August 30, 2024 – The Federal Trade Commission will require security camera firm Verkada to develop and implement a comprehensive information security program to settle allegations the company failed to use appropriate information security practices, which allowed a hacker to access customers’ security cameras. Under a proposed order, which must be approved by a federal…
Ouch. Rachna Dhanrajani reports: India’s cryptocurrency exchange WazirX, on Monday, revealed that 43% of customer funds lost in a recent cyberattack are unlikely to be recovered. In a virtual press conference, the exchange announced it is undergoing a restructuring process, which could take up to six months. They are also in discussions with a potential…
Did the First Amendment get rescinded in Franklin County, Ohio? What the heck is going on there? Bill Bush of The Columbus Dispatch reports: A Franklin County judge on Thursday granted the city of Columbus a temporary restraining order against a cybersecurity expert who has been telling the media about the public impact of the…
Brian Krebs reports: New details are emerging about a breach at National Public Data (NPD), a consumer data broker that recently spilled hundreds of millions of Americans’ Social Security Numbers, addresses, and phone numbers online. KrebsOnSecurity has learned that another NPD data broker which shares access to the same consumer records inadvertently published the passwords to its…
Catalin Cimpanu reports: A threat actor is hacking and extorting companies that have misconfigured their cloud server infrastructure. The data extortion campaign has been taking place since earlier this year and involves a large-scale scan of the internet for companies that have exposed their environment variable files. Also known as .ENV, these files act as…
An unsecured backup blob exposed pre-employment background checks on approximately 200,000 people. Applicant files contained various amounts of personal and occupational information, including SSN, name, address, driver’s license, date of birth, education and employment history, and in some cases, criminal background checks. Files went back 15 years. The blob was unsecured for at least six…