Ryan W. Neal reports: Morgan Stanley has asked a New York federal court to throw out a class action lawsuit alleging the firm failed to properly wipe sensitive client information from decommissioned computer equipment that has since gone missing. The former clients cannot plausibly identify instances of personal data being accessed or misused, or any…
Category: Commentaries and Analyses
UK: Activist raided by police after downloading London property firm’s ‘confidential’ meeting minutes from Google Search
Gareth Corfield reports: A man who viewed documents online for a controversial London property development and shared them on social media was raided by police after developers claimed there had been a break-in to their systems. The raid by four Metropolitan Police constables took place after Southwark campaigner Robert Hutchinson was reportedly accused of illegally…
k-12 school districts fall prey to Pysa ransomware
—– A DataBreaches.net report by Dissent and Chum1ng0 —– In Part 1 of this series, DataBreaches.net described a number of attacks by Pysa (mespinoza) threat actors on medical entities in the U.S. In Part 2, we look at eight k-12 public school districts in the U.S. who either appear on the threat actors’ dedicated leak…
Greenway Health investigating claims by threat actors of a cyberattack (updated)
Update of August 10: Following publication of our article with a statement from Greenway Health that the attack appeared to be on a former client and not them (but it was under investigation), DataBreaches.net checked the threat actor’s leak site today and found the entire listing is gone. This could mean a number of things,…
Actively exploited bug bypasses authentication on millions of routers
Sergiu Gatlan reports: Threat actors actively exploit a critical authentication bypass vulnerability impacting home routers with Arcadyan firmware to take them over and deploy Mirai botnet malicious payloads. The vulnerability tracked as CVE-2021-20090 is a critical path traversal vulnerability (rated 9.9/10) in the web interfaces of routers with Arcadyan firmware that could allow unauthenticated remote attackers to bypass authentication….
Israeli cyber company detects severe Amazon security breach
The Jersualem Post reports: A severe security breach was detected in Amazon’s e-book tablet Kindle by Israeli cybersecurity provider Check Point, the company revealed on Friday. According to the company’s Israeli cyber investigators, the security breach found allowed them to hack the tablets, gain full control and steal the e-reader users’ Amazon accounts. Read more on The…