Nicole Chang reports: IT vendor Learnaholic has been fined S$60,000 after the personal data of more than 47,000 students, parents and staff of various schools were hacked. The organisation provided services including attendance-taking and e-learning systems to schools in Singapore under a contract with the Ministry of Education. However, lapses in its security arrangements led…
Katy ISD staff info, including Social Security numbers, released
KTRK reports: Katy ISD said the birth dates and Social Security numbers of its employees were “inadvertently” released. […] According to officials, the information was sent out in response to a routine request for an employee list. Read more on ABC13. This is not the first breach involving employees’ personal information, although in a bigger…
Bug bounty firm HackerOne suffers ‘sloppy cut-and-paste’ breach
Eva Short reports: … in an ironic turn of fortunes for the firm, HackerOne has now paid out a $20,000 bounty for the identification of a bug on its own platform. The hacker in question, user ‘haxta4ok00’, had been communicating with one of HackerOne’s security analysts last month. Throughout the course of the conversation, the…
JP: More HDDs with personal data found to be auctioned
Officials of Kanagawa Prefecture say nine more hard disk drives with taxpayers’ personal information are still missing in addition to another nine drives that have been recovered. The 18 HDDs were auctioned away online by a worker of a recycling firm in violation of contracts. Read more on NHK.
Russian Hacking Group Evil Corp. Charged By Federal Prosecutors In Alleged Bank Fraud
Bobby Allyn reports: Federal law enforcement officials have announced criminal charges against two Russian nationals who operate a hacking organization known as Evil Corp., a group officials say is responsible for one of the most sweeping banking fraud schemes in the past decade. The criminal indictments were unsealed in Pittsburgh, Pa., and Lincoln, Nebraska, against Maksim Yakubets, 32,…
CO: Sunrise Community Health Notifies Patients of Data Security Incident
Sunrise Community Health in Colorado has posted a notice concerning a recent data security incident. From their notice: A recent incident at Sunrise Community Health (“Sunrise”) may affect the privacy of certain information. Sunrise is unaware of any actual or attempted misuse of this information. However, Sunrise is providing notification to individuals whose information was…