Dustin Volz reports: The two people who hacked ride-hailing firm Uber’s data in 2016 were in Canada and Florida at the time, a company security executive told a U.S. congressional committee on Tuesday. But I love this line in his testimony: “We made a misstep in not reporting to consumers, and we made a misstep…
Category: U.S.
Uber: We had “no justification” for covering up data breach
Cyrus Farivar reports: Uber’s top security official testified at Capitol Hill on Tuesday, saying that Uber had “no justification” for not coming clean sooner when it had been hit by a massive data breach in 2016. In written testimony, John Flynn, Uber’s chief information security officer, told a Senate committee that “it was wrong not…
Pittsburg employees notified after their W-2 data stolen in phishing scheme
CORRECTION: I picked this up incorrectly as Pittsburgh in PA. A kind reader pointed out my error. This was Pittsburg in Kansas! Corrected Post: The City of Pittsburg hasn’t disclosed how many former and current employees had their W-2 data stolen in a phishing scam on January 30, but I’m betting it’s more than a…
Columbia University grad arrested for using key logger software
Robert Abel reports: A Columbia University grad student was arrested for leaving key logger malware on USB sticks left throughout the campus. Bill Liang Lin Wu, 23 was arrested Thursday after he was caught on camera leaving the credential stealing devices on a host of university computers shared by 14 professors. Wu graduated last spring…
Malware incident discovered in May, 2017 affected 2,600 patients: Partners HealthCare System
Partners HealthCare System, whose hospitals include Massachusetts General and Brigham and Women’s, revealed today that it had discovered a malware attack in May, 2017 that may have exposed 2,600 patients’ information. They learned of the problem on May 8, but because data was mixed in with code, numbers, other data, and unformatted, it took them quite…
12 UNC employees’ personal information comprised in cybersecurity breach
Tommy Wood reports: The private information of 12 University of Northern Colorado employees was compromised last week after an “unknown person or group” accessed their profiles on Ursa, UNC’s online portal, according to a release from the university. Whoever is responsible for the breach tried to log in to the employees’ Ursa accounts, then used…