Cam Wilson reports that an old-fashioned email goof by BTC Markets exposed members’ names and email addresses: Early on Tuesday morning, an Australian cryptocurrency exchange that bills itself as the largest in the country inadvertently exposed more than 270,000 of its members names and email addresses. Users posted to social platforms like Twitter and Reddit to complain…
Cayman Islands investment fund left entire filestore viewable by world+dog in unsecured Azure blob
Gareth Corfield reports: A Cayman Islands-based investment fund has exposed its entire backups to the internet after failing to properly configure a secure Microsoft Azure blob. Details of the fund’s register of members and correspondence with its investors could be freely read by anyone with the URL to its Azure blob, the Microsoft equivalent of…
Thousands of US lab results and medical records spilled online after a security lapse
Zack Whittaker reports: NTreatment, a technology company that manages electronic health and patient records for doctors and psychiatrists, left thousands of sensitive health records exposed to the internet because one of its cloud servers wasn’t protected with a password. The cloud storage server was hosted on Microsoft Azure and contained 109,000 files, a large portion…
Owner and Operator of India-Based Call Centers Sentenced To Prison for Scamming U.S. Victims Out Of Millions of Dollars
An Indian national was sentenced on November 30, 2020 to 20 years in prison followed by three years of supervised release in the Southern District of Texas for his role in operating and funding India-based call centers that defrauded U.S. victims out of millions of dollars between 2013 and 2016. Hitesh Madhubhai Patel, aka Hitesh…
Brazil planemaker Embraer says hackers gained access to company data
Reuters reports: Brazilian plane manufacturer Embraer said late on Monday that it had been targeted by hackers, who obtained the “disclosure of data allegedly attributed to the company.” The company said the breach was identified on Nov. 25 and the culprits only got access to a single company archive. Read more on Reuters. h/t, @Chum1ng0
Huntsville City Schools hit by ransomware attack
WAAY31 reports: Huntsville City Schools is canceling classes on Tuesday due to a ransomware threat. The district announced earlier Monday that it was closing all schools and campuses for the remainder of the day “due to a potential cybersecurity threat.” It said “students, families, and faculty and staff members should shut down their district-issued devices and…