Sergiu Gatlan reports: Australian software firm Atlassian warned customers to immediately patch a critical vulnerability that provides remote attackers with hardcoded credentials to log into unpatched Confluence Server and Data Center servers. As the company revealed this week, the Questions for Confluence app (installed on over 8,000 servers) creates a disabledsystemuser account with a hardcoded password to help admins…
Category: Business Sector
T-Mobile agrees to pay $350 million in data breach affecting 77 million users
IANS reports: Telecommunications company T-Mobile has agreed to pay $500 million to settle a class-action lawsuit in a 2021 data breach that impacted nearly 76.6 million users’ data in the US. T-Mobile will put $350 million into a settlement fund to go to lawyers, fees, and the affected, according to the proposed agreement filled on Friday. The company will also…
Uber enters non-prosecution agreement; admits 2016 data breach coverup
SAN FRANCISCO –Uber Technologies, Inc., has entered a non-prosecution agreement with federal prosecutors to resolve a criminal investigation into the coverup of a significant data breach suffered by the company in 2016, announced United States Attorney Stephanie M. Hinds and Federal Bureau of Investigation Special Agent in Charge Sean Ragan. As part of a non-prosecution…
Central Florida construction firm: Ex-employee snatched firm’s records in data breach
Gabrielle Russon reports: A construction company says an employee who quit his job downloaded and stole a trove of confidential information before he left. On his way out the door, the ex-employee obtained documents such as the company’s bank account statements and tax returns as well as 401(k) information containing employees’ names, Social Security numbers,…
Perth Festival, Black Swan Theatre and other arts organisations hit by major data breach
Rebeccca Trigger reports: Western Australia’s biggest arts organisations, including the Perth Festival, Black Swan State Theatre Company, the WA ballet and WA opera have been subject to a massive data breach that has compromised customers’ personal information. Customers received an email this afternoon from the Arts and Culture Trust saying third-party software used by the…
China fines Didi $1.2bn over ‘egregious’ data security violations
AlJazeera reports: China has fined ride-hailing giant Didi almost $1.2bn for “egregious” violations of data security rules, capping a year-long probe that torpedoed the startup’s stock price and forced its delisting from the United States stock market. The Cyberspace Administration of China (CAC) said on Thursday it fined the startup 8.026 billion yuan after finding…