In August, 2019, this site noted that CafePress had been hacked in February. On October 1, 2019, I shared some of the notification I had received from them via email on September 30 because I found their notification confusing. Yesterday, state attorneys general announced a settlement with CafePress, stemming from the breach. This is the…
Category: Commentaries and Analyses
Ransomware attackers are making threatening phone calls to their victims, warns FBI
Catalin Cimpanu reports that ransomware threat actors are doing more than just calling their victims on the phone (as previously reported on this site and by ZDNet). Now at least one of the groups, DoppelPaymer, are allegedly threatening them. The incidents have been happening since February 2020, the FBI said in a PIN (private industry notification)…
Microsoft says it identified 40+ victims of the SolarWinds hack, and more bad news…
Catalin Cimpanu reports: Microsoft said it identified more than 40 of its customers that installed trojanized versions of the SolarWinds Orion platform and where hackers escalated intrusions with additional, second-stage payloads. The OS maker said it was able to discover these intrusions using data collected by Microsoft Defender antivirus product, a free antivirus product built…
In wake of horrific Vastaamo breach, Finnish government tables laws to protect data from cyber criminals
Gerard O’Dwyer reports: The huge data security breach and cyber-ransom attack at Finland’s Vastaamo Psychotherapy Centre has provoked a swift response from the government, which is primed to introduce more rigid laws and measures to protect the country’s databases and sensitive information from cyber criminals. […] In a significant bolstering of Finland’s data security laws,…
OH: Olmsted Falls City Council approves new computer vendor to provide data security
In a year when so many small government agencies have been attacked, it’s nice to see local governments address improving security, although advertising how vulnerable they may currently be may be an invitation to attackers. John Benson reports: hen it comes to data security and computer operations, it doesn’t matter if you’re talking about a…
AU: Service NSW not effectively handling private information: NSW Auditor-General
Chris Duckett reports: The NSW Auditor-General Margaret Crawford has released her office’s report into how Service NSW handles personal and business information, following the agency being breached earlier this year. In May, the agency fessed up to the phishing attack, which led to 47 staff email accounts being compromised. The breach was said to have impacted 186,000 customers and…