The Northwestern Illinois Area Agency on Aging has posted a breach notification of sorts on its web site. It doesn’t explain exactly what kinds of data or details on their clients were accessed, nor how many people had personal information accessed. NIAAA’s electronically stored client data possibly was accessed sometime between March 5 to March…
BioTel Heart Notice of Breach of Personal Information
Cardiac biotelemetry firm BioTel seems to be issuing public notices about a data leak incident first reported on this site in August, 2020. The data were only secured when Amazon was contacted by a researcher and asked to reach out to their customer to secure the data. Neither BioTel nor its vendor had responded to…
IA: Des Moines Area Community College investigating possible breach
Des Moines Area Community College reportedly discovered a security problem Wednesday which forced them to take some of their computer systems offline. Read about it on KCCI. Attempts to connect to DMACC this mornng returned a 503 error. Looking at their Twitter account, however, we find: UPDATE (6/3/21): #DMACC IT is currently working to restore…
Apache Pizza announce data breach associated with details of delivery customers
First it was Domino’s Pizza in India. Then it was New York Pizza in the Netherlands. And now it’s Apache Pizza, a chain of take-out pizza delivery restaurants in Ireland. They have reportedly confirmed that they had a cybersecurity breach that resulted in information about deliveries being accessed by threat actors. “Apache Pizza has notified its…
Van Buren is a Victory Against Overbroad Interpretations of the CFAA, and Protects Security Researchers
Aaron Mackey and Kurt Opsahl of EFF write: The Supreme Court’s Van Buren decision today overturned a dangerous precedent and clarified the notoriously ambiguous meaning of “exceeding authorized access” in the Computer Fraud and Abuse Act, the federal computer crime law that’s been misused to prosecute beneficial and important online activity. The decision is a victory for all Internet…
Hackers Breached Colonial Pipeline Using Compromised Password
William Turton and Kartikay Mehrotra report: The hack that took down the largest fuel pipeline in the U.S. and led to shortages across the East Coast was the result of a single compromised password, according to a cybersecurity consultant who responded to the attack. Hackers gained entry into the networks of Colonial Pipeline Co. on…