Brian Krebs reports: National Veterinary Associates (NVA), a California company that owns more than 700 animal care facilities around the globe, is still working to recover from a ransomware attack late last month that affected more than half of those properties, separating many veterinary practices from their patient records, payment systems and practice management software. NVA…
Activist Leaks Files From a Data Broker for Demoing its Software With ICE
Joseph Cox reports: To protest a data broker giving trial accounts of their product to U.S. Immigrations and Customs Enforcement, a source has provided Motherboard with internal files of Sayari, a company that collects and resells access to data on citizens from more than a hundred different countries. Sayari’s data banks include physical addresses, email…
Indian onlinebloodbank FINALLY secures exposed donors database
It’s been a frustrating matter, but it may finally be resolved, thanks to the individual known as @fs0ciety on Twitter. In May 2019, DataBreaches.net was alerted to an online bloodbank in India that had a misconfigured Amazon s3 bucket. Despite repeated emails by this site and even a phone call from Banbreach infosec in India,…
Court approves extradition of young hacker to US
Jonathan Shkurko reports: Joshua Epiphaniou will be the first Cypriot to be extradited to the United States after a Nicosia court ruled he should stand trial there, his lawyer Michael Chambers said. He faces 20 years in prison in two US states – Georgia and Arizona – where he faces several charges including wire and…
Startup vulnerability leaves Queer Chart student data exposed
Paxton Scott reports: A security flaw allowed users of Queer Chart, a startup founded by Stanford students to link members of the campus queer community, to access all users’ names, profile pictures, email addresses, dates of birth, pronouns, schools and anonymous IDs, its founders have acknowledged. An anonymous ID is meant to allow a user…
Macy’s Customer Payment Info Stolen in Magecart Data Breach
Lawrence Abrams reports: Macy’s has announced that they have suffered a data breach due to their web site being hacked with malicious scripts that steal customer’s payment information. This type of compromise is called MageCart attack and consists of hackers compromising a web site so that they can inject malicious JavaScript scripts into various sections…