For the past week, a number of us have been watching the explosive growth of attacks on misconfigured MongoDB installations. Victor Gevers of GDI Foundation and Niall Merrigan, a Norwegian developer, have been providing yeoman service investigating the problem, making notifications, and keeping us all apprised of their findings through their Twitter accounts. It all…
Category: Hack
PA: Alleged computer hacker pleads not guilty, heads to trial in Feb.
James Halpin reports: A city man facing federal computer hacking charges pleaded not guilty Wednesday. Justin Bodnar, 27, is charged with one count each of illegally accessing a protected computer and intentionally damaging a protected computer connected to incidents in 2012 and 2013. Prosecutors allege he accessed the emails of someone in an attempt to…
Ashley Madison Data Breach Claims Should Be Arbitrated, Company Says
Amanda Bronstad reports: AshleyMadison.com’s parent company is hoping to knock out more than 20 class actions filed over its 2015 data breach by invoking online arbitration agreements the plaintiffs signed when they subscribed to its matchmaking services. The move to arbitrate comes after Avid Life Media Inc., which has been rebranded as Ruby Corp., agreed…
Instances of new and destructive ransomware grow rapidly
If you are following what’s happening with hackers attacking misconfigured MongoDB databases, wiping the data, and then demanding ransom for its return, then you’ll know that although this problem seemed to start on or around December 21 with an actor known as “Harak1r1,” within days of it garnering media attention, we saw almost identical warning…
Emory Healthcare patient data hijacked and held for ransom? (UPDATED)
Yesterday, I noted a somewhat alarming report that misconfigured MongoDB installations are being wiped by a hacker who steals the databases and then holds them for ransom of .2 BTC (approximately $200 at yesterday’s rate or $220 at today’s rate). This latest threat was reported yesterday by Catalin Cimpanu of Bleeping Computer after an ethical hacker, Victor Gevers, disclosed the discovery he had made as part of Project 366. On…
TX: Letter notifies 23,000 NISD employees, students of email breach
Katrina Webber reports: The Northside Independent School District has sent letters to about 23,000 former and current students and employees regarding a security breach that might have put their personal information at risk. NISD spokesman Barry Perez said school district officials first got a hint about the trouble in August when it was discovered that…