Back in September, I prefaced a breach post involving the U.K.’s Crown Prosecution Service with the comment, “This is one of those really terrible breaches that are the stuff of nightmares.” It appears the Information Commissioner’s Office concurred, as CPS has been fined £200,000 after laptops containing videos of police interviews were stolen from a private…
Category: Of Note
Six months after OPM hack detected, 75% of victims still not notified
Dustin Volz reports: Fewer than a quarter of 21 million federal workers hit by a major computer hack have been officially told that their personal information was compromised, six months after the breach was detected, a U.S. government official said on Tuesday. About 5 million notifications about the hack have been sent out so far,…
vBulletin patches and forces password reset as 0day is posted for sale
@Cyber_War_News contributed to this post. vBulletin.com is back online after a breach first reported on DataBreaches.net. In new developments, vBulletin forced a password reset and issued a patch while the 0day used to hack them was put for sale. Password Reset An announcement in their forum last night acknowledged the breach and explains: vBulletin.com Password Reset…
The Hacking Team Defectors
Lorenzo Franceschi-Bichhierai has a good piece about members of the Hacking Team who left, and what happened afterwards. Here’s a teaser from it: His name is Alberto Pelliccione. Until last year, he was the man responsible for developing Hacking Team’s Android spyware, and one of the employees who had worked on the company’s marquee product,…
vBulletin, Foxit Software forums hacked by Coldzer0; hundreds of thousands of users’ info stolen
This post was co-authored with @Cyber_War_News. Some days we scratch our heads at the folks who proudly claim hacks and then give law enforcement enough evidence to go after them. And then this happened: #vBulletin 5.x.x hacked by Coldzer0 today. Licences & database dumped, shell on server. vBulletin denied. #0day #security #zeroday — Terry Tran (@terryjunx) November…
Stanford researchers identify potential security hole in genomic data-sharing network
Hackers with access to a person’s genome might find out if that genome is in an international network of disease databases. Sharing genomic information among researchers is critical to the advance of biomedical research. Yet genomic data contains identifiable information and, in the wrong hands, poses a risk to individual privacy. If someone had access…