Brandon Vigliarolo reports: Organizations that sell IT services to Uncle Sam are peeved at proposed changes to procurement rules that would require them to allow US government agencies full access to their systems in the event of a security incident. The rules were unveiled in a draft update to the Federal Acquisition Regulation (FAR) that refreshes security…
Major Data Breach in Thailand Exposes Personal Data of 20 Million Elderly Citizens
Israel Ojoko reports: In a massive breach of digital trust, personal information of nearly 20 million elderly Thai citizens was leaked from the Department of Older Persons (DOP) under the Ministry of Social Development and Human Security in Thailand. This alarming incident was initially reported by Los Angeles-based cybersecurity firm, Resecurity, on January 22, and…
Hundreds of Jewish creatives have names, details taken in leak, published online
Chip Le Grand reports: Anti-Zionist activists have published the names, images, professions and social media accounts of hundreds of Jewish people working in academia and creative industries, in an escalation of social tensions over the October 7 attacks and subsequent war in Gaza. The dissemination of almost 600 names and their personal details was taken…
Verizon insider data breach affects over 63,000 employees
Bleeping Computer reports that Verizon has notified the Maine Attorney General’s Office of an insider data breach affecting 63,206 employees. According to their sample notice of what was sent to those affected, an employee gained unauthorized access to employee data on September 21, 2023, although Verizon didn’t discover the problem until December. The types of…
Millions of hacked toothbrushes used in Swiss cyber attack (1)
Andy Cuthbertson reports: Hackers have infected millions of smart toothbrushes with malware in order to carry out a massive cyber attack against a Swiss company, according to reports. The internet-connected toothbrushes were linked together in something known as a botnet in order to perform a distributed denial of service (DDoS) attack, which overloads websites and servers with…
Lawsuits Involving GoAnywhere Data Breach Consolidated at One Florida Federal Court
The ransomware gang known as Clop created massive headaches for numerous entities with attacks involving the exploitation of vulnerabilities in file transfer software. Since December 2020, the same gang exploited vulnerabilities in Accellion, Fortra’s GoAnywhere software, and Progress Software’s MOVEit software. Christopher Brown reports a litigation update in cases stemming from the GoAnywhere breach disclosed…