Sean Lyngaas reports: Halvor Molland was asleep on a brisk night in Oslo, Norway’s capital, two years ago when his phone rang around 3 a.m. The computer servers of Norsk Hydro, the global aluminum producer where Molland is senior vice president for communications, had seized up as a crippling ransomware infection spread through the company’s networks….
How Jamaica failed to handle its JamCOVID scandal
Zack Whittaker provides a follow-up on the scandal involving the government of Jamaica, a contractor called Amber Group, and the multiple security issues with JamCOVID. Readers may recall that at the time of Zack’s original reporting, the government and contractor downplayed the incident and a minister made thinly veiled threats directed at Zack and TechCrunch…
Phone numbers for 533 million Facebook users leaked on hacking forum
Catalin Cimpanu reports: A threat actor has published the phone numbers and account details for an estimated 533 million Facebook users —about a fifth of the entire social network’s user pool— on a publicly accessible cybercrime forum. According to samples reviewed by The Record today, the leaked data includes information that users posted on their profiles. Information…
Buying Breached Data: When Is It Ethical?
Jeremy Kirk reports: Security practitioners often tread a fine and not entirely well-defined legal line when conducting data breach research. This research can also pose ethical questions when commercial sources for stolen data fall into a gray area. Kirk’s article on DataBreach Today provides a good overview of the issue. And I totally agree with…
SG: Vhive attackers escalate, take control of furniture retailer’s email server
On March 29, DataBreaches.net reported a confirmed hack of Singapore retail furniture chain Vhive. Previous coverage of the attack, as reported by ALTDOS threat actors and as reported by the firm on their site can be found here. At the time of that publication, ransom negotiations between the firm and the attackers appeared to have…
“Anonymous” tries to get this site’s post on MobiKwik censored
On March 30, DataBreaches.net posted an update to a controversial data breach that MobiKwik denies (previous coverage can be found here). The controversy subsequently escalated on Twitter when people started complaining that they had found their data in the leaked database and that it corresponded to what they had on file with MobiKwik. In addition…