Jeremy Kirk reports: David Stier, a San Francisco-based data scientist, has uncovered situations in which Facebook’s Instagram service exposed the contact details of minors, such as email addresses and phone numbers. In the last month, Stier discovered that Instagram was leaking kids’ email addresses within the HMTL of the web version of users’ profiles. Instagram…
Verizon has been leaking customers’ personal information for days (at least)
Dan Goodin reports: Verizon is struggling to fix a glitch that has been leaking customers’ addresses, phone numbers, account numbers, and other personal information through a chat system that helps prospective subscribers figure out if Fios services are available in their location. The personal details appear when people click on a link to chat with…
Georgia dental practice discovers it was attacked by ransomware when the attackers call them on the phone
Well, this is a bit different from what I am used to reading. Galstan & Ward Family and Cosmetic Dentistry (Galstan & Ward) is a dental practice in Georgia. On September 9, 2020, they learned that they had been a victim of a ransomware attack — or an attempted attack — when they got a…
Attacked by ransomware, Golden Gate Regional Center continues providing services to developmentally disabled clients
On September 29, DataBreaches.net sent an email to Golden Gate Regional Center (GGRC) asking about claims by Conti threat actors that they had encrypted GGRC’s system(s). As proof, the attackers had uploaded more than a dozen files. GGRC, a state- and federally-funded nonprofit organization serving individuals with developmental disabilities in Marin, San Francisco and San…
Hacker who stole information from Nintendo sentenced
AP reports: A computer hacker who stole information from Nintendo and was also caught with child pornography on his computer was sentenced Tuesday to three years in prison. Ryan S. Hernandez, 21, of Palmdale, California, had pleaded guilty in January to one count of computer fraud and abuse and one count of possession of child…
Belgium: Belgian DPA announces potential data breach at Bpost
OneTrust DataGuidance writes: The Belgian Data Protection Authority (‘Belgian DPA’) announced, on 1 December 2020, that it had learned of a potential security incident at Bpost through media articles. In particular, the Belgian DPA outlined that, given the position Bpost plays in Belgian society, a data breach would have made possible access to personal data…