The National Math and Science Initiative (NMSI) in Texas describes itself as a non-profit organization whose mission is to improve U.S. student performance in the subjects of science, technology, engineering, and math. According to their notification letter, on or about October 13, 2021, their AV software triggered an alert. Through the resulting investigation, NMSI determined…
Category: Miscellaneous
Donation site for Ottawa truckers’ ‘Freedom Convoy’ protest exposed donors’ data
Zack Whittaker reports: The donation site used by truckers in Ottawa who are currently protesting against national vaccine mandates has fixed a security lapse that exposed passports and driver licenses of donors. […] TechCrunch was tipped off to the data lapse after a person working in the security space found an exposed Amazon-hosted S3 bucket…
Nobel Foundation site hit by DDoS attack on award day
Bill Toulas reports: … As revealed, the institution’s site was hit by a DDoS (distributed denial of service) attack which aims to overwhelm a website with high volumes of “garbage” traffic and a large number of bogus connection requests. This action depletes the available server resources and renders the website unable to serve real visitors,…
If you are the threat actor(s) responsible for a Swiss contractor attack, please read this
If anyone knows anything about the attack described below, please contact me via Signal or via email (see the Contact page for both). You can also reach me on Telegram @DissentDoe. And if you are the threat actor and are willing to delete/purge the data, please get in touch. Catalin Cimpanu made me aware of…
Mt: IT firm C-Planet fined €65,000 over massive voter data breach
Ivan Martin reports: An IT firm responsible for a massive leak of voter data has been fined €65,000 for data breaches. Data Protection Commissioner Ian Deguara issued the administrative penalty against C-Planet It Solutions Limited which was hired by the Labour Party to manage a cache of private information on some 337,384 Maltese voters. The…
Breach of the Protection and Accountability Obligations by Nature Society (Singapore) 14 Jan 2022
A financial penalty of $14,000 was imposed on Nature Society (Singapore) for breaches of the PDPA. First, the organisation failed to put in place reasonable measures to protect personal data on its website database. Second, it did not appoint a data protection officer. Lastly, it did not have written policies and practices necessary to comply…