Tom Warren reports: Khalil Shreateh, a self-professed IT expert from Palestine, hit the headlines four years ago when he hacked Facebook CEO Mark Zuckerberg’s wall. Shreateh was frustrated that Facebook was ignoring a big security flaw, so demonstrating it on Zuckerberg’s own Facebook wall was an easy way to get the company to act. Shreateh…
Category: Of Note
21st Century Oncology settlement with HHS over 2015 data breach came with a $2.3 million price tag
There’s an update or follow-up to a breach involving 21st Century Oncology that was first reported on this site in March 2016. The breach, which they first learned of in November 2015 when federal agents contacted them, was the second breach in as many years that the entity had neither prevented nor discovered under its…
Federal Court Permits Former Employees’ Data Breach Claims to Move Forward
Jeffrey M. Schlossberg writes: A data breach occurs in which an outside individual obtains your company’s employees’ W-2 forms including social security numbers, addresses, and salary information. As a result, your company notifies all affected employees, explains what occurred, and offers a complimentary two-year membership to a service that helps detect misuse of personal information. …
UK: Hacker known as “‘Courvoisier” pleads guilty to hacking details of 165,000 people from sites including T-Mobile, Uber, and Groupon
Ashitha Nagesh reports: A cybercriminal has admitted hacking companies including Uber, Sainsbury’s and Groupon in order to sell users’ personal data on the dark web. Grant West, 25, got hold of the details of 165,000 customers of the online takeaway service Just Eat over a five month period, between July and December 2015. […] Appearing…
Data Breach at Website with 45 Million Users Discovered During Academic Research
Catalin Cimpanu reports: A team of three researchers from the University of California, San Diego (UCSD) has created a tool that can detect when user-registration-based websites suffer a data breach. The tool, named Tripwire, works on a simple concept. Researchers say that Tripwire registers one or more accounts on websites by using a unique email…
Mirai IoT Botnet Co-Authors Plead Guilty
Brian Krebs reports: The U.S. Justice Department on Tuesday unsealed the guilty pleas of two men first identified in January 2017 by KrebsOnSecurity as the likely co-authors of Mirai, a malware strain that remotely enslaves so-called “Internet of Things” devices such as security cameras, routers, and digital video recorders for use in large scale attacks…