Kenny Chee reports: A simple, default password shared by employees was possibly the weak link that allowed hackers to break into advertising and creative agency Splash Productions‘ website and deface it. The incident, which happened about five to six years ago, was a wake-up call that spurred the company to drastically improve its cyber security…
Category: Business Sector
Ransomware-hit law firm gets court order asking crooks not to publish the data they stole
Gareth Corfield reports on what sounds like a legal Hail Mary play: A barristers’ chambers hit by a ransomware attack has responded by getting a court order demanding the criminals do not share stolen data. 4 New Square chambers, which counts IT dispute experts among its ranks, obtained a privacy injunction from the High Court…
Marsh McLennan reveals April data breach involving third-party software
Gavin Souter reports: Marsh & McLennan Cos. Inc. was hit by a data breach in April involving access to Social Security numbers and other personal information of staff, former staff, clients and a range of other people linked to the brokerage. The company sent a breach notification dated June 30, which was obtained by Business Insurance, stating…
British Airways settles with 2018 data breach victims
Reuters reports: British Airways has settled a case brought by customers and staff affected by a massive 2018 data breach that led to personal information being leaked, the court-appointed lead solicitors in the case said on Tuesday. Law firm PGMBM said those affected by the data leak would receive a confidential settlement following mediation with…
Some Kaseya victims privately negotiating with REvil
While the headlines blare about REvil offering to decrypt all victims of the Kaseya attack if they are paid $70 million, some companies have apparently already taken to individual negotiations with the threat actors. Over on SuspectFile, Marco A. De Felice is careful not to name the victim, but describes one such set of negotiatons…
Cn: Three more internet firms scrutinized amid rising data security concern
Li Qiaoyi and Zhang Hongpei report: China’s cyberspace regulator on Monday put three more internet platforms under scrutiny, three days after it announced a review of cybersecurity into the country’s top ride-hailing platform Didi Chuxing, indicating the country’s resolve to clamp down on data breaches and misuse as part of a broader move to protect…