What should states do when notification is made but took more than one year? Are explanations sufficient to avoid any penalties for late notice? Here’s a case where notice to some individuals was made more than 7 months after discovery of a problem, but others did not get notified for more than one year. Read…
Category: Hack
Booking data stolen from Japanese short-time love hotel booking service HappyHotel
Duncan Riley reports: Japanese short-time love hotel search engine HappyHotel has suffered a data breach in which the details of clients were accessed by unknown hackers. The breach occurred on Dec. 22, with usernames, passwords, date of birth, phone numbers and home addresses of customers all being stolen. “Love hotels” are accommodations where people take…
What OPSEC? Member of “thedarkoverlord” allegedly used his personal details to set up hacking and extortion-related accounts.
In what seems like a mind-boggling OPSEC #FAIL, a U.K. man associated with thedarkoverlord allegedly used his real details to create bank accounts as well as to open email accounts, phone numbers, vpn, Twitter, and PayPal accounts that thedarkoverlord used as part of its operations to hack and extort victims. For a group that signed…
OR: Klamath County Veterans Service Office Provides Notice of Data Security Incident
On January 2, 2019, Klamath County notified individuals that their personal information was affected by a Veterans Service Office data security incident. On September 19, 2019, the Klamath County IT Department became aware of unusual activity of one of its Veterans Service Office employee’s email accounts. Klamath County immediately launched an investigation and determined that the Veterans Service Office employee’s email…
School software vendor Active Network suffers data breach
Doug Olenick reports that Active Network’s Blue Bear Software platform reported that unauthorized activity in its network in October resulted in customer PII being exposed. The company reported the issue to the California Attorney General’s office stating it recently became aware that between Oct. 1, 2019 and Nov. 13, 2019 there was illegal activity taking place on…
Ghosts in the Clouds: Inside China’s Major Corporate Hack
Rob Barry and Dustin Volz report: The hackers seemed to be everywhere. In one of the largest-ever corporate espionage efforts, cyberattackers alleged to be working for China’s intelligence services stole volumes of intellectual property, security clearance details and other records from scores of companies over the past several years. They got access to systems with…