Bill Trotter and Judy Harrison report: Seventeen ex-employees of the Washington County Sheriff’s Office have sued Sheriff Donnie Smith over the collection and release of their personnel information as part of Smith’s unsuccessful effort to contest the ballot eligibility of two political opponents earlier this year. […] The complaint, filed Monday in Washington County Superior Court,…
Category: Other
Fidelity National Financial notifies title insurance customers of breach
From a letter sent by Fidelity National Financial to customers on September 23: Fidelity National Financial, Inc. (“FNF”) is writing to inform you of an incident that may have involved your personal information. FNF is the parent company of Ticor Title Company of Oregon, Ticor Title of Nevada, Inc., Lawyers Title Company, and Lawyers Title…
Provo City School District suffers data breach
Barbara Christiansen reports: Employees of the Provo City School District may have an extra concern facing them as the district has discovered a data breach. There was a phishing attack and someone gained access to an employee’s email account. That account contained files with sensitive, personal identification information for about half of the district’s employees….
We Take Your Privacy and Security. Seriously.
One of the things Brian Krebs and I seem to have in common is that you don’t want to have to send either of us a breach notification letter. Brian writes of his own recent experience with Cox, who wrote to him and 51 other customers: “On or about Aug. 13, 2014, “we learned that one…
Bash bug: Shell Shocked yet? You will be … when this goes WORM
Darren Pauli reports: Much of the impact of the Shell Shocked vulnerability is unknown and will surface in the coming months as researchers, admins and attackers (natch) find new avenues of exploitation. The vulnerability, coined Shell Shocked by researcher Robert Graham, existed in the Bash command interpreter up to version 4.3 and affected scores of servers,…
Experts Condemn eBay After XSS Attack Puts Users At Risk
Tom Jowitt reports: The attack on eBay was a cross-site scripting (XSS) attack, in which users were redirected to a spoof website designed to steal their credentials. It is not known at this stage, how many users have been affected, said the BBC. “It would be nice to think that eBay, one of the world’s most popular…