Robert Lemos reports: Companies in every industry continue to leave backup and storage platforms unsecured, with more than a dozen issues, including insecure network settings and unaddressed CVEs, affecting the average device. That leaves these repositories — often the first line of protection in the event of a ransomware attack — as sitting ducks for cybercriminals….
Category: Of Note
Cannabis regulators putting out ‘a series of fires’ involving a Russian oligarch and data breach
Tori Bedford reports: Thousands of employees in the Massachusetts cannabis industry received an official email last week about a major data breach: the name, home and email address, phone number and date of birth of every cannabis worker in the state had been made public in an “inadvertent release of agency documents” by the state’s…
McDonald’s Korea fined $532k for breach of customers’ personal data
Yonhap News reports: McDonald’s Korea was given a fine of 696 million won (US$532,110) on Wednesday after the personal data of 4.87 million customers was leaked to hackers due to the firm’s lax data management. The Personal Information Protection Commission handed out the fine to the Korean branch of the American fast food chain, along…
BreachForums down, and will not be back
When BreachForums owner “Pompompurin” was arrested on March 15, forum members knew nothing about it until March 17, when Bloomberg broke the news. But BreachForums administrator “Baphomet” had suspected something was wrong and had already taken steps to secure the forum from law enforcement access. Since then, Baphomet, who took over ownership of the forum,…
MONTI ransomware gang leaks Donut Leaks (UPDATED)
In one of the more intriguing listings of this week, the MONTI ransomware group has added another group, Donut Leaks, to their leak site. The message reads: “stole 100,000 usd didn’t fulfill the terms of the deal” The listing then provides the login credentials to what is allegedly Donut Leaks’ admin cpanel. When tested on…
Was there a rush to arrest Pompompurin, the owner of BreachForums? If so, why?
When the owner of BreachForums was arrested this week, it was not a total surprise, but there were aspects to it that were curious. DataBreaches wonders whether this was a rushed operation in response to some possibly urgent concern. Bloomberg Law broke the news Friday that Conor Brian Fitzpatrick, aka “Pompompurin,” was arrested Wednesday, and…