On June 26, DataBreaches reported that hacktivists calling themselves SiegedSec claimed to have attacked government servers in Arkansas and Kentucky to protest those states’ abortion bans. As noted at the time, the “attacks” seemed mostly symbolic, as neither server contained any information related to the abortion issue or laws and was all publicly available. Yesterday,…
Category: Commentaries and Analyses
Pentester says he broke into datacenter via hidden route running behind toilets
Dan Robinson reports: Many security breaches involve leaks, but not perhaps in the same way as one revealed by noted security consultant Andrew Tierney, who managed to gain unauthorized access to a datacenter via what he delightfully terms the “piss corridor.” Tierney, who works as a consultant for security services outfit Pen Test Partners, revealed in…
Chinese hackers targeting Russian government, telecoms: report
Jonathan Greig reports: Chinese hacking groups are targeting the Russian government and organizations in the telecommunications industry, according to a new report from cybersecurity company SentinelOne. The report found that there has been a noticeable increase in Russian targeting by suspected Chinese threat actors. Tom Hegel, senior threat researcher at SentinelOne, attributed the targeting to state-sponsored espionage…
North Korea is targeting hospitals with ransomware, U.S. agencies warn
Kevin Collier reports: The U.S. government said Wednesday that North Korea is behind a recent strain of ransomware cyberattacks on hospitals and other health care facilities. The warning is the starkest alert to date that North Korea, which the U.S. has long alleged uses its hackers to raise money for state programs like its nuclear weapons…
Hungarian authority fines data controller EUR 7,500 data breach and rules free online services not suitable for high-risk processing
Dóra Petrányi, Katalin Horváth, Márton Domokos, and Daniella Huszár of CMS Cameron McKenna Nabarro Olswang LLP write: In the latest decision of the National Authority for Data Protection and Freedom of Information (NAIH), a data controller for a political party, responsible for a data breach where six Excel files were made publicly available through a…
EXCLUSIVE: Marriott hacked again? Yes. Here’s what we know.
On June 28, DataBreaches received a message from an unrecognized sender. The subject was: “Breach of Marriott hotels! Very Important!” DataBreaches’ first thought was, “Seriously? Is this yet another breach involving Marriott or are some kids just trying to leak old data?” As it turned out, this was, in fact, a new breach. But how…