Caroline Haskins reports: The log-in credentials for 3,672 Ring camera owners were compromised this week, exposing log-in emails, passwords, time zones, and the names people give to specific Ring cameras, which are often the same as camera locations, such as “bedroom” or “front door.” Using the log-in email and password, an intruder could access a…
Category: Business Sector
SonyLIV Fixes leaky Elasticsearch in record time
Once again, a service owned and control by a division of official Sony Entertainment has slipped up. This time, their error exposed a elasticsearch server leaking log entries that feed into a third-party tool. Sony is no stranger when it comes to reports of poor infosecurity and hacking incidents, but it is not often we…
China Citizen Watch (Finally) Secures 150TB of Leaking Data
China Citizen Watch, the official Chinese division of the Japanese watch giant Citizen, and Bulova Watch Company (a Citizen brand in the U.S.) have both been affected because China Citizen Watch or its hosting company left an unsecured RSYNC server online with more than 150TB of files. Cursory skimming of the files, necessitated by Citizen…
Ca: Manitoba insurance company struck by ransomware attack
Canadian Press reports: A Manitoba-based insurance and financial brokerage that has clients across the Prairies has been hit by a ransomware attack that it hadn’t publicly disclosed. Andrew Agencies, based in Virden, appears on a list of targets published online this week by an international cybercriminal gang. Read more on CHVN.
AU: Nine more charges for NSW data breach accused
Steven Trask reports: The Sydney IT contractor allegedly responsible for a massive data breach that cost an ASX-listed property evaluation company more than $8 million is now facing additional charges. Stephen Grant allegedly accessed and published more than 170,000 data sets including names, addresses, contact numbers, property valuations and driver’s licences between September 2017 and…
CMS Blue Button API Coding Error Potentially Exposes Health Data
Jessica Davis reports: December 18, 2019 – The Centers for Medicare and Medicaid Services has taken its Blue Button 2.0 API offline, as it investigates a coding error that potentially exposed the protected health information of about 10,000 beneficiaries. The BB2.0 platform is used by Medicare beneficiaries to authorize third-party applications to access their Medicare claims data. The system…