At the end of April, this site reported a breach at PaperlessPay that put its clients’ employees at risk of tax refund fraud and identity theft. As reported at the time, PaperlessPay had been contacted by Homeland Security on February 19 to alert them that someone was offering access to their clients’ data for sale…
Category: Hack
WV: Elkins Rehabilitation & Care Center notifies residents and employees of breach first discovered in February 2019
I know some people may think I’m being too harsh, but really — almost 1.5 years from detection to notifications to people of a breach? Their response in terms of preventing more incidents seems reasonable, but the gap to figure out that notification was needed and then whom to notify seems too long. What will…
Judge Dismisses Testing Platform Cyberattack Case Against Pearson
Kirsten Errick reports that a lawsuit against Pearson stemming from a 2018 breach that they were alerted to in 2019 has been tossed for lack of Article III standing: Judge John Z. Lee of the Northern District issued an opinion on Tuesday granting Pearson’s motion to dismiss regarding the data breach of its AIMSweb testing platform, which…
NZ police terminate contract with Gravitas after breach
Tom Pullar-Strecker reports: Police are axing their contract with Auckland research firm Gravitas after information they sent the firm about police complainants was lost in a Nigerian hack. Assistant commissioner Jevon McSkimming announced earlier this month – without naming the company – that Gravitas had alerted Police to the data breach and had also reported it…
Data Breach at Crypto Wallet Firm Ledger Exposes User’s Personal Info
Mohammad Musharraf reports: Major cryptocurrency hardware wallet provider Ledger has alerted customers to a data breach it faced in June and July. In an email on July 29, the company said it was made aware of the breach on July 14 when a researcher participating in its bounty program reached out with details of a…
Hackers stole GitHub and GitLab OAuth tokens from Git analytics firm Waydev
Catalin Cimpanu reports: Waydev, an analytics platform used by software companies, has disclosed a security breach earlier this month. The company says that hackers broke into its platform and stole GitHub and GitLab OAuth tokens from its internal database. Read more on ZDNet.