Another listing I stumbled across while browsing what’s for sale on the darknet offered emails from what the seller claimed are .edu, dadeschools.net, and k12.wi.us, among other sources. The vendor, “dnu2k,” was asking $16.94 and claimed to have “Only 1 in stock!” I contacted the vendor to try to obtain more information, and (s)he replied that…
Category: Hack
In: NIFT student arrested for hacking Institute website
Local Police arrested an eighth semester NIFT student last evening for hacking the official website of National Institute of Fashion Technology (NIFT) and tampering with the marks-sheets, police said here today.Kangra Sub Divisional Police officer Surinder Sharma told UNI this evening that NIFT Director S Balasidartha had lodged a complaint with police today that the…
Atlanta neurological clinic notifies patients of ransomware attack AND an older hack
In the process of investigating a ransomware incident, Peachtree Neurological Clinic discovered an earlier hack going back to February 2016. They posted the following notice on their web site: Peachtree Neurological Clinic, P.C. (“PNC”) of Atlanta, Georgia has advised its patients of a privacy event that may have compromised certain personal information. The events are…
Bupa IPMI notifies customers of insider breach; former employee claimed to have 1million records for sale on dark web
Over on Hot for Security, Graham Cluley beat me to the punch on reporting an insider breach involving Bupa. You can begin by watching Bupa’s public notice, and then read Graham’s report for some more information. Of note, he reports: In all, around 108,000 international health insurance policies are said to be affected. An email…
Singapore Personal Data Protection Commissioner fines ION Orchard
A financial penalty of $15,000 was imposed on Orchard Turn Developments for failing to make reasonable security arrangements to protect personal data of its members that was stored on its server. Orchard Turn Developments was also issued directions to patch all system vulnerabilities already identified, conduct a penetration test and rectify new weaknesses identified, as…
Menlo Park dental practice notifies patients of hack and ransom demand
The following is one of the best notification letters I have ever read. I have sent an email to Dr. Yaley to ask a few questions for clarification and follow-up purposes, as some of this sounds like it could be the work of TheDarkOverlord. Regardless of who the attackers are, however, the notification letter below could…