TNN reports: Amid claims by a hackers’ forum that data of over three crore users of Indian Railways is on sale on the dark web, the railway ministry on Wednesday said that no such data breach happened in any of its systems or organisations. Read more at Times of India.
Category: Government Sector
For sale on eBay: A military database of fingerprints and iris scans
Kashmir Hill, John Ismay, Christopher F. Schuetze, and Aaron Krolik report: The shoebox-shaped device, designed to capture fingerprints and perform iris scans, was listed on eBay for $149.95. A German security researcher, Matthias Marx, successfully offered $68, and when it arrived at his home in Hamburg in August, the rugged, hand-held machine contained more than…
Vanuatu ransomware attack claimed by RansomHouse
As previously reported, the South Pacific archipelago Vanuatu announced in early November that they had been hit with a ransomware attack that pretty much stranded the islands. Almost one month later, the islands had not recovered. On December 24, RansomHouse threat actors added the government of Vanuatu to their leak site, claiming to have locked…
Aussie Fire Stations Impacted by Cyberattack
Security Newspaper reports: Fire Rescue Victoria’s (FRV) emails, phones, and emergency dispatch systems that automate firefighters’ tasks, such as opening station doors as soon as firefighters get an emergency call, were all affected by a hack, which resulted in “a broad IT outage.” The malfunction in the department’s network was found for the first time…
Hackers selling user data from CoWIN platform on DarkWeb
Times Now reports: Only a few weeks after hackers breached India’s premier government hospital, AIIMS Delhi, they have moved on to the Indian government’s web portal for COVID-19 vaccination, CoWIN.gov.in, selling sensitive information to the highest bidder on the Dark Web. […] The evidence provided by the hacker consists of screen captures of the portal’s administrative interface, which…
MN: State network data breach has potential impact on some Rochester Public Library users
Post Bulletin reports: Rochester Public Library was notified that one of its library service partners, MNLINK, experienced a data breach on Dec. 15, 2022. Through the random cyber attack, the names and email address of 1,709 Rochester library customers might have been accessed. Read more at Post Bulletin.