Yasmin Rufo reports: The British Library has confirmed that a cyber attack in October has led to a leak of employee data. The attack, which took place on 31 October, has also resulted in the library’s website being down for almost a month. The Rhysida ransomware group claim to be behind the attack, and say…
Category: Of Note
FCC adopts new rules to protect consumers from SIM-swapping attacks
Sergiu Gatlan reports: The Federal Communications Commission (FCC) has revealed new rules to shield consumers from criminals who hijack their phone numbers in SIM swapping attacks and port-out fraud. FCC’s Privacy and Data Protection Task Force introduced the new regulations in July. They are geared toward thwarting scammers who seek to access personal data and information…
Poloniex confirms hackers identity, offers $10M white hat reward to return stolen funds
Assad Jafri reports: Poloniex has officially identified the hacker responsible for stealing $120 million from the exchange on Nov. 10 and offered a $10 million white reward if the funds are returned by Nov. 25, according to on-chain data shared by blockchain security firm PeckShield. Justin Sun, Poloniex’s majority shareholder, sent blockchain messages on the Ethereum network to addresses involved…
Canadian Government Announces Data Breach, Urges Public Service Employees to Take Action
Stacey Scott reports: The federal government has issued a warning to current and former public service employees, as well as members of the RCMP and Canadian Armed Forces, regarding a recent data breach that took place on October 19th. Officials have identified two companies, Brookfield Global Relocation Services (BGRS) and SIRVA Worldwide Relocation & Moving…
A Hacker Faked His Own Death–Then Claimed To Have Sold Marriott Customer Data To Russians, FBI Says
Thomas Brewster reports: A hacker told the FBI earlier this year that he sold access to the personal data of Marriott hotel customers on a Russian forum, according to a search warrant obtained by Forbes. He also hacked into a number of U.S. state death certificate registration agencies in an effort to fake his own demise,…
Does claiming you were hacked when you had really just screwed up violate the FTC Act?
On November 12, DataBreaches published an OpEd, If entities continue to obfuscate and lie, it’s time to mandate more transparency in breach disclosures. Today, we post another example of why we need to legislate and enforce data breach notification laws that prohibit deceptive statements and mandate more disclosure when data has been leaked. This week,…