Zack Whittaker reports: AIESEC, a non-profit that bills itself as the “world’s largest youth-run organization,” exposed more than four million intern applications with personal and sensitive information on a server without a password. Bob Diachenko, an independent security researcher, found an unprotected Elasticsearch database containing the applications on January 11, a little under a month…
Category: Miscellaneous
Ca: UCP members ‘at risk for identity theft’ after laptop stolen, expert says
Lucie Edwardson reports: The United Conservative Party‘s privacy policies are being questioned after a party laptop was stolen out of an employee’s car in a parkade. The laptop contains the names, addresses and contact information of 40,000 UCP members. Experts say the language used in the memo to inform members was confusing and didn’t answer important questions….
North Korea defector hack: Personal data of almost 1,000 leaked
BBC reports: Almost 1,000 North Korean defectors have had their personal data leaked after a computer at a South Korean resettlement centre was hacked, the unification ministry said. A personal computer at the state-run centre was found to have been “infected with a malicious code”. The ministry said this is thought to be the first…
US Breach Laws Are Coming: South Carolina
Liisa M. Thomas and Shanna M. Pearce of Sheppard, Mullin, Richter & Hampton LLP write: In another change to US state breach notice laws in 2019, South Carolina will have new breach notice requirements for insurance companies. The requirements follow the National Association of Insurance Commissioners’ Insurance Data Security Model Law. South Carolina was the first to…
How Wellcome Trust Executives Got Whaled By Oldest Trick In The Fraud Playbook
Davey Winder writes: It hasn’t been the greatest week for the non-profit sector with the revelation that two well-known charities have fallen victim to less than charitable cyber con-artists. In the same week that the Save the Children Federation confirmed it had been scammed out of $1 million by email fraudsters, so the Wellcome Trust…
Hackers fooled Save the Children into sending $1 million to a phony account
Todd Wallack reports: Save the Children Federation, one of the country’s best-known charities said it was the victim of a $1 million cyberscam last year. The Connecticut-based nonprofit said hackers broke into a worker’s e-mail, posed as an employee, and created false invoices and other documents, to fool the charity into sending nearly $1 million…