Bret Kelman reports: For nine months, the confidential data just sat there, where hundreds of employees could reach it. The identities of thousands of Tennesseans with HIV or AIDS, both living and dead, were listed in a computer database kept on a server accessible to the entire staff of the Nashville Metro Public Health Department. But…
Category: Of Note
The 111 Million Record Pemiblanc Credential Stuffing List
Troy Hunt reports: ……. I’ve just loaded 111 million email addresses found in a credential stuffing list called “Pemiblanc” into HIBP. I had multiple different supporters of HIBP direct me to this collection of data which resided on a web server in France and looked like this: That site has now been taken down…
DOJ backtracks on linking OPM hack to loan fraud case
From the not-surprised dept.: I had suggested previously that claims that data used in identity theft came from the OPM hack were not very convincing. Now the government has walked back any claim that the data did come from the OPM hack. Mark Rockwell reports: The Justice Department said it jumped the gun with a…
MyEtherWallet Warns of [Another] Hack, Urges Hola Users to Move Funds
CCN reports: Popular Ethereum wallet interface and token wallet MyEtherWallet is – yet again – at the center of a significant security breach and has warned its users utilizing a popular VPN to move their funds. MyEtherWallet (MEW) is now reeling from its second major security compromise in under three months after claiming hackers compromised…
Security Firm Sued for Failing to Detect Malware That Caused a 2009 Breach
Catalin Cimpanu reports: Two insurance companies are suing a cyber-security firm to recover insurance fees paid to a customer after the security firm failed to detect malware on the client’s network for months, an issue that led to one of the biggest security breaches of the 2000s. Read more on Bleeping Computer about how Lexington Insurance…
After Strava, Polar is Revealing the Homes of Soldiers and Spies
Foeke Postma reveals the disastrous situation: Polar, a fitness app, is revealing the homes and lives of people exercising in secretive locations, such as intelligence agencies, military bases and airfields, nuclear weapons storage sites, and embassies around the world, a joint investigation of Bellingcat and Dutch journalism platform De Correspondent reveals. In January Nathan Ruser discovered that…