Jan Vermeulen reports: The Information Regulator has slapped credit bureau TransUnion with an enforcement notice following a data breach on 18 March 2022. N4ugthySecTU, the group that claimed responsibility for the attack, alleged that they exfiltrated 4TB of data from one of TransUnion’s databases, including the records of 54 million South Africans. However, the bureau said far…
Category: Business Sector
Nissan Oceania Data Breach Impacts 100,000 Individuals in Australia and New Zealand
Alicia Hope reports: Nissan Oceania is notifying 100,000 individuals that the December 2023 data breach exposed their personal information. The New Zealand and Australia-based subsidiary of the Japanese automaker Nissan said it detected “unauthorized access” to its local IT servers on December 5, 2023. It responded by notifying law enforcement authorities, privacy regulators, and national…
Convergent Outsourcing Settles Data Breach Class Action for $2.45 Million
Kathryn M. Rattigan of Robinson & Cole LLP writes: Convergent Outsourcing Inc., a debt-collection agency, settled a data breach class action in the U.S. District Court for the Western District of Washington for $2.45 million. The class action suit against Convergent alleged that the business failed to protect the personal information of over 640,000 individuals….
Update on Microsoft Actions Following Attack by Nation State Actor Midnight Blizzard
From a new blog post by Microsoft: In recent weeks, we have seen evidence that Midnight Blizzard is using information initially exfiltrated from our corporate email systems to gain, or attempt to gain, unauthorized access. This has included access to some of the company’s source code repositories and internal systems. To date we have found…
41 State Attorneys General tell Meta to do better in preventing and mitigating account takeovers
A coalition of state attorneys general have sent a letter to Meta asking them to do more to help users whose accounts have been hacked or taken over. The letter to Meta’s Chief Legal Officer begins: Dear Ms. Newstead: We, the undersigned attorneys general (the “State AGs”), write to request immediate action to address the…
Hacker’s attempt to sue police is ‘abuse of process’
RL360 Insurance Company Limited is an international offshore savings, protection and investment provider, headquartered in the Isle of Man. According to Wikipedia, it is part of the International Financial Group Limited. Threefm reports that John Henry Griffin, a former RL360 employee who was convicted of unauthorized access to data and unlawful acquisition of personal data,…