From the CNIL, the French data protection authority: SPARTOO is specialized in the online shoe sales sector. For this activity, it has a website accessible in thirteen countries of the European Union. The CNIL inspected the company in May 2018, and noted shortcomings concerning the data of customers, prospects and employees. The President of the CNIL therefore…
Intel investigating breach after 20GB of internal documents leak online
Catalin Cimpanu reports: US chipmaker Intel is investigating a security breach after earlier today 20 GB of internal documents, with some marked “confidential” or “restricted secret,” were uploaded online on file-sharing site MEGA. The data was published by Till Kottmann, a Swiss software engineer, who said he received the files from an anonymous hacker who…
Capital One fined $80 million for 2019 hack of 100 million credit card applications
Devlin Barrett reports: Capital One has agreed to pay an $80 million fine to U.S. regulators over a major hacking incident last year in which authorities say about 100 million credit card applications were illegally accessed. The Virginia-based bank with a popular credit card business said it has taken steps to tighten security around its…
Hacker leaks passwords for 900+ enterprise VPN servers
Catalin Cimpanu reports: A hacker has published today a list of plaintext usernames and passwords, along with IP addresses for more than 900 Pulse Secure VPN enterprise servers. ZDNet, which obtained a copy of this list with the help of threat intelligence firm KELA, verified its authenticity with multiple sources in the cyber-security community. Read more…
TX: Cyber attack affects Hudson ISD website
As noted previously on this site, there have recently been a number of attacks on school districts in eastern Texas. Here’s another report on the situation that links the attacks to some districts’ cloud-based hosting service. Grace Juarez reports: Hudson ISD’s website was down throughout the weekend and Monday after a cyber attack affected the…
Second Data Breach at Kentucky Unemployment System
Sarah Coble reports: Kentucky’s unemployment system appears to have suffered its second data breach in four months after a claimant reported being able to view another claimant’s personal data. The reporter of the alleged breach logged on to the Office of Unemployment Insurance’s (OUI) online system on July 27 to work on their unemployment application. While trying…