Ax Sharma reports: A secret terrorist watchlist with 1.9 million records, including classified “no-fly” records was exposed on the internet. The list was left accessible on an Elasticsearch cluster that had no password on it. Read more on BleepingComputer. The government wouldn’t respond to inquiries by BleepingComputer as to whether this was the government’s Terrorist Screening Center list, and whether…
Category: Government Sector
Brazilian National Treasury hit with ransomware attack
Angelica Mari reports: The Brazilian government has released a note stating the National Treasury has been hit with a ransomware attack on Friday (13). According to a statement from the Ministry of Economy, initial measures to contain the impact of the cyberattack were immediately taken. The first assessments so far have found there was no damage…
Trial blocked by police data loss; murder suspect released
AP reports a follow-up to a data loss incident reported earlier this month: A murder suspect was released from jail Monday after his trial was postponed when Dallas police revealed they had lost a massive amount of criminal data. Read more on AP.
Ransomware hackers hit 2 public wastewater plants in Maine
Kate Cough reports: The Department of Environmental Protection has warned municipalities and water-sector professionals to be on alert after two recent ransomware intrusions, believed to be the first on wastewater systems in Maine. The attacks occurred in Limestone and Mount Desert Island, said Judy Bruenjes, a wastewater technical assistance engineer for the DEP. Read more…
Case Files Affected in Dallas Police Department Data Loss
Claire Cardona reports: Multiple terabytes of Dallas Police Department data are missing and may be unrecoverable after being deleted during a data migration process in April, according to the Dallas County District Attorney’s Office. District Attorney John Creuzot said in a disclosure notice to defense attorneys Wednesday that the city had learned in April that…
Current and former North Carolina state employees notified of unintended exposure of file on intranet
From the no-need-to-hack-when-it’s-leaking dept., state edition, the North Carolina Department of Information Technology and Office of State Human Resources are notifying 84,860 current or former state agency employees that a file with their name and SSN was uploaded by mistake to a state intranet site accessed by more than 65,000 authenticated users: We are writing…