Why hack when you can socially engineer employees into giving you the keys to the kingdom? Client management billing platform WHMCS reports that hacker group UGNazi successfully socially engineered their web hosting firm into providing the hackers with admin credentials. The hackers then proceeded to acquire their data, delete it, and dump it. The attack…
Category: Of Note
Il: Six indicted over Population Registry data theft
More on a breach previously mentioned on this blog last year. Joanna Parasczuk reports on the evolution of a data breach that started in 2006 as an insider breach and ultimately affected everyone in Israel, it seems: The Tel Aviv District Attorney has charged six people, including a computer programmer formerly employed as a Social…
California Dept of Social Services notifying over 700,000 In-Home Supportive Services providers and recipients after payroll data lost in the mail
California Department of Social Services is notifying over 700,000 In-Home Supportive Services providers and recipients that their data may have been lost. An FAQ on the department’s web site explains that CDSS became aware of the breach on May 9. The information was in a package that was damaged in transit between a Hewlett Packard…
UNC-Charlotte breach affects 350,000
Remember that breach that the University of North Carolina at Charlotte disclosed back in February? Well, they’ve finally released some details and it’s a doozy. Chris Dyches reports: An investigation into the incident shows that financial account numbers and approximately 350,000 social security numbers were included among the exposed data. The exposure has been remediated, officials…
Hackers Threaten University of Pittsburgh with Disclosure of Students’ Personal Info if Demands Are Not Met
Jacob Kleinman reports: Members of the hacktivist collective calling itself “Anonymous” are targeting the University of Pittsburgh, and threatening to release a wealth of private information regarding the school and its students, if the University does not “apologize to your students, law enforcement, and professors on your home page of your domain for a duration…
Columbia U. notifies faculty and proprietors that their SSN and bank account numbers were exposed on the Internet for two years
A reader kindly alerted me to the fact that Columbia University sent out breach notices last week. The letter, dated April 21, informed recipients that 3,000 current and former employees, as well as 500 sole proprietors had their names, addresses, Social Security numbers and bank account numbers exposed on the Internet. The names of…