Revelations contained in an affidavit by an FBI agent and a press release by the Department of Justice about the arrest of the owner of a popular hacking forum raise a few questions about the role of the U.S. Department of Health and Human Services Office of the Inspector General (HHS-OIG). An affidavit by FBI…
Category: Of Note
Justice Department Announces Arrest of “Pompompurin” and Disruption of BreachForum’s Operation
The full text of DOJ’s press release today follows. A few questions from me are included after the press release: The founder of BreachForums made his initial appearance today in the Eastern District of Virginia on a criminal charge related to his alleged creation and administration of a major hacking forum and marketplace for cybercriminals…
Epidemic of Insecure Storage, Backup Devices Is a Windfall for Cybercriminals
Robert Lemos reports: Companies in every industry continue to leave backup and storage platforms unsecured, with more than a dozen issues, including insecure network settings and unaddressed CVEs, affecting the average device. That leaves these repositories — often the first line of protection in the event of a ransomware attack — as sitting ducks for cybercriminals….
Cannabis regulators putting out ‘a series of fires’ involving a Russian oligarch and data breach
Tori Bedford reports: Thousands of employees in the Massachusetts cannabis industry received an official email last week about a major data breach: the name, home and email address, phone number and date of birth of every cannabis worker in the state had been made public in an “inadvertent release of agency documents” by the state’s…
McDonald’s Korea fined $532k for breach of customers’ personal data
Yonhap News reports: McDonald’s Korea was given a fine of 696 million won (US$532,110) on Wednesday after the personal data of 4.87 million customers was leaked to hackers due to the firm’s lax data management. The Personal Information Protection Commission handed out the fine to the Korean branch of the American fast food chain, along…
BreachForums down, and will not be back
When BreachForums owner “Pompompurin” was arrested on March 15, forum members knew nothing about it until March 17, when Bloomberg broke the news. But BreachForums administrator “Baphomet” had suspected something was wrong and had already taken steps to secure the forum from law enforcement access. Since then, Baphomet, who took over ownership of the forum,…