Sara Merken reports: Goodwin Procter experienced an indirect security breach involving a third-party vendor whose services the firm uses for large file transfers, according to an internal memo reviewed by Reuters on Tuesday. Goodwin’s investigation into the matter, which is still ongoing, revealed a “small percentage of our clients may have experienced unauthorized access to…
Category: Business Sector
BR: State-owned energy utility, COPEL, suffers cyberattack (UPDATED)
Bruno Soares reports: Companhia Paranaense de Energia (Copel) suffered cyber attacks last night that caused instability in part of its systems. According to the company, the operation and protection systems detected the attacks and the security protocols were followed, with the suspension of the operation of its computerized environment to protect the integrity of the…
Marketing Company Agrees to Pay $150 Million for Facilitating Elder Fraud Schemes
January 27 — Epsilon Data Management LLC (Epsilon), one of the largest marketing companies in the world, has entered into a settlement with the Department of Justice to resolve a criminal charge for selling millions of Americans’ information to perpetrators of elder fraud schemes. Epsilon entered into a deferred prosecution agreement (DPA) with the Consumer…
Wind River Security Incident Affects SSNs, Passport Numbers
Lindsey O’Donnell reports: Wind River Systems, which develops embedded system software, on Friday warned of a “security incident” that had exposed personnel records. One or more files were downloaded from the company’s network on or around September 29, it said. Affected data included information maintained within the company’s personnel records – including critical data like…
Personal Data of 3 Million+ People Exposed In DriveSure Hack
Once again, breaches are discovered when security firms read forums where data are shared or posted for sale. Risk Based Security discusses what they found involving DriveSure: In a lengthy post to prove the databases’ high quality, the threat actor detailed the leaked files and the user information. Typically, hackers only share valuable segments or…
Report: American Cable and Internet Giant Comcast Exposed Development Database Online
This is a leak that deserves its own post. Website Planet reports: On December 1st, 2020 the WebsitePlanet research team in cooperation with Security Researcher Jeremiah Fowler discovered a non-password protected database that contained over 1.5 billion records. There were references to Comcast throughout the database including multiple subdomains, urls, and internal IP addresses. The publicly visible…