More about the successful use of forged emergency data requests that Brian Krebs reported about yesterday. Now William Turton reports: Apple Inc. and Meta Platforms Inc., the parent company of Facebook, provided customer data to hackers who masqueraded as law enforcement officials, according to three people with knowledge of the matter. Apple and Meta provided…
Category: Other
Hackers Gaining Power of Subpoena Via Fake “Emergency Data Requests”
Brian Krebs reports: There is a terrifying and highly effective “method” that criminal hackers are now using to harvest sensitive customer data from Internet service providers, phone companies and social media firms. It involves compromising email accounts and websites tied to police departments and government agencies, and then sending unauthorized demands for subscriber data while…
Morgan Stanley client accounts breached in social engineering attacks
Sergiu Gatlan reports: Morgan Stanley Wealth Management, the wealth and asset management division of Morgan Stanley, says some of its customers had their accounts compromised in social engineering attacks. The account breaches were the result of vishing (aka voice phishing), a social engineering attack where scammers impersonate a trusted entity (in this case Morgan Stanley) during a…
Russian pipeline company Transneft hit by data leak dedicated to Hillary Clinton
Corin Faife reports: As the Russian invasion of Ukraine moves into its third week, unconventional actors continue to target Russian state-backed businesses with a string of hacks and data leaks — the latest apparently referencing pro-hacktivism comments made by Hillary Clinton. The targeted organization is Transneft, the Russian state-controlled oil pipeline giant. On Thursday, leak hosting website…
Arkansas AG Sues Defunct Health Provider for Mishandling Patient Records
Scott Carroll reports: Arkansas Attorney General Leslie Rutledge on Thursday announced a lawsuit against the defunct Eastern Ozarks Regional Health for failing to protect sensitive patient information after it closed. The former hospital in Cherokee Village is accused of leaving behind thousands of unsecured patient and employee records that contain social security numbers, driver’s license…
Ireland’s privacy watchdog sued for inaction over ‘massive Google data breach’
Natasha Lomas reports: Ireland’s evasive response to a major security complaint filed against Google’s adtech the year the European Union’s General Data Protection Regulation (GDPR) came into application is the target of a new lawsuit — which accuses the Data Protection Commission (DPC) of years of inaction over what the complainants assert is “the largest…