Mike Rogoway reports that Oregon’s worker’s compensation insurer, SAIF Corp., experienced a breach in October that potentially compromised policyholders’ information and workers’ compensation claimants’ personal and medical information. On their breach-related site maintained for them by IDX, SAIF explains that on October 24, there was a brief period during which an unauthorized individual or individuals…
Category: Hack
What Twitter’s 200 million email leak really means
Lily Hay Newman reports: After reports at the end of 2022 that hackers were selling data stolen from 400 million Twitter users, researchers now say that a widely circulated trove of email addresses linked to about 200 million users is likely a refined version of the larger trove with duplicate entries removed. The social network…
Slack’s private GitHub code repositories stolen over holidays
Ax Sharma reports: Slack suffered a security incident over the holidays affecting some of its private GitHub code repositories. … The incident involves threat actors gaining access to Slack’s externally hosted GitHub repositories via a “limited” number of Slack employee tokens that were stolen. While some of Slack’s private code repositories were breached, Slack’s primary codebase and…
Man who got into hacking while still in school explains what he did in Anonymous
Ali Condon reports: A man who first got into computer hacking when he was still in school has explained what it was like to work with infamous hacktivist group Anonymous. Mustafa Al-Bassam, who was once a member of Anonymous and is one of the founders of LulzSec, got his first taste for computer programming when he was just…
Bits ‘n Pieces (Trozos y Piezas)
MX: BlackCat claims attack on Grupo Estrategas EMM ALPHV, aka BlackCat, claims to have attacked Grupo Estrategas EMM, but the ransomware group has not as yet uploaded any proof of claims. Nor has the insurance firm posted any notice on its website or social media indicating any incident. The insurer has not responded to an…
Russian hackers targeted U.S. nuclear scientists
James Pearson and Christopher Bing reports: A Russian hacking team known as Cold River targeted three nuclear research laboratories in the United States this past summer, according to internet records reviewed by Reuters and five cyber security experts. Between August and September, as President Vladimir Putin indicated Russia would be willing to use nuclear weapons to defend…