Unemployment fraud is a rampant problem these days. Even investigating it can increase the risk of fraud, it seems. Betty Lin-Fisher reports that hundreds of thousands of Ohioans have become victims, and they generally are first finding out because the Ohio Department of Job and Family Services (ODJFS) started sending out 1099 tax statements showing…
Ransomware payments are going down as more victims decide not to pay up
Danny Palmer reports: The average ransom paid to cyber criminals following a ransomware attack is falling as more companies become reluctant to give into extortion demands. Analysis by cybersecurity company Coveware has found that the average ransom payment paid following a ransomware attack decreased by a third in the final quarter of 2020, dropping to $154,108 from $233,817…
Wind River Security Incident Affects SSNs, Passport Numbers
Lindsey O’Donnell reports: Wind River Systems, which develops embedded system software, on Friday warned of a “security incident” that had exposed personnel records. One or more files were downloaded from the company’s network on or around September 29, it said. Affected data included information maintained within the company’s personnel records – including critical data like…
Personal Data of 3 Million+ People Exposed In DriveSure Hack
Once again, breaches are discovered when security firms read forums where data are shared or posted for sale. Risk Based Security discusses what they found involving DriveSure: In a lengthy post to prove the databases’ high quality, the threat actor detailed the leaked files and the user information. Typically, hackers only share valuable segments or…
Report: American Cable and Internet Giant Comcast Exposed Development Database Online
This is a leak that deserves its own post. Website Planet reports: On December 1st, 2020 the WebsitePlanet research team in cooperation with Security Researcher Jeremiah Fowler discovered a non-password protected database that contained over 1.5 billion records. There were references to Comcast throughout the database including multiple subdomains, urls, and internal IP addresses. The publicly visible…
Leaks, leaks, leaks….
A small roundup of leak or breach reports from various sources and places in the world… Pakistan Bykea, a Pakistani vehicle-for-hire and parcel delivery company was found leaking its production server with more than 200GB of data containing more than 400 million records. Exposed customer PII included names, phone numbers, and email addresses, while Bykea…