Dan Goodin reports: Have I Been Pwned, the breach notification service that serves as a bellwether for the security of login credentials, has just gotten its hands on its biggest data haul ever—a list that includes almost 773 million unique email addresses and 21 million unique passwords that were used to log in to third-party…
Category: Of Note
Over 140 International Airlines Affected by Major Security Breach
Sergiu Gatlan reports: Potential attackers could view and change private information in flight bookings made by millions of customers of major international airlines because of a security issue in the Amadeus online booking system found by Safety Detective’s Noam Rotem. Currently, the Amadeus ticket booking system is being used by 141 international airlines which gives…
DoD Health Agency Security Flaws Put Patient Data at Risk, OIG Finds
Jessica Davis reports: The Department of Defense Health Agency (DHA) failed to consistently implement security measures to protect the systems that stored, processed, and transmitted electronic health record and patient information, according to a DoD Office of Inspector General report released this week. The report found DHA and Army officials didn’t enforce the use of Common…
Massive Oklahoma Government Data Leak Exposes 7 Years of FBI Investigations
Thomas Brewster reports: Another day, another huge leak of government information. Last December, a whopping 3 terabytes of unprotected data from the Oklahoma Securities Commission was uncovered by Greg Pollock, a researcher with cybersecurity firm UpGuard. It amounted to millions of files, many on sensitive FBI investigations, all of which were left wide open on…
U.S. authorities charge several people in SEC hacking scheme
Jonathan Stempel reports: U.S. authorities on Tuesday charged several individuals and companies in a scheme to trade on information in nonpublic corporate press releases by hacking into a U.S. Securities and Exchange Commission database. In a filing with the U.S. District Court in Newark, New Jersey, the SEC said individuals in the United States, Russia…
Employees sacked, CEO fined in SingHealth security breach
Eileen Yu reports: Two employees have been sacked and five senior management executives, including the CEO, fined for their role in Singapore’s most serious security breach, which compromised personal data of 1.5 million SingHealth patients. Further enhancements also will be made to beef up the organisation’s cyber defence, in line with recommendations dished out by…