Barry Collins reports: British Mensa, the society for people with high IQs, failed to properly secure the passwords on its website, prompting a hack on its website that has resulted in the theft of members’ personal data. Eugene Hopkinson, a former director and technology officer at British Mensa, stood down this week, claiming that the…
Category: Hack
FR: CNIL Fines a Data Controller and Its Processor 225,000 Euros for Security Violation in Connection with Credential Stuffing
Hunton Andrews Kurth writes: On January 27, 2021, the French Data Protection Authority (the “CNIL”) announced (in French) that it imposed a fine of €150,000 on a data controller, and a fine of €75,000 on its data processor, for failure to implement adequate security measures to protect customers’ personal data against credential stuffing attacks on the website…
Another medical facility added to LSU Health Care Services Division HIPAA breach
As Louisiana State University Health Care kept investigating, they found more of their affiliated entities were impacted. WDSU reports: Another medical facility has been added to a cyber intrusion that happened at LSU Health New Orleans Health Care Services Division. The breach was first reported back in November. LSU HCSD has since become aware that…
USCellular hit by a data breach after hackers access CRM software
Lawrence Abrams reports: Mobile network operator USCellular suffered a data breach after hackers gained access to its CRM and viewed customers’ accounts. In a data breach notification filed with the Vermont attorney general’s office, USCellular states that retail store’s employees were scammed into downloading software onto a computer. This software allowed an attacker to access…
Suspected Russian Hackers Gained Edge Through Tech Firm Attacks
Kartikay Mehrotra and Alyza Sebenius report: Whether it was opportunity, strategy or sheer chutzpah, the suspected Russian hackers behind a massive cyber-attack revealed last month focused particular attention on technology companies, including cybersecurity firms entrusted to find malicious activity in their clients’ networks. Four cybersecurity companies announced this week that they had been targeted as…
Citrix Employees Secure $2.3 Million Settlement for Data Breach
Porter Wells reports: Citrix Systems Inc.’s $2.275 million settlement offer to a class of current and former employees whose data was compromised by hackers over a five-month period earned a Florida federal judge’s initial approval. Judge Ron K. Altman preliminarily approved the class’s unopposed motion to approve the settlement terms Tuesday for the U.S. District Court for the…