I held off on posting this one as so many people need a bit more time to get back into the swing of things after the holidays. Andrew Smith, Director of the FTC Bureau of Consumer Protection, posted this on January 6 on the FTC’s site: When Chairman Simons and I arrived at the FTC,…
Category: Of Note
London: New data leak exposes owners of 400,000 anonymous companies
Richard L. Cassin reports: Millions of documents leaked from a corporate services firm with a posh London address are helping journalists unmask owners of secret offshore companies and the alleged criminal activities of some of those owners. The information about the secret companies was leaked from Formations House. The firm does business from a front…
Texas school district loses $2.3 million from phishing scam
KSAT reports: Manor Independent School District, just east of Austin, is out of $2.3 million from a phishing scam. Investigators say the phishing email was sent to multiple people at the school district and it was a single person that responded. The money was sent through three separate transactions. Read more on KSAT.
MAZE Relaunches “Name and Shame” Website, Continues Dumping Data from Reluctant Victims
Sarah Coble reports: A threat group has once again taken to the internet to publish data stolen from alleged victims who refuse to cooperate with its ransom demands. In December 2019, the MAZE ransomware group published online a portion of the 120 GB of data they claimed to have stolen from Southwire, North America’s most prominent wire…
UK: DSG Retail Ltd fined £500,000 for failing to secure information of at least 14 million people
From the Information Commissioner’s Office, this release: The Information Commissioner’s Office (ICO) has fined DSG Retail Limited (DSG) £500,000 after a ‘point of sale’ computer system was compromised as a result of a cyber-attack, affecting at least 14 million people. An ICO investigation found that an attacker installed malware on 5,390 tills at DSG’s Currys PC World…
What OPSEC? Member of “thedarkoverlord” allegedly used his personal details to set up hacking and extortion-related accounts.
In what seems like a mind-boggling OPSEC #FAIL, a U.K. man associated with thedarkoverlord allegedly used his real details to create bank accounts as well as to open email accounts, phone numbers, vpn, Twitter, and PayPal accounts that thedarkoverlord used as part of its operations to hack and extort victims. For a group that signed…