I’ve just read a breach notification from an incident that was reported to HHS as impacting 25,000. Reading it, it sounds like someone tried to tip the entity that they had a vulnerability and the tipster provided proof. But then their investigation couldn’t definitively prove that no data had ever been accessed or exfiltrated or…
Misconfigured cloud storage bucket exposed Pfizer drug safety-related reports — researchers
For lo, these many years, DataBreaches.net has been reminding everyone that not all leaks or breaches involving medical or sensitive personal health information are covered by HIPAA. Today’s story is a reminder of that. vpnMentor recently contacted DataBreaches.net about a leak their research team, led by Noam Rotem and Ran Locar, had discovered. The leak…
Six Russian GRU Officers Charged in Connection with Worldwide Deployment of Destructive Malware and Other Disruptive Actions in Cyberspace
From the U.S. Department of Justice yesterday: On Oct. 15, 2020, a federal grand jury in Pittsburgh returned an indictment charging six computer hackers, all of whom were residents and nationals of the Russian Federation (Russia) and officers in Unit 74455 of the Russian Main Intelligence Directorate (GRU), a military intelligence agency of the General Staff…
Mysterious ‘Robin Hood’ hackers donating stolen money
Joe Tidy reports: A hacking group is donating stolen money to charity in what is seen as a mysterious first for cyber-crime that’s puzzling experts. Darkside hackers claim to have extorted millions of dollars from companies, but say they now want to “make the world a better place”. In a post on the dark web,…
Hackers Smell Blood as Schools Grapple With Virtual Instruction
David Uberti reports that it’s been a rough school year already in terms of cybersecurity. And he wisely reached out to Doug Levin for his input. Doug created and maintains a wonderful resource — the K-12 Cybersecurity Resource Center that maps reports in k-12 from around the country. At least 289 districts across the U.S….
Courts fined $9,000 for second data breach in two years
No — it’s not the judiciary, but an electronics retailed in Singapore named Courts. Lester Wong reports: Electronics retailer Courts has been fined $9,000 for failing to secure customers’ personal details such as names, mobile numbers and addresses, the second time in two years that it has been found to have breached data protection laws….