Laura Shin reports: Just after midnight on August 11, self-professed night owl Jered Kenna was working at home in Medellin, Colombia, when he was notified the passwords had been reset on two of his email addresses. He tried to set up new passwords himself by prompting the email service to send him text messages containing…
Category: Of Note
Australia finally gets data breach notification laws at third attempt
Chris Duckett reports: At the third time of asking, Australia will have data breach notification laws. The passage of the Privacy Amendment (Notifiable Data Breaches) Bill 2016 through the Senate on Monday means Australians will in the near future begin to be alerted of their data being inappropriately accessed. The legislation is restricted to incidents involving personal information,…
NSA Contractor Could Face 200 Years in Prison for Massive Breach
Elias Groll reports: U.S. prosecutors unveiled an indictment Wednesday detailing what may amount to the largest data breach in the history of the National Security Agency — an archive of classified material that may total more than 500 million pages. The incident is a black eye on the secretive spy agency’s attempt to crack down on…
FBI Search Warrant That Fueled Massive Government Hacking Was Unconstitutional, EFF Tells Court
Boston—An FBI search warrant used to hack into thousands of computers around the world was unconstitutional, the Electronic Frontier Foundation (EFF) told a federal appeals court today in a case about a controversial criminal investigation that resulted in the largest known government hacking campaign in domestic law enforcement history. The Constitution requires law enforcement officers seeking a search warrant…
Fast Food Chain Arby’s Acknowledges Breach at Hundreds of Locations
Brian Krebs reports: Sources at nearly a half-dozen banks and credit unions independently reached out over the past 48 hours to inquire if I’d heard anything about a data breach at Arby’s fast-food restaurants. Asked about the rumors, Arby’s told KrebsOnSecurity that it recently remediated a breach involving malicious software installed on payment card systems at hundreds of…
While investigating W-2 phishing scam, company discovers they were scammed last year, too (Updated)
The 2017 W-2 Phishing Victims List continues to grow, and I’m not posting most of them as individual reports, but one news story involving Monarch Beverage Company in Indianapolis deserves special mention because as CBS reports: While investigating this incident, the company discovered the same thing happened in April 2016. A scammer posing as the…