Andrew Goldman reports: The private data of thousands of NHS patients across Dorset was breached during a five-year-period – among the highest in the country. A new study has shown Dorset Healthcare University NHS Foundation Trust (DHC) experienced the fourth highest number of data breaches in the UK, however the trust says this does not…
Category: Commentaries and Analyses
Cydia Dev Discloses Ethereum L2 Bug — Optimism Attacker Could Have ‘Printed an Arbitrary Quantity of Tokens’
Jamie Redman reports: On February 10, the well-known developer of Cydia and iOS Jailbreak, Jay Freeman, otherwise known as Saurik, published a Twitter thread about a bug he found in the Layer-2 (L2) scaling protocol known as Optimism. According to Freeman, the vulnerability, which has been patched, could have allowed an attacker to create an…
Indicators of Compromise Associated with BlackByte Ransomware
From a newly released Joint Cybersecurity Advisory: SUMMARY This joint Cybersecurity Advisory was developed by the Federal Bureau of Investigation (FBI) and the U.S. Secret Service (USSS) to provide information on BlackByte ransomware. As of November 2021, BlackByte ransomware had compromised multiple US and foreign businesses, including entities in at least three US critical infrastructure…
Deloitte’s $5M Data Security Deal OK Is Sought by Plaintiffs
Jake Holland reports: A $4.95 million settlement with Deloitte Consulting LLP to resolve claims it created websites with poor security should receive final approval, the plaintiffs are arguing in New York federal court. The deal is fair and provides meaningful relief to affected class members, the plaintiffs argued in a supplemental brief filed Thursday in the U.S….
MO: St. Louis Post-Dispatch reporter won’t be charged in F12 “hack” case
KMTZ reports some welcome news: A Cole County prosecutor will not file charges against a reporter from the St. Louis Post-Dispatch for the alleged data breach of the Missouri Department of Elementary and Secondary Education website. Prosecutor Locke Thompson said in a release while reviewing the case that it would not be in the best…
One year after it started, LendUs discloses that they had a breach
As you read the following press release, note that they do not tell us when they first discovered that there might have been a security breach or incident. Nor do they tell us how they first discovered it. And what’s with this “out of an abundance of caution” claim? If you can’t figure out what…