Zack Whittaker reports: Edraak, an online education nonprofit, exposed the private information of thousands of students after uploading student data to an unprotected cloud storage server, apparently by mistake. The nonprofit, founded by Jordan’s Queen Rania and headquartered in the kingdom’s capital, was set up in 2013 to promote education across the Arab region. The…
What goes around comes around: hackers leak other hackers’ data online
Group1B reports: Group-IB, a global threat hunting and adversary-centric cyber intelligence company, discovered that user data of the Swarmshop card shop have been leaked online on March 17, 2021. The database was posted on a different underground forum and contained 12,344 records of the card shop admins, sellers and buyers including their nicknames, hashed passwords, contact details, history of activity, and current balance. In addition to user…
Data breach at Atascadero State Hospital more serious than originally thought
Malea Martin reports: A data breach at Atascadero State Hospital appears to be more severe than state officials initially thought, as the investigation into what happened remains ongoing. On March 18, the Department of State Hospitals (DSH) announced that an employee with access to Atascadero State Hospital data servers improperly obtained more than 1,400 patient and former patient names,…
Statement From Atlantic Media on Unauthorized Access of Its Servers
The Atlantic posted a statement on their site yesterday: On March 1, 2021, Atlantic Media, a minority shareholder and former corporate owner of The Atlantic, became aware that a serious issue was affecting its systems. Upon deeper investigation, it was discovered that an unauthorized actor had accessed its servers. Atlantic Media immediately engaged external forensics…
Hong Kong’s privacy watchdog checking whether city residents exposed in massive LinkedIn data leak
The 500m Facebook leak is not the only 500m leak in the news this past week. There’s also a leak allegedly involving LinkedIn, and now regulators are also looking into that one, too. Danny Mok reports: Hong Kong’s privacy watchdog was seeking clarifications on Wednesday night from career networking site LinkedIn over residents’ possible exposure…
Utah is the 2nd State to Create a Safe Harbor for Companies Facing Data Breach Litigation
Joseph J. Lazzarotti, Jason C. Gavejian, and Maya Atrakchi of JacksonLewis write: In mid-March, Utah Governor Spencer Cox signed into law the Cybersecurity Affirmative Defense Act (HB80) (“the Act”), an amendment to Utah’s data breach notification law, creating several affirmative defenses for persons (defined below) facing a cause of action arising out of a breach…