Graham Cluley writes: A former software engineer at Ubiquit Networks has been sent to prison for six years after stealing gigabytes of data from the firm, attempting to extort millions of dollars, and harming the company’s reputation in the media. Back in January 2021, networking manufacturer Ubiquiti told users to change their passwords and enable two-factor authentication (2FA),…
Category: Business Sector
Vehicle data of over 2 million Toyota users been publicly available in Japan since a decade
Update: As more details emerge, this story gets even bigger in some respects. See this news coverage at: https://www.gizchina.com/2023/05/13/toyota-mishandled-user-data-by-publishing-over-2-million-user-info-online/ Daniel Leussink and Kantaro Komiya report: Toyota Motor Corp said on Friday the vehicle data of about 2.15 million users was left publicly available in Japan for about a decade from November 2013 to mid-April. […]…
A harbinger of bad things to come?
Seen on the AlphV/BlackCat leak site today: ResultsCX | The result of many unknown breaches? 5/11/2023, 9:03:10 PM We have numerous accounts to share about how our organization was able to gain initial access to various fortune 100 companies using the ResultsCX network and credentials. Interestingly, these companies are completely unaware that we have accessed…
Japan’s ubiquitous convenience stores now serving up privacy breaches
Simon Sharwood reports: Japan’s minister for digital transformation and digital reform, Taro Kono, has apologized after a government app breached citizens’ privacy. The app is called the “Certificate Issuing Server” and, as explained by the municipal government of Kodaira City, allows residents to print documents such as certificates that prove they’ve paid taxes. Fujitsu Japan developed and…
WhizComms data breach: 50% of customers affected, notified on May 10
Aqil Hamzah reports: About 24,000 customers of broadband service provider WhizComms, or roughly half the company’s customer base, had their personal information stolen by an external party in a data breach incident detected on April 21. The affected people received e-mail on Wednesday informing them that a third party had accessed the firm’s Web server and downloaded…
Deconstructing a Cybersecurity Event — Dragos
Dragos writes: On May 8, 2023, a known cybercriminal group attempted and failed at an extortion scheme against Dragos. No Dragos systems were breached, including anything related to the Dragos Platform. Dragos has a culture of transparency and a commitment to providing educational material to the community. This is why it’s important to us to…