Ouch. Rachna Dhanrajani reports: India’s cryptocurrency exchange WazirX, on Monday, revealed that 43% of customer funds lost in a recent cyberattack are unlikely to be recovered. In a virtual press conference, the exchange announced it is undergoing a restructuring process, which could take up to six months. They are also in discussions with a potential…
Category: Of Note
Franklin County judge grants city request to suppress cyber expert’s efforts to warn public
Did the First Amendment get rescinded in Franklin County, Ohio? What the heck is going on there? Bill Bush of The Columbus Dispatch reports: A Franklin County judge on Thursday granted the city of Columbus a temporary restraining order against a cybersecurity expert who has been telling the media about the public impact of the…
National Public Data Published Its Own Passwords
Brian Krebs reports: New details are emerging about a breach at National Public Data (NPD), a consumer data broker that recently spilled hundreds of millions of Americans’ Social Security Numbers, addresses, and phone numbers online. KrebsOnSecurity has learned that another NPD data broker which shares access to the same consumer records inadvertently published the passwords to its…
Ransom campaign hits cloud servers
Catalin Cimpanu reports: A threat actor is hacking and extorting companies that have misconfigured their cloud server infrastructure. The data extortion campaign has been taking place since earlier this year and involves a large-scale scan of the internet for companies that have exposed their environment variable files. Also known as .ENV, these files act as…
Tabb Inc. Security Gaffe Exposes 200,000 Background Check Files for More Than Six Months (2)
An unsecured backup blob exposed pre-employment background checks on approximately 200,000 people. Applicant files contained various amounts of personal and occupational information, including SSN, name, address, driver’s license, date of birth, education and employment history, and in some cases, criminal background checks. Files went back 15 years. The blob was unsecured for at least six…
From the “I Wouldn’t Hold My Breath Department”
We understand why courts issue such injunctions and rulings, but still… PA News Agency reports: Hackers responsible for a cyber attack that led to more than 10,000 NHS appointments being cancelled have been ordered by a High Court judge to “unmask” themselves and return or delete stolen data. Pathology services provider Synnovis was targeted by…