Caroline Haskins reports: The log-in credentials for 3,672 Ring camera owners were compromised this week, exposing log-in emails, passwords, time zones, and the names people give to specific Ring cameras, which are often the same as camera locations, such as “bedroom” or “front door.” Using the log-in email and password, an intruder could access a…
SonyLIV Fixes leaky Elasticsearch in record time
Once again, a service owned and control by a division of official Sony Entertainment has slipped up. This time, their error exposed a elasticsearch server leaking log entries that feed into a third-party tool. Sony is no stranger when it comes to reports of poor infosecurity and hacking incidents, but it is not often we…
China Citizen Watch (Finally) Secures 150TB of Leaking Data
China Citizen Watch, the official Chinese division of the Japanese watch giant Citizen, and Bulova Watch Company (a Citizen brand in the U.S.) have both been affected because China Citizen Watch or its hosting company left an unsecured RSYNC server online with more than 150TB of files. Cursory skimming of the files, necessitated by Citizen…
Saudi hacker gives 19 students full grades, faces jail and millions in fine
Mariam Nabbout reports: A Saudi student hacked into his university’s system to change his classmates’ grades and is now facing legal trouble in the kingdom. This week, the country’s public prosecution recommended the young man receives a four-year jail sentence and a 3-million Saudi riyal fine ($799,804). The defendant, who studies at the King Faisal University in Hofuf,…
Ca: Manitoba insurance company struck by ransomware attack
Canadian Press reports: A Manitoba-based insurance and financial brokerage that has clients across the Prairies has been hit by a ransomware attack that it hadn’t publicly disclosed. Andrew Agencies, based in Virden, appears on a list of targets published online this week by an international cybercriminal gang. Read more on CHVN.
AU: Nine more charges for NSW data breach accused
Steven Trask reports: The Sydney IT contractor allegedly responsible for a massive data breach that cost an ASX-listed property evaluation company more than $8 million is now facing additional charges. Stephen Grant allegedly accessed and published more than 170,000 data sets including names, addresses, contact numbers, property valuations and driver’s licences between September 2017 and…