Alicia Hope reports: Nissan Oceania is notifying 100,000 individuals that the December 2023 data breach exposed their personal information. The New Zealand and Australia-based subsidiary of the Japanese automaker Nissan said it detected “unauthorized access” to its local IT servers on December 5, 2023. It responded by notifying law enforcement authorities, privacy regulators, and national…
Category: Business Sector
Convergent Outsourcing Settles Data Breach Class Action for $2.45 Million
Kathryn M. Rattigan of Robinson & Cole LLP writes: Convergent Outsourcing Inc., a debt-collection agency, settled a data breach class action in the U.S. District Court for the Western District of Washington for $2.45 million. The class action suit against Convergent alleged that the business failed to protect the personal information of over 640,000 individuals….
Update on Microsoft Actions Following Attack by Nation State Actor Midnight Blizzard
From a new blog post by Microsoft: In recent weeks, we have seen evidence that Midnight Blizzard is using information initially exfiltrated from our corporate email systems to gain, or attempt to gain, unauthorized access. This has included access to some of the company’s source code repositories and internal systems. To date we have found…
41 State Attorneys General tell Meta to do better in preventing and mitigating account takeovers
A coalition of state attorneys general have sent a letter to Meta asking them to do more to help users whose accounts have been hacked or taken over. The letter to Meta’s Chief Legal Officer begins: Dear Ms. Newstead: We, the undersigned attorneys general (the “State AGs”), write to request immediate action to address the…
Hacker’s attempt to sue police is ‘abuse of process’
RL360 Insurance Company Limited is an international offshore savings, protection and investment provider, headquartered in the Isle of Man. According to Wikipedia, it is part of the International Financial Group Limited. Threefm reports that John Henry Griffin, a former RL360 employee who was convicted of unauthorized access to data and unlawful acquisition of personal data,…
Fraudster’s fake data breach claims should remind media to be careful what we report
Over the past few weeks, DataBreaches had occasionally checked a dark web leak site by an individual or group called “Mogilevich.” However, DataBreaches didn’t report on any of their claimed victims because the site and the claims seemed sketchy and there was no confirmation. DataBreaches will not name and shame those sites or outlets that…