Laura Dobberstein reports: Microsoft and five other companies have received fines totaling US$75K from South Korea’s Personal Information Protection Commission (PIPC), for running afoul of local data protection laws. The Commission fined Microsoft 16.4 million won (US$14,700) for failing to have protective measures on administrative accounts that led to the leak of over 119,000 email accounts, 144…
Emerging ‘Prometheus’ ransomware claims 30 victims in a dozen countries, Palo Alto Networks says
Tonya Riley reports: A new ransomware group claims to have breached 30 organizations in government, financial services, health care services, and energy firms in the United States, United Kingdom, and a dozen more countries, according to Palo Alto Networks research published Wednesday. The group, which Palo Alto researchers have dubbed “Prometheus,” most frequently targets the manufacturing industry….
ADT Technician Sentenced for Hacking Home Security Footage
There’s an update to a previously reported case: A home security technician was sentenced today to 52 months in federal prison for repeatedly hacking into customers’ video feeds, announced Acting U.S. Attorney for the Northern District of Prerak Shah. Telesforo Aviles, a 35-year-old former ADT employee, pleaded guilty to computer fraud in January. He was sentenced…
Connecticut on its Way to an Enhanced Data Breach Notification Law
Joseph J. Lazzarotti, Jason C. Gavejian, and Maya Atrakchi of Jackson Lewis write: State legislatures across the nation are prioritizing privacy and security matters, and Connecticut is no exception. This week, Connecticut Attorney General William Tong announced the passage of An Act Concerning Data Privacy Breaches, a measure that will enhance and strengthen Connecticut’s data breach notification…
AZ: MCCCD release findings from cyber security breach investigation
ABC reports: The Maricopa County Community College District is releasing the findings from an investigation into a cyber security breach that happened earlier this year. In March, the college district announced that suspicious activity was found on their network which resulted in a system shutdown. […] A forensic investigation determined MCCCD likely identified and prevented…
ASEAN companies still targeted by ALTDOS threat actors
In December of 2020, DataBreaches.net reported on a threat actor (or actors) calling themself “ALTDOS” who had attacked a Thai securities trading firm, Country Group Securities (CGSEC) . CGSEC wasn’t the only Thai entity they attacked, and within weeks, they had attacked MonoNext and 3BB, subsidiaries of Jasmine International. Angered by the entities’ response or lack of response to…