The following is a press release issued by the Federal Trade Commission (FTC) that relates to a data security incident — a misconfiguration — discovered by MacKeeper researchers in 2016 that was previously noted on this site, including a subsequent settlement between DealerBuilt and the New Jersey Attorney General’s Office. From the wording of the…
Category: Of Note
SEC Issues Alert On Outsourcing and Data Security
Liisa Thomas, Sarah Aberg, Kari Rollins, and Katherine Boy Skipsey write: The SEC recently issued a risk alert warning about using vendors and cloud-based platforms. Many broker dealers and investment advisors are turning to these third parties to store customer data. In its alert, the SEC’s Office of Compliance Inspections and Examinations warns firms that…
Two hacking groups responsible for huge spike in hacked Magento 2.x stores
Catalin Cimpanu reports: Two hacker groups are responsible for a huge spike in the number of hacked Magento 2.x shopping sites, according to Willem de Groot, founder of Sanguine Security. This is now the third month in a row when the number of hacked Magento 2.x sites has doubled, after it previously doubled from March…
CNIL Fines French Real Estate Service Provider for Data Security and Retention Failures
From Hunton Andrews Kurth: On June 6, 2019, the French Data Protection Authority (the “CNIL”) announced that it levied a fine of €400,000 on SERGIC, a French real estate service provider, for failure to (1) implement appropriate security measures and (2) define data retention periods for the personal data of unsuccessful rental candidates. Read more…
UK: TalkTalk hacker Daniel Kelley sentenced to 4 years in jail
From the Crown Prosecution Service: A blackmailing hacker behind the TalkTalk cyber-attack – which cost the company £77million after the personal details of 157,000 customers were stolen – has today (10 June) been sentenced. Daniel Kelley, 22, admitted targeting at least six organisations by threatening to sell their hacked data on the ‘dark web’ unless…
Eight years later, the case against the Mariposa malware gang moves forward in the US
Catalin Cimpanu reports: Eight years after US law enforcement opened a first case in the operations of the Mariposa (Butterfly Bot, BFBOT) malware gang, officials are now moving forward with new charges and arrest warrants against four suspects. The original case started way back in May 2011, when US officials first filed a complaint against…