Joshua Mooney of White & Williams writes: On July 31, 2019, Governor Carney signed the Delaware Insurance Data Security Act (formerly, HB 174) into law. Based on the National Association Of Insurance Commissioners (NAIC) Insurance Data Security Model Law, the Delaware law establishes a regulatory framework requiring insurers licensed to do business in Delaware to…
Category: Of Note
StockX was hacked, exposing millions of customers’ data
Zack Whittaker reports: It wasn’t “system updates” as it claimed. StockX was mopping up after a data breach, TechCrunch can confirm. The fashion and sneaker trading platform pushed out a password reset email to its users on Thursday citing “system updates,” but left users confused and scrambling for answers. StockX told users that the email…
GermanWiper ransomware hits Germany hard, destroys files, asks for ransom
If you ever needed just a teensy bit more motivation to get moving on backing up your data and testing it for an emergency, Catalin Cimpanu reports: For the past week, a new ransomware strain has been wreaking havoc across Germany. Named GermanWiper, this ransomware doesn’t encrypt files but instead it rewrites their content with…
A newly discovered hacking group is targeting energy and telecoms companies
Zack Whittaker reports: There’s a new hacking group on the radar targeting telecommunications and oil and gas companies across Africa and the Middle East. Industrial security company Dragos, which discovered the group, calls it “Hexane,” but remains largely tight-lipped on its activities. The security company said Thursday, however, that the group’s activity has ramped up…
More Than 4 Billions of Record Exposed from an Unknown Elastic Search Database
Leon writes: In March 2019, I found an unsecured Elasticsearch database which contains more than 4 billion records. The database was sensitive as it contains a lot of PII details as well as Geo-Coordinates of the vehicles meaning the location of the transportation vehicle is tracked and seems to be of an unknown company which…
A misconfigured AWS bucket exposed personal and counseling logs of almost 300,000 Indian employees
On July 17, this site reported on a leak by a vendor, Medico, Inc., that exposed 300,000 patients’ insurance billing-related records. Today, we report on another leak – this one by another vendor – that also exposed about 300,000 records. As part of their benefits offerings, companies often offer services to their employees to help…