Sergiu Gatlan reports: Chartered Professional Accountants of Canada (CPA) today disclosed that a cyberattack against the CPA Canada website allowed unauthorized third parties to access the personal information of over 329,000 members and other stakeholders. CPA Canada is a national organization with more than 217,000 Chartered Professional Accountants as members and one of the largest national accounting bodies in the world….
Category: Miscellaneous
Internal Data Stolen, Leaked, in REvil Attack on Electricity Market’s Elexon
CBR reports: Cyber criminals using the REvil/Sodinokibi ransomware stole internal data during a May 11 attack on Elexon — the organisation that helps balance and settle the UK’s electricity market — and have now posted it online in a bid to pressure the organisation into paying a ransom. Read more on Computer Business Reviews.
A cybercrime store is selling access to more than 43,000 hacked servers
Catalin Cimpanu reports: MagBo, a shadowy online marketplace where hackers sell and buy hacked servers, is doing better than ever and has soared in popularity to become the largest criminal marketplace of its kind since its launch in the summer of 2018. Two years later, the MagBo portal has grown more than 14 times in…
Criminal forum trading stolen data suffers ironic data breach
John E. Dunn reports: Someone on the dark web is touting for sale an unusual database a lot of people might pay handsomely to get their hands on. Another rich cache full of sensitive company data, or perhaps something stolen from a military power? In fact, according to the security company that verified its authenticity, Cyble,…
Southern Ute Indian Tribe says U.S. Treasury Dept. leaked confidential information
The Durango Herald reports: The Southern Ute Indian Tribe is demanding an investigation into the U.S. Treasury Department after the tribe said the department leaked confidential tribal information given to it as part of an effort to obtain funds under the Coronavirus Aid, Relief and Economic Security Act. On Monday, all state, local and tribal…
Campaign Gaffe: How a Voter Contact App Exposed Credentials and Code
UpGuard reports: UpGuard can now disclose that a code repository including exposed access credentials for Campaign Sidekick, a current voter contact, survey, and canvassing app used by Republican campaigns, has been secured. The code repository was within a “.git” directory which was configured for public access and hosted on Campaign Sidekick’s primary website. The directory contained…