The Wash Tub is notifying customers of a year-long payment card breach: San Antonio (November 12, 2020) – The Wash Tub is notifying customers of an incident that has been recently identified and addressed involving a suspected data breach that occurred September 2019 through October 2020. The Wash Tub was recently notified of suspicious activity…
Category: Business Sector
Hosting Provider Exposed 63M Records incl. WP & Magento
I missed this report from Jeremiah Fowler the other day: On October 5th I discovered a non-password protected database that contained a large amount of monitoring and system logs. There were records indicating data backups, monitoring, error logging, and more. Upon further research, the database appeared to belong to the Texas-based cloud application hosting provider,…
Ticketmaster UK Limited Fined by ICO
From the Information Commissioner’s Office: The Information Commissioner’s Office (ICO) has fined Ticketmaster UK Limited £1.25million for failing to keep its customers’ personal data secure. The ICO found that the company failed to put appropriate security measures in place to prevent a cyber-attack on a chat-bot installed on its online payment page. Ticketmaster’s failure to protect…
Human error leads to 27.7M people in Texas impacted in Vertafore ‘data event’
Nick Greenhalgh reports: A few months after its $5.3 billion acquisition by Roper Technologies Inc. (NYSE: ROP), Denver insurance tech giant Vertafore is in the midst of what the company is calling a “data event.” The company released a statement on Nov. 10 detailing human error that caused company data files to be accessed without authorization. The…
Ransomware Group Turns to Facebook Ads
Brian Krebs reports: It’s bad enough that many ransomware gangs now have blogs where they publish data stolen from companies that refuse to make an extortion payment. Now, one crime group has started using hacked Facebook accounts to run ads publicly pressuring their ransomware victims into paying up. Read more on KrebsOnSecurity.com. The Ragnar Locker threat actors…
Melbourne firm denies data stolen during ransomware attack
Sam Varghese reports: A Melbourne firm which suffered a hit from cyber criminals using the Windows REvil ransomware has denied that any data was exfiltrated from its site, as was reported in these columns. A spokesperson from Nexia Australia and New Zealand, a network of solutions-focused accountancy and consultancy firms, said the attack had taken…