PayPal has sent breach notifications to 34,942 users this week. Their notification reads, in part: On December 20, 2022, we confirmed that unauthorized parties were able to access your PayPal customer account using your login credentials. We have no information suggesting that any of your personal information was misused as a result of this incident,…
Category: Of Note
New Cybersecurity Directives (NIS2 and CER) Enter into Force in EU
Hunton Andrews Kurth writes: On January 16, 2023, the Directive on measures for a high common level of cybersecurity across the Union (the “NIS2 Directive”) and the Directive on the resilience of critical entities (“CER Directive”) entered into force. The NIS2 Directive repeals the current NIS Directive and creates a more extensive and harmonized set of rules on cybersecurity…
Interview with Mallox ransomware group
Over on SuspectFile, Marco A. De Felice has a write-up of an interview with Mallox. Unlike some interviews where spokespeople brag or make claims or pose a bit, Mallox’s spokesperson comes across as a serious individual who is part of a closed group that has worked together for the past few years without the drama…
Hacked evidence and stolen data swamp English courts
Franz Wild, Ed Siddons, and Simon Lock report: A multimillion-pound high court case between an authoritarian Gulf emirate and an Iranian-American businessman has revealed how hacked evidence is being used by leading law firms to advance their clients’ claims. The case has included allegations that a former Metropolitan Police officer hired Indian hackers and that…
A Police App Exposed Secret Details About Raids and Suspects
Dhruv Mehrotra reports: Last September, law enforcement agents from five counties in Southern California coordinated an operation to investigate, raid, and arrest more than 600 suspected sex offenders. The mission, Operation Protect the Innocent, was one of the largest such raids in years, involving over 64 agencies. According to the Los Angeles Police Department, it was coordinated…
Update about an alleged incident regarding Twitter user data being sold online
From Twitter, today: …. In response to recent media reports of Twitter users’ data being sold online, we conducted a thorough investigation and there is no evidence that data recently being sold was obtained by exploiting a vulnerability of Twitter systems. We also want to share an update about an incident that took place earlier this year,…