, begins leaking data
Ax Sharma reports: Hive ransomware group has claimed responsibility for a cyber attack disclosed by Tata Power this month. A subsidiary of the multinational conglomerate Tata Group, Tata Power is India’s largest integrated power company based in Mumbai. Read more at Bleeping Computer.
FTC Takes Action Against Drizly and its CEO James Cory Rellas for Security Failures that Exposed Data of 2.5 Million Consumers
The Federal Trade Commission is taking action against the online alcohol marketplace Drizly and its CEO James Cory Rellas over allegations that the company’s security failures led to a data breach exposing the personal information of about 2.5 million consumers. Drizly and Rellas were alerted to security problems two years prior to the breach yet…
UK: ICO fines Interserve £4,400,000 for inadequate data security
Between 18 March 2019 and 1 December 2020 Interserve Limited (“Interserve”) failed to process personal data in a manner that ensured appropriate security of the personal data using appropriate technical and organisational measures as required by Article 5(1)(f) and Article 32 GDPR. This rendered Interserve vulnerable to a cyber-attack which took place in the period…