Lawrence General Hospital in Massachusetts is notifying patients of a breach that occurred in September. In their disclosure, LGH notes that on September 19, they discovered a “data security incident that disrupted the operations of our IT systems.” Their investigation determined that an unauthorized party “may have accessed its IT systems between September 9, 2020…
Category: Hack
Hackers are exploiting unpatched VoIP flaws to compromise business accounts
Danny Palmer reports: A hacking campaign has compromised VoIP (Voice over Internet Protocol) phone systems at over 1,000 companies around the world over the past year in a campaign designed to make profit from selling compromised accounts. While the main purpose appears to be dialling premium rate numbers owned by attackers or selling phone numbers…
Deloitte’s ‘Test your Hacker IQ’ site fails itself after exposing database user name, password in config file
Thomas Claburn reports: Updated A website created for global consultancy Deloitte to quiz people on knowledge of hacking tactics has proven itself vulnerable to hacking. The site, found at the insecure non-HTTPS URL http://deloittehackeriq.com/, makes its YAML configuration file publicly accessible. And within the file, in cleartext, is the username and password for the site’s mySQL database….
Another k-12 district reports a data breach
This time, it’s Columbus City Schools in Ohio, who report that on May 1, they learned that an employee’s email account had been compromised. Their subsequent investigation resulted in them notifying an undisclosed number of people that their name and social security number had been in the employee’s email account. You can read the October…
23,600 hacked databases have leaked from a defunct ‘data breach index’ site
Catalin Cimpanu reports: More than 23,000 hacked databases have been made available for download on several hacking forums and Telegram channels in what threat intel analysts are calling the biggest leak of its kind. The database collection is said to have originated from Cit0Day.in, a private service advertised on hacking forums to other cybercriminals. Read…
Founder of hacker group Anonymous reveals his ultimate ‘end-game’
Shawn Langlois reports: Earlier this year, the Atlantic revealed Aubrey Cottle as the internet prankster who years ago started Anonymous, an amorphous collective of hackers and activists waging cyberwar against oppression and corruption by targeting institutions like the Church of Scientology, the Westboro Baptist Church and, most recently, the police department. “Anonymous has all walks of life,”…