Lottie Twyford reports: Legal Aid ACT has confirmed it will not pay the ransom demanded by the hackers who earlier this month stole private information from the commission. That hack could have exposed the data of some of the organisation’s most vulnerable clients, including refugees and victims of family violence. Read more at The Riot…
Category: Non-U.S.
U.K.: Suffolk police publish sensitive info of sexual assault victims online in data protection failure
Why would other victims ever come forward and report their assaults when they cannot trust the police to protect their reports? This is an appalling breach, and an “investigation” isn’t going to undo any harm that has been done. What exactly is going to be done to mitigate harm to the victims of this data…
Whoosh confirms data breach after hackers sell 7.2M user records
Bill Toulas reports: The Russian scooter-sharing service Whoosh has confirmed a data breach after hackers started to sell a database containing the details of 7.2 million customers on a hacking forum. Whoosh is Russia’s leading urban mobility service platform, operating in 40 cities with over 75,000 scooters. On Friday, a threat actor began selling the…
Hong Kong regulator issues investigative report on 2021 Fotomax ransomware incident
The Office of the Privacy Commissioner for Personal Data (PCPD) in Hong Kong published an investigation report today concerning a ransomware attack on the database of Fotomax (F.E.) Limited. From the news release: The investigation arose from a data breach notification lodged by Fotomax with the PCPD on 1 November 2021, which reported that the…
UK: Hacked evidence and stolen data swamp English courts
Franz Wild, Ed Siddons, Simon Lock, Jonathan Calvert, and George Arbuthnott report: A multimillion-pound high court case between an authoritarian Gulf emirate and an Iranian-American businessman has revealed how hacked evidence is being used by leading law firms to advance their clients’ claims. It includes allegations that a former Metropolitan Police officer hired Indian hackers…
Hu: EdTech firm eKRÉTA that stores personal info of students breached by hacking group
As seen on Catalin Cimpanu’s RiskyBiz News: Major breach in Hungary: A hacking group named Sawarim has breached eKRÉTA, the company behind a school management platform widely deployed across Hungary. The platform is believed to store the personal details of more than 720,000 Hungarian students, aged between 6 and 18 years. While the hackers told a local…