Catalin Cimpanu reports: More than 47,000 workstations and servers, possibly more, running on Supermicro motherboards are currently open to attacks because administrators have left an internal component exposed on the internet. These systems are vulnerable to a new set of vulnerabilities named USBAnywhere that affect the baseboard management controller (BMC) firmware of Supermicro motherboards. Read…
Data Leak Hits 2.5 Million Customers of Cosmetics Giant Yves Rocher
Phil Muncaster reports: A French retail consultancy exposed data on millions of its clients’ customers as well as sensitive business information, after researchers discovered an unsecured Elasticsearch database. Aliznet, which specializes in digital transformation, names the likes of tech giants IBM, Oracle and Salesforce, retail leaders like Auchan, and big brands including Yves Rocher and…
AU: Porter’s office in privacy breach
Alice Workman reports: Who knew the one thing that could unite Australia’s diverse multicultural leaders was a privacy breach by the Attorney-General’s office? Christian Porter gathered religious leaders and journalists at The Great Synagogue in Sydney’s CBD last Thursday to read his draft religious discrimination bill. Not all attended — the Catholic Church and Australian…
University of Ghana accommodation registration portal hacked – Authorities
Most of this article is about problems finding housing for accepted students, but if you keep reading down, you get to the part about the portal having been reportedly hacked: Hacked portal Attempts by the Daily Graphic to speak to the Dean of Students were unsuccessful. However, an administrator of the university who did not…
Ca: Unauthorized Accesses of Health Information Lead to Eleventh Conviction
August 29, 2019 — A former billing clerk with Alberta Health Services (AHS) pleaded guilty in Red Deer Provincial Court to illegally accessing health information under the Health Information Act (HIA) on August 21, 2019. Rosario Aldave was found to have accessed the health records of 52 Albertans without authorization. She received a $5,000 fine and was…
XKCD forum goes offline after discovery of data leak affecting 562K members
Ravie Lakshmanan reports: XKCD forum, the bulletin board associated with the popular webcomic XKCD, has been taken offline after personal information of more than 562,000 members was exposed online. According to security researcher Troy Hunt, the breach occurred two months ago (on July 1 2019). The compromised data has been added to breach alerting site…