There are leaks and then there are leaks. Hundreds of thousands of people who shared houses via Roomster might want to say a mental “Thank you” to the researcher known as @JayeLTee, who discovered a long-standing data leak and took steps to get it secured. As JayeLTee relates, he first spotted the misconfigured server in…
Category: Commentaries and Analyses
Westend Dental agrees to pay Indiana $350K and to implement corrective action plan to settle charges of multiple HIPAA violations
TechCrunch recently did its annual write-up of badly handled data security incidents. The following wasn’t in it but is one of the worst security and privacy failures that I’ve ever read, and that’s saying a lot. This case stems from a ransomware attack by Medusa Locker in October 2020 that is first being seriously addressed…
2024’s Data Breaches: Breaches Handled Badly
There are always a ton of articles at the end of every year recapping what went wrong. Over on TechCrunch, Zack Whittaker and Carly Page have their annual list of breaches handled poorly. This year’s list includes 23andMe, Change Healthcare, Synnovis, Snowflake, Columbus Ohio, Salt Typhoon, Moneygram, and HotTopic. DataBreaches generally agrees with their recap,…
Clop ransomware is now extorting 66 Cleo data-theft victims
Bill Toulas reports: The Clop ransomware gang started to extort victims of its Cleo data theft attacks and announced on its dark web portal that 66 companies have 48 hours to respond to the demands. The cybercriminals announced that they are contacting those companies directly to provide links to a secure chat channel for conducting ransom payment negotiations….
Conversation with a “Nam3L3ss” Watchdog, Part 2: Methods
This is a multi-part interview with the individual known as “Nam3L3ss” who leaked more than 100 databases on a popular hacking forum and will soon be leaking many more. Read the Preface. In Part 1, he answered some questions about his background and what motivated him to do what does. In this part, we talk…
Conversation with a “Nam3L3ss” Watchdog, Part 3: Ethics and Goals
This is a multi-part interview with the individual known as “Nam3L3ss” who leaked more than 100 databases on a popular hacking forum and will soon be leaking many more. Read the Preface. In Part 1, we talked about his background and what motivated him to do what he does. In Part 2, we talked about…