While uKnowKids had a somewhat despicable disclosure of their breach that involved shooting the messenger, here are two positive examples of breach disclosures I came across this week: RubberStamps.net notified about 7,000 customers that its web site was compromised between November 3, 2015 to December 11, 2015. In a well-written letter, Scott Lee, the President and CEO, Superior Labels, Inc. explained that…
Category: Business Sector
Operation Blockbuster Coalition Ties Sony, Other Destructive Attacks to Lazarus Group
Michael Mimoso reports: The nation-state sponsored hacker group allegedly behind the 2014 attack against Sony Pictures Entertainment has been linked to similar intrusions against a number of companies in South Korea including the Dark Seoul and Operation Troy attacks. A coalition of security companies called Operation Blockbuster, including Kaspersky Lab, Novetta, AlienVault, Invincea, ThreatConnect, Volexity, Symantec,…
WA: Rightside employee tax information stolen in data breach
Ashley Stewart reports: Kirkland-based Rightside was the target of a “highly sophisticated phishing scam,” resulting in the theft of employees’ personal information, according to an email obtained by the Puget Sound Business Journal. The company notified affected employees this week, explaining that it had been the target of a cyber attack for several months and, on…
Spec’s sues insurance provider for legal fees related to data breaches
Ah, here’s the explanation I didn’t have the other day. Joe Martin reports: Houston-based Spec’s Family Partners Ltd. is suing its insurance provider for over $1.3 million in legal fees stemming from two data breaches, according to court documents. Spec’s filed a lawsuit in the Southern District of Texas in Houston Feb. 19 against the…
Thousands of apps running Baidu code collect, leak personal data: research
Jeremy Wagstaff and Paul Carsten report: Thousands of apps running code built by Chinese Internet giant Baidu have collected and transmitted users’ personal information to the company, much of it easily intercepted, researchers say. The apps have been downloaded hundreds of millions of times. The researchers at Canada-based Citizen Lab said they found the problems…
Former Smart Online IT manager sentenced to 30 months for sending damaging code to the firm’s servers
There’s a follow-up to an incident previously reported on this site. Nikhil Nilesh Shah, a former information technology manager at Smart Online, who pleaded guilty in August to sending damaging computer code to servers at his former employer has been sentenced to 30 months in prison. He was also ordered to pay pay $324,462 in restitution. SOURCE: U.S. Attorney’s…