Catalin Cimpanu reports: The maintainers of OpenWRT, an open-source project that provides free and customizable firmware for home routers, have disclosed a security breach that took place over the weekend. According to a message posted on the project’s forum and distributed via multiple Linux and FOSS-themed mailing lists, the security breach took place on Saturday, January 16, around 16:00…
Category: Miscellaneous
Hackers leaked altered Pfizer data to sabotage trust in vaccines
Sergiu Gatlan reports: The European Medicines Agency (EMA) today revealed that some of the stolen Pfizer/BioNTech vaccine candidate data was doctored by threat actors before being leaked online with the end goal of undermining the public’s trust in COVID-19 vaccines. EMA is the decentralized agency that reviews and approves COVID-19 vaccines in the European Union,…
Ronald McDonald House notifying almost 18,000 guests of Blackbaud breach
Those of us who frequently check state attorneys general sites are well aware that there are still many consumers and patients who are first being notified of the Blackbaud ransomware incident last year. Ronald McDonald House is well-known in the U.S., for offering housing accommodations to families who have children being treated for serious illnesses. …
Cyberattack on European Medicines Agency – update 4
There is an update to the attack on the European Medicines Agency reported last month. In a statement issued yesterday, EMA writes: The ongoing investigation of the cyberattack on EMA revealed that some of the unlawfully accessed documents related to COVID-19 medicines and vaccines belonging to third parties have been leaked on the internet. Necessary…
United Nations data breach exposed over 100k UNEP staff records
Ax Sharma reports: Today, researchers have responsibly disclosed a security vulnerability by exploiting which they could access over 100,000 private employee records of United Nations Environmental Programme (UNEP). The data breach stemmed from exposed Git directories and credentials, which allowed the researchers to clone Git repositories and gather a large amount of personally identifiable information (PII) associated…
Bill & Melinda Gates Foundation’s Charity GetSchooled Breaches 900k Children’s Details
WELP reports: The Financial Times was the first to break this story earlier today (29th December 2020. This breach occurred when GetSchooled (getschooled.com), a charity founded by the Bill & Melinda Gates Foundation in collaboration with Viacom left a database open and accessible to anyone with a browser and internet connection. According to TurgenSec: The breach impacts 930k individuals,…