The Federal Trade Commission is taking action against education technology provider Chegg Inc. for its lax data security practices that exposed sensitive information about millions of its customers and employees, including Social Security numbers, email addresses and passwords. Chegg allegedly failed to fix problems with its data security despite experiencing four security breaches since 2017….
Category: Of Note
Young Finnish man detained in absentia over data breach at Vastaamo
The Vastaamo psychotherapy clinic hack and extortion attempt in Finland, first disclosed in 2020, remains one of the most sensitive and disturbing breaches DataBreaches has ever covered. Past news items about it can be found here. Now there is an update. Aleksi Teivainen of Helsinki Times reports: The District Court of Helsinki on Friday detained…
Hacked Documents: How Iran Can Track and Control Protesters’ Phones
Sam Biddle and Murtaza Hussain report: As furious anti-government protests swept Iran, the authorities retaliated with both brute force and digital repression. Iranian mobile and internet users reported rolling network blackouts, mobile app restrictions, and other disruptions. Many expressed fears that the government can track their activities through their indispensable and ubiquitous smartphones. Iran’s tight…
Alleged administrator of “Germany on the Deep Web” marketplace arrested
The following is a machine translation of a press release on BKA.de, website of Germany’s federal criminal police, Bundeskriminalamt, that appeared on October 27: The Darknet marketplace “Germany on the Deep Web ” was the main point of contact for drug trafficking for several years. The alleged operator of the illegal platform has now been arrested. The Federal Criminal…
NC: UCPS student information made vulnerable due to insufficient security protections by vendor, superintendent says
WBTV Web Staff and Nick Ochsner report: Private information of students at schools districts and charter schools across the state were left vulnerable by a software misconfiguration by a third-party vendor, Union County Public Schools Superintendent Andrew Houlihan told parents in a letter this week. According to the letter, the misconfiguration came after iLeadr, a company used…
A Judge Has Finalized the $63M OPM Hack Settlement. Feds Now Have Two Months to Sign Up for Damages.
Eric Katz reports: A federal judge on Wednesday formally finalized a $63 million settlement that will soon allow thousands of current and former federal employees to receive payouts as part of the agreement stemming from a 2015 breach of data maintained by the Office of Personnel Management. District Judge Amy Berman Jackson said all parties…