This is a somewhat bizarre – and disturbing – breach involving medical records and human remains. Police have launched an investigation after an abandoned autopsy laboratory containing mummified baby remains was discovered in a park. The gruesome facility in Tobolsk, which may have been used as recently three years ago, was stumbled across by a…
Category: Of Note
After breaches, higher-ed schools adopt two-factor authentication
Ann Bednarz reports: Payday didn’t go as planned on January 2, 2014, for some Boston University employees. On that day, about a dozen faculty members discovered their paychecks hadn’t been deposited into their bank accounts. Thieves had changed the victims’ direct deposit information and rerouted their pay. BU’s IT security team traced the attack to a phishing…
In the exploit biz? FULL DISCLOSURE is your best friend, boffin says
Darren Pauli reports: Auscert Security bod Alfonso De Gregorio says buyers and sellers in the cut-throat exploit marketplace should release their zero-days to the public if they are fleeced. The BeeWise founder says full disclosure of security vulnerabilities helps punish both buyers who fail to pay or on-sell zero-days, and sellers who break contracts and re-sell…
Tox owner ‘tox’ putting his business up for sale
Archiving this, which was posted on Pastebin on June 3 by YDKLIJNSMA (Yonathan Klijnsma, 0x3a) Dear users, Just one month ago, in one instant, all what I’ve studied for months fused in one brilliant idea, which was then named Tox. I knew it was something new, something that was completely different from what was already there. I started designing…
OPM notifying 4 million current and former federal employees of hack
Oh my. From the U.S. Office of Personnel Management, 4 million federal employees may have had their information compromised. But it’s not just OPM that was hacked. It appears that China may have successfully hacked not just OPM, but the Interior Department, and possibly every federal agency. Here’s the press release from OPM: The…
CT Governor Malloy Expected To Sign Data-Breach Bill Requiring One Year Of Identity-Theft Protection
Matthew Sturdevant reports: In the wake of several major data breaches in recent years at The Home Depot, Target and Anthem, Connecticut’s legislature has passed a bill that would provide greater consumer protections. One of the key provisions is at least one-year of identity-theft protection for any customer that is a victim of a data…