So what did we miss because the Veterans Administration stopped posting their monthly breach reports to Congress on their web site? DataBreaches.net filed a Freedom of Information request on June 7, and the VA has responded by providing all of the requested monthly reports for the period May, 2016 – June 7, 2017. As an…
Category: Of Note
Bupa IPMI notifies customers of insider breach; former employee claimed to have 1million records for sale on dark web
Over on Hot for Security, Graham Cluley beat me to the punch on reporting an insider breach involving Bupa. You can begin by watching Bupa’s public notice, and then read Graham’s report for some more information. Of note, he reports: In all, around 108,000 international health insurance policies are said to be affected. An email…
Menlo Park dental practice notifies patients of hack and ransom demand
The following is one of the best notification letters I have ever read. I have sent an email to Dr. Yaley to ask a few questions for clarification and follow-up purposes, as some of this sounds like it could be the work of TheDarkOverlord. Regardless of who the attackers are, however, the notification letter below could…
Israeli startup tracks behavior to outsmart hacker bots
Micah Danney reports: You might think of hackers as people sitting at computers, but custom software applications, or bots, can be the ones doing the dirty work. Bots automate the business of hacking, tearing through massive troves of stolen account data, for example, or bombarding website login pages with passwords, probing for hits. Enter Unbotify,…
Russian-Born Cybercriminal Sentenced to Over Nine Years in Prison
A nearly decade-long member of several elite Russian-speaking cybercrime forums was sentenced yesterday to 110 months in prison for running a sophisticated scheme to steal and traffic sensitive personal and financial information in the online criminal underground. Alexander Tverdokhlebov, 29, of Los Angeles, pleaded guilty on March 31 to wire fraud. Accordingly to court documents,…
Data of over 120 million Jio customers leaked, claim reports
This has the makings of another AA situation where despite evidence, an entity initially claims that data were not compromised, only to have to walk back their claims later on. The New Indian Express reported: In what seemed to be the biggest data breach in India, a nondescript website called magicapk reportedly had access to data of…