Joseph Menn reports: The massive hacking campaign disclosed by U.S. officials this week and tentatively attributed to the Russian government extended beyond users of pervasive network software that had been compromised. “The SolarWinds Orion supply chain compromise is not the only initial infection vector this APT actor leveraged,” said DHS’s Cybersecurity and Infrastructure Security Agency,…
Category: Business Sector
Security breach on Emirati website leads to leaked info of Israelis
Tobias Siegal reports: An Emirati website has leaked the personal information of thousands of Israelis who used it for planning their trip to Dubai, the N12 news site reported Thursday. The Dubai-based website Sharaf Travels was used by many Israelis who took the exciting opportunity to vacation in Dubai, as new Middle East destinations traditionally closed to…
Company that Provides Travel Emergency Services Settles FTC Allegations it Failed to Secure Sensitive Consumer Data
It feels like it’s been a while since we’ve seen an FTC data security case (well, apart from Zoom’s issues). Today, FTC issued a press release about a settlement stemming from SkyMed International’s misconfigured elastic search instance that exposed more than 130,000 people’s information. The exposed data were discovered by Jeremiah Fowler and reported in…
Spotify notifies customers of breach, files under CCPA
Steve Zurier reports: Streaming service Spotify has notified an unspecified number of its customers of a data breach, responding by resetting passwords on the accounts that were attacked. […] In a breach notification letter dated Dec. 9 to its customers and filed with the California attorney general, Spotify said the company discovered the vulnerability on its system…
Hackers at center of sprawling spy campaign turned SolarWinds’ dominance against it
Raphael Satter and Christopher Bing have a somewhat mind-boggling update to the SolarWinds hack – a hack that will be remembered as one of the biggest and most concerning hacks of 2020. And it’s only likely to get worse for SolarWinds, whose stock already dropped significantly. We know that companies can recover from breaches and…
Huber & Suhner victim of cyber attack, production stands still
Swiss iTMagazine reports (translated): The industrial company Huber & Suhner from Herisau was the victim of a cyber attack. All of the company’s production facilities are currently closed worldwide. Read more on Swiss itMagazine. The attack was first reported on fuw.ch h/t, @Chum1ng0