Cardiac biotelemetry firm BioTel seems to be issuing public notices about a data leak incident first reported on this site in August, 2020. The data were only secured when Amazon was contacted by a researcher and asked to reach out to their customer to secure the data. Neither BioTel nor its vendor had responded to…
IA: Des Moines Area Community College investigating possible breach
Des Moines Area Community College reportedly discovered a security problem Wednesday which forced them to take some of their computer systems offline. Read about it on KCCI. Attempts to connect to DMACC this mornng returned a 503 error. Looking at their Twitter account, however, we find: UPDATE (6/3/21): #DMACC IT is currently working to restore…
Apache Pizza announce data breach associated with details of delivery customers
First it was Domino’s Pizza in India. Then it was New York Pizza in the Netherlands. And now it’s Apache Pizza, a chain of take-out pizza delivery restaurants in Ireland. They have reportedly confirmed that they had a cybersecurity breach that resulted in information about deliveries being accessed by threat actors. “Apache Pizza has notified its…
Van Buren is a Victory Against Overbroad Interpretations of the CFAA, and Protects Security Researchers
Aaron Mackey and Kurt Opsahl of EFF write: The Supreme Court’s Van Buren decision today overturned a dangerous precedent and clarified the notoriously ambiguous meaning of “exceeding authorized access” in the Computer Fraud and Abuse Act, the federal computer crime law that’s been misused to prosecute beneficial and important online activity. The decision is a victory for all Internet…
Hackers Breached Colonial Pipeline Using Compromised Password
William Turton and Kartikay Mehrotra report: The hack that took down the largest fuel pipeline in the U.S. and led to shortages across the East Coast was the result of a single compromised password, according to a cybersecurity consultant who responded to the attack. Hackers gained entry into the networks of Colonial Pipeline Co. on…
MI: WMed warns 2,474 employees and beneficiaries enrolled in healthcare coverage of phishing incident
Brad Devereaux reports: WMed has alerted employees, former employees and their beneficiaries covered under employee healthcare coverage about a data security incident caused by phishing that exposed personal information. Someone within the Western Michigan University Homer Stryker MD School of Medicine, or WMed, clicked on a “phishing” link in an email, which allowed outside access…