Phil Muncaster reports: The personal details of over 200,000 customers of a British holiday firm were left exposed in audio files for several years, according to a new report. Truly Travels, which trades under the name Teletext Holidays, is unusual in that consumers browse its website for package deals before completing their order over the…
Over 47,000 Supermicro servers are exposing BMC ports on the internet
Catalin Cimpanu reports: More than 47,000 workstations and servers, possibly more, running on Supermicro motherboards are currently open to attacks because administrators have left an internal component exposed on the internet. These systems are vulnerable to a new set of vulnerabilities named USBAnywhere that affect the baseboard management controller (BMC) firmware of Supermicro motherboards. Read…
Data Leak Hits 2.5 Million Customers of Cosmetics Giant Yves Rocher
Phil Muncaster reports: A French retail consultancy exposed data on millions of its clients’ customers as well as sensitive business information, after researchers discovered an unsecured Elasticsearch database. Aliznet, which specializes in digital transformation, names the likes of tech giants IBM, Oracle and Salesforce, retail leaders like Auchan, and big brands including Yves Rocher and…
AU: Porter’s office in privacy breach
Alice Workman reports: Who knew the one thing that could unite Australia’s diverse multicultural leaders was a privacy breach by the Attorney-General’s office? Christian Porter gathered religious leaders and journalists at The Great Synagogue in Sydney’s CBD last Thursday to read his draft religious discrimination bill. Not all attended — the Catholic Church and Australian…
University of Ghana accommodation registration portal hacked – Authorities
Most of this article is about problems finding housing for accepted students, but if you keep reading down, you get to the part about the portal having been reportedly hacked: Hacked portal Attempts by the Daily Graphic to speak to the Dean of Students were unsuccessful. However, an administrator of the university who did not…
Ca: Unauthorized Accesses of Health Information Lead to Eleventh Conviction
August 29, 2019 — A former billing clerk with Alberta Health Services (AHS) pleaded guilty in Red Deer Provincial Court to illegally accessing health information under the Health Information Act (HIA) on August 21, 2019. Rosario Aldave was found to have accessed the health records of 52 Albertans without authorization. She received a $5,000 fine and was…