Ufonobong Umanah reports: Experian Information Solutions produced sufficient evidence to show that a data breach victim who signed up for the company’s credit monitoring service agreed to arbitrate rather than litigate her claims, the Eleventh Circuit ruled, reversing a lower court. The plaintiff sued under the Fair Credit Reporting Act after noticing her credit file…
Category: Miscellaneous
ICANN sends breach notice to domain registrar Webnic about failure to deal with DNS abuse compliants properly
Andrew Allemann reports: ICANN has sent a breach notice (pdf) to Web Commerce Communications Limited dba WebNic.cc, a fairly large domain name registrar in Asia. WebNic has about 500,000 .com domain names under management in addition to domains in other extensions. ICANN says the registrar is not complying with Section 3.18.2 of the registrar accreditation agreement, which…
Canadian cybercriminal sentenced to a year in prison for NFT theft scheme
ALEXANDRIA, Va. – A Canadian was sentenced yesterday to a year in prison for conspiracy to commit wire fraud, wire fraud, and conspiracy to commit aggravated identity theft. According to court documents, in May 2022, Cameron Albert Redman, 22, of Mississauga, Ontario, formed a scheme to steal non-fungible tokens (NFTs) by gaining unauthorized access to…
Paying cyberattackers is wrong, right? Should Taos County’s incident be an exception? (1)
How many times have we read that paying a threat actor’s extortion demands only encourages more financially motivated crime and doesn’t ensure that the data won’t be retained or re-sold or leaked? Those making that argument appear to be generally correct, but are there exceptions? For years now, DataBreaches has gone back and forth between…
Hungarian police arrest suspect in cyberattacks on independent media
Daryna Antoniuk reports: Hungarian police have arrested a man suspected of carrying out a prolonged series of cyberattacks against independent media outlets in Hungary and abroad, authorities said on Monday. The 23-year-old suspect from Budapest is accused of launching distributed denial-of-service (DDoS) attacks that disrupted access to at least half a dozen Hungarian news sites beginning in…
New TeleMessage SGNL Flaw Is Actively Being Exploited by Attackers
Waqas reports: TeleMessage SGNL, a made-in-Israel clone of the Signal app used by US government agencies and regulated businesses, has been found running with an outdated configuration that exposes sensitive internal data to the internet, no login required. The main cause of the problem is how some deployments of TeleMessage SGNL are using older versions…