In 2023, Resolve to Fix Your Organization’s Meta Pixel Problem It’s time to be proactive about user privacy. Find out if you’re sending too much data to Facebook—or if you need to send data at all By: Maria Puertas and Simon Fondrie-Teitler We all use the internet to complete increasingly sensitive tasks: book doctor’s appointments,…
Category: Of Note
GitHub revokes code signing certificates stolen in repo hack
Sergiu Gatlan reports: GitHub says unknown attackers have stolen encrypted code-signing certificates for its Desktop and Atom applications after gaining access to some of its development and release planning repositories. So far, GitHub has found no evidence that the password-protected certificates (one Apple Developer ID certificate and two Digicert code signing certificates used for Windows…
Case May Impact Role of Lawyers in Data Breaches and IR
Mark Rasch writes: On January 9, 2023, the U.S. Supreme Court heard oral arguments on a criminal tax investigation case out of California that might impact the scope and extent of attorney-client privileges in data forensic investigations. The case, called In Re Grand Jury, Dkt. No. 21-1397, involves a federal grand jury demand for records created by…
Doctor Paid $60k in Bitcoin to Hire Dark Web Hitmen
Habiba Rashid reports: Ronald Craig Ilg, 56, was sentenced to eight years in prison for hiring hitmen on the dark web to assault and kidnap victims. The doctor in Spokane, Washington paid $60,000 in Bitcoin as payment for the tasks he asked the hitmen to perform. […] … the first was a former colleague, also a Spokane-area doctor….
Zacks Investment Research notifies 820,000 clients
Bill Toulas reports: Hackers breached Zacks Investment Research (Zacks) company last year and gained access to personal and sensitive information belonging to 820,000 customers. […] An internal investigation into the incident determined that a threat actor gained access to the network somewhere between November 2021 and August 2022. It is unclear if any data was…
Stratford University discloses ransomware attack — but which ransomware attack?
In September 2022, DataBreaches reported Stratford University had been the target of three ransomware attacks in previous months by REvil, Snatch Team, and Avos Locker. Snatch Team and Avos Locker had informed DataBreaches that neither had encrypted Stratford’s files; they exfiltrated and attempted to ransom them. Stratford never responded to inquiries from DataBreaches about the multiple…