Jim Wilson writes: One of India’s most popular travel booking hubs was left exposed without adequate security measures, and subsequently, suffered a significant data breach that exposed all production server information and led to the loss of over 43GB of data. The affected Elastic search server was left publicly exposed without password protection or encryption…
Category: Business Sector
38 Japan firms’ authentication data stolen amid surge in teleworkers
Kyodo News reports: Sumitomo Forestry Co., Hitachi Chemical Co. and 36 other Japanese companies had authentication information to access their virtual private networks stolen and leaked by hackers this summer, an information security expert said Tuesday. VPN usage has increased as companies encourage employees to work from home due to the novel coronavirus pandemic. The…
Ca: Brookfield Residential confirms ransomware attack
As DataBreaches.net reported earlier today, although DarkSide ransomware operators claimed to have attacked Brookfield Asset Management, they appear to have attacked Brookfield Residential, a North American land developer and residential home builder. Brookfield Residential is an independently operating portfolio company that runs on an isolated network and domain from all other Brookfield entities, including Brookfield…
More Canadian entities hit with ransomware
Updated August 24: The #DarkSide’s victim is Brookfield Residential. Brookfield Residential describes themselves as a North American land developer and new home builder, and the “flagship North American residential property company of Brookfield Asset Management.” On their leak site, the threat actors had linked to Brookfield.com, which is Brookfield Asset Management, but the documents dumped…
Free photos, graphics site Freepik discloses data breach impacting 8.3m users
Catalin Cimpanu reports: Freepik, a website dedicated to providing access to high-quality free photos and design graphics, has disclosed today a major security breach. The company made it official after users started grumbling on social media this week about receiving shady-looking breach notification emails in their inboxes. Read more on ZDNet.
Experian only informed Information Regulator months after hack
Admire Moyo reports: The Information Regulator is concerned about the hacking of credit bureau Experian, which occurred less than two months after the commencement of the Protection of Personal Information (POPI) Act. This week, Experian, a consumer, business and credit information services agency, confirmed it experienced a data breach which exposed the personal information of as many…