Another city has reported a breach involving Click2Gov software by CentralSquare Technologies. WTVY reports Dothan, Alabama has joined more than four dozen other cities using Click2Gov that have experienced breaches involving payment card data of residents using online payment portals: “It has come to the City of Dothan’s attention that CentralSquare, the third-party processor of…
Category: Commentaries and Analyses
Veterans Affairs put millions of people at risk of identify theft, audit finds
Eric Yoder reports: The Veterans Affairs Department, while responding to requests for records on veterans’ benefits claims, “put millions of people at risk of identity theft” by not deleting personally identifying information on other people from those records, an audit has found. That information included names and Social Security numbers of people such as other…
A Notorious Iranian Hacking Crew Is Targeting Industrial Control Systems
Andy Greenberg reports: Iranian hackers have carried out some of the most disruptive acts of digital sabotage of the last decade, wiping entire computer networks in waves of cyberattacks across the Middle East and occasionally even the US. But now one of Iran’s most active hacker groups appears to have shifted focus. Rather than just standard…
Physical and cyber threats collide in data theft incidents at N.J. businesses
Joel Griffin reports: For years, cybersecurity experts have warned about the lengths that criminals will go to in gaining access to the network of their intended victim, including exploiting flaws in an organization’s physical security program to achieve their goals. Some security practitioners brushed aside these concerns convinced that these so-called “hackers,” often portrayed as…
UK public sector IT chiefs shrug off breach threats: The data we hold isn’t that important
Gareth Corfield reports: Half of UK public sector IT chiefs think the data they’re responsible for protecting is less valuable than private sector information, according to a survey by antivirus firm Sophos. Just over 50 per cent of 420 senior managers quizzed by Sophos agreed with the statement: “The data held by my organisation is…
Indian onlinebloodbank FINALLY secures exposed donors database
It’s been a frustrating matter, but it may finally be resolved, thanks to the individual known as @fs0ciety on Twitter. In May 2019, DataBreaches.net was alerted to an online bloodbank in India that had a misconfigured Amazon s3 bucket. Despite repeated emails by this site and even a phone call from Banbreach infosec in India,…