Charlie Osborne reports: A St. Louis resident has been sentenced to four years behind bars for stealing the identities of US citizens to file fraudulent tax return claims, made possible through data leaked in security incidents. Babatunde Olusegun Taiwo, alongside co-conspirators including Kevin Williams, used the personal identifying information (PII) of individuals leaked due to…
Category: Business Sector
Ring Fired Employees for Watching Customer Videos
Joseph Cox reports: Amazon-owned home security camera company Ring has fired employees for improperly accessing Ring users’ video data, according to a letter the company wrote to Senators and obtained by Motherboard. The news highlights a risk across many different tech companies: employees may abuse access granted as part of their jobs to look at customer data or information….
Why is a 22GB database containing 56 million US folks’ personal details sitting on the open internet using a Chinese IP address? Seriously, why?
Shaun Nichols reports: Exclusive A database containing the personal details of 56.25m US residents – from names and home addresses to phone numbers and ages – has been found on the public internet, served from a computer with a Chinese IP address, bizarrely enough. The information silo appears to belong to Florida-based CheckPeople.com, which is a…
UK: DSG Retail Ltd fined £500,000 for failing to secure information of at least 14 million people
From the Information Commissioner’s Office, this release: The Information Commissioner’s Office (ICO) has fined DSG Retail Limited (DSG) £500,000 after a ‘point of sale’ computer system was compromised as a result of a cyber-attack, affecting at least 14 million people. An ICO investigation found that an attacker installed malware on 5,390 tills at DSG’s Currys PC World…
Avid Technology reports a breach that they discovered in 2018
What should states do when notification is made but took more than one year? Are explanations sufficient to avoid any penalties for late notice? Here’s a case where notice to some individuals was made more than 7 months after discovery of a problem, but others did not get notified for more than one year. Read…
Booking data stolen from Japanese short-time love hotel booking service HappyHotel
Duncan Riley reports: Japanese short-time love hotel search engine HappyHotel has suffered a data breach in which the details of clients were accessed by unknown hackers. The breach occurred on Dec. 22, with usernames, passwords, date of birth, phone numbers and home addresses of customers all being stolen. “Love hotels” are accommodations where people take…