Barry Collins reports: British Mensa, the society for people with high IQs, failed to properly secure the passwords on its website, prompting a hack on its website that has resulted in the theft of members’ personal data. Eugene Hopkinson, a former director and technology officer at British Mensa, stood down this week, claiming that the…
Criminal, domestic violence case info exposed in court records leak
Lindsey O’Donnell reported this earlier this week. Be sure to read the update to it below: Cook County, Ill., home to Chicago, has left a database exposed since at least September that contained sensitive criminal and family-court records. A non-password protected database, belonging to a county in Illinois, exposed 323,000 court records for at least…
Ca: Premier Tech victim of a cyberattack
Translation of reporting by Samuel Gosselin Belanger: Premier Tech has been managing a real crisis for several days. The company confirmed, Friday morning, that the computer failure that has affected the company since Tuesday is in fact a cybersecurity incident. […] For the moment, the Rivière-du-Loup company refuses to say if a ransom has been…
FR: CNIL Fines a Data Controller and Its Processor 225,000 Euros for Security Violation in Connection with Credential Stuffing
Hunton Andrews Kurth writes: On January 27, 2021, the French Data Protection Authority (the “CNIL”) announced (in French) that it imposed a fine of €150,000 on a data controller, and a fine of €75,000 on its data processor, for failure to implement adequate security measures to protect customers’ personal data against credential stuffing attacks on the website…
Fonix ransomware shuts down and releases master decryption key
Lawrence Abrams reports: The Fonix Ransomware operators have shut down their operation and released the master decryption allowing victims to recover their files for free. Fonix Ransomware, also known as Xinof and FonixCrypter, began operating in June 2020 and has been steadily encrypting victims since. Read more on BleepingComputer.
Ransomware attack on Netgain Technology compromised info of Ramsey County home visit clients
Deanna Weniger reports: Ramsey County government offices have been hacked … again. On Friday, the county sent a notification to 8,700 clients of its Family Health Division letting them know that their data may have been accessed on or around Dec. 2. Netgain Technology LLC, a vendor that provides technology services to Ramsey County, advised the county…