Gareth Corfield reports: A business app developer’s unsecured Microsoft Azure blob left more than half a million confidential and sensitive documents belonging to its customers freely exposed to the public internet, The Register can reveal. Information contained in the blob included occupational health assessments, insurance claim documents from US firms underwritten by Lloyds of London, and…
Category: Business Sector
Microsoft says it identified 40+ victims of the SolarWinds hack, and more bad news…
Catalin Cimpanu reports: Microsoft said it identified more than 40 of its customers that installed trojanized versions of the SolarWinds Orion platform and where hackers escalated intrusions with additional, second-stage payloads. The OS maker said it was able to discover these intrusions using data collected by Microsoft Defender antivirus product, a free antivirus product built…
UK: People’s Energy data breach affects all 270,000 customers
Zoe Kleinman reports: The company People’s Energy has contacted all its 270,000 current customers, following a data breach. Co-founder Karin Sode told BBC News an entire database had been stolen by hackers and included information on previous customers. Data stolen included names, addresses, dates of birth, phone numbers, tariff and energy meter IDs, she said….
Cyberattack hits Israeli companies, with Iran reportedly the likely culprit
Oops. I missed this one last week. Stuart Winer reports: A major cyberattack earlier this month hit dozens of Israeli logistics companies, with hackers making off with information from servers, according to a report of the incident by one of the victims filed Sunday to the Tel Aviv Stock Exchange. The attack hit Amital Data,…
Suspected Russian hacking spree extended beyond SolarWinds users
Joseph Menn reports: The massive hacking campaign disclosed by U.S. officials this week and tentatively attributed to the Russian government extended beyond users of pervasive network software that had been compromised. “The SolarWinds Orion supply chain compromise is not the only initial infection vector this APT actor leveraged,” said DHS’s Cybersecurity and Infrastructure Security Agency,…
Security breach on Emirati website leads to leaked info of Israelis
Tobias Siegal reports: An Emirati website has leaked the personal information of thousands of Israelis who used it for planning their trip to Dubai, the N12 news site reported Thursday. The Dubai-based website Sharaf Travels was used by many Israelis who took the exciting opportunity to vacation in Dubai, as new Middle East destinations traditionally closed to…