It would be great if the good guys had backups as good as the threat actors have. Threat actors who call themselves “ALTDOS” have re-emerged after a brief hiatus that had left this site wondering if something had happened to them following a joint advisory about them. ALTDOS has attacked a number of ASEAN firms,…
Category: Hack
Nevada Restaurant Services, Inc. Provides Notice Of Data Privacy Event
From the I-have-questions department: Nevada Restaurant Services reported that they experienced a breach in January of this year and that the threat actor was able to copy some of their files. The type of data varied by person but the notification stated that the scope of information potentially involved includes individuals’ name, date of birth,…
Juniper Breach Mystery Starts to Clear With New Details on Hackers and U.S. Role
Jordan Robertson reports: Days before Christmas in 2015, Juniper Networks Inc. alerted users that it had been breached. In a brief statement, the company said it had discovered “unauthorized code” in one of its network security products, allowing hackers to decipher encrypted communications and gain high-level access to customers’ computer systems. Further details were scant,…
SEC fines three companies over hacked employee email accounts
Catalin Cimpanu reports: The US Securities and Exchange Commission has fined three brokerage firms on Monday for neglecting to secure employee accounts, incidents that led to the exposure of their customers’ data. Cetera Advisor Networks LLC, Cetera Investment Services LLC, Cetera Financial Specialists LLC, Cetera Advisors LLC, and Cetera Investment Advisers LLC (collectively, the Cetera entities); Cambridge…
Ruling Breaks New Ground For CGL Policy Data Breach Coverage Hackings
Peter Selvin of Ervin Cohen & Jessup writes: A recent case from the 5th U.S. Circuit Court of Appeals breaks new ground on the question of whether a commercial general liability policy provides coverage for damages arising from a data breach caused by a third-party hacker. Landry’s Incorporated v. Insurance Company of the State of Pennsylvania, 4…
Beaumont Health notifies patients of Accellion breach
Friday, August 27, 2021 On February 5, 2021, Goodwin Procter LLP (“Goodwin”) notified Beaumont Health (“Beaumont”) of a security incident at Accellion, a third-party vendor whose File Transfer software was used by Goodwin for large file transfers on behalf of clients, including Beaumont. Goodwin received some personal and protected health information from Beaumont in connection…