Alex Hern reports: More than 700m email addresses, as well as a number of passwords, have leaked publicly thanks to a misconfigured spambot, in one of the largest data breaches ever. The number of real humans’ contact details contained in the dump is likely to be lower, however, due to the number of fake, malformed…
Category: Of Note
Judge Cracks Down on LinkedIn’s Shameful Abuse of Computer Break-In Law
Jamie Williams and Amul Kalia write: Good news out of a court in San Francisco: a judge just issued an early ruling against LinkedIn’s abuse of the notorious Computer Fraud and Abuse Act (CFAA) to block a competing service from perfectly legal uses of publicly available data on its website. LinkedIn’s behavior is just the…
Leak of >1,700 valid passwords could make the IoT mess much worse
Dan Goodin reports: Security researchers have unearthed a sprawling list of login credentials that allows anyone on the Internet to take over home routers and more than 1,700 “Internet of things” devices and make them part of a destructive botnet. The list of telnet-accessible devices, currently posted at this Pastebin address, was first posted in…
Uber Settles With FTC Over Allegedly Deceptive Privacy And Data Security Practices
As I reported earlier this month on PogoWasRight.org, Uber settled privacy and data security charges levied by the Federal Trade Commission. Laura Jehl of BakerHostetler recaps the controversy: Uber, the ride-hailing giant, agreed this week to implement a comprehensive privacy program and to undergo 20 years of privacy and data security audits in order to…
Hackers claim to have leaked Game of Thrones season finale details
The newest email from “Mr. Smith” began: Hi, This is 6th Wave of HBO Leak, contains final episode of “Game of Thrones” season 7 and contracts of GOT actors… Spread Well… Attached to the email was a link to a data dump plus files with what appeared to be a 127-page file dated April 26,…
FBI charges Chinese national with distributing malware used in OPM hack
Stephanie Condon reports: The FBI has filed charges against a Chinese malware broker named Yu Pingan, alleging that he provided hackers with malware, including the Sakula trojan, to breach multiple computer networks belonging to companies in the US. The FBI alleges that Yu, also known as “GoldSun,” conspired with two unnamed hackers from around April…