China Citizen Watch, the official Chinese division of the Japanese watch giant Citizen, and Bulova Watch Company (a Citizen brand in the U.S.) have both been affected because China Citizen Watch or its hosting company left an unsecured RSYNC server online with more than 150TB of files. Cursory skimming of the files, necessitated by Citizen…
Category: Of Note
Nathan Wyatt, aka “Crafty Cockney” of thedarkoverlord, now on U.S. soil to stand trial in St. Louis
I’ve reported on Nathan Wyatt a number of times, including the extradition request by the U.S., his appeal, and his failure to win his appeal of the extradition order. So we knew this was coming, but let’s start with a recap of the charges he’s facing: One count of conspiracy against the U.S. (18 USC…
Researcher Releases Data on 100,000 Phishing Attempts to Teach You How to Not Get Hacked
Lorenzo Franceschi-Bicchierai reports: A security researcher who specializes in tracking government hacking attempts published 25GB of data on 100,000 phishing attacks on Monday. […] Claudio Guarnieri, who works at Amnesty International and has been tracking targeted attacks against dissidents and activists for almost a decade, published the dataset to help other researchers track hackers, and…
Ransomware Gangs Now Outing Victim Businesses That Don’t Pay Up
Brian Krebs reports: As if the scourge of ransomware wasn’t bad enough already: Several prominent purveyors of ransomware have signaled they plan to start publishing data stolen from victims who refuse to pay up. To make matters worse, one ransomware gang has now created a public Web site identifying recent victim companies that have chosen…
UK: 700,000 Hospital Letters Go Missing Since 2011
Spring Hill Insider reports: Thousands of patients may have suffered delays to treatment after it was revealed that the NHS failed to deliver more than half a million sensitive documents to GPs. Test results from biopsies and patient treatment plans were among the thousands of official records that went missing between 2011 and 2016. Read…
How can we screw up incident response? Let me count the ways — Monday UK Edition
This week, DataBreaches.net was reminded yet again of the risks of trying to alert an entity to a breach. This time, it was not me who was threatened or any of the whitehat researchers I know. This week, it was a citizen who found patient records on the street in his town and undertook to…