KOMO in Washington reports on a ransomware incident originally discovered in June, and first mentioned in the media on July 24. A ransomware attack by hackers has scrambled data on computer systems at Grays Harbor Community Hospital in Aberdeen, including patient health information, officials said Wednesday. The attack, which is designed to block the hospital’s…
Major breach found in biometrics system used by banks, UK police and defence firms
Josh Taylor reports: The fingerprints of over 1 million people, as well as facial recognition information, unencrypted usernames and passwords, and personal information of employees, was discovered on a publicly accessible database for a company used by the likes of the UK Metropolitan police, defence contractors and banks. Suprema is the security company responsible for…
Ca: Clients notified of privacy breach at Child and Family Services
Brian Higgins reports about an incident on Prince Edward Island: Some clients of Child and Family Services on P.E.I. have been notified by registered letter of a security breach involving their personal information. The letter, dated Aug. 6, was sent by the Department of Social Housing and Development to clients whose electronic files were affected. The…
700k Choice Hotels customer records leaked
Paul Bischoff reports: Hackers claim to have stolen 700,000 guest records belonging to Choice Hotels, one of the largest hotel chains in the world. Comparitech collaborated with security researcher Bob Diachenko to uncover the unsecured database, which was left exposed and accessible to anyone with an internet connection. Diachenko immediately notified the company of the…
British Airways E-Ticketing Flaw Exposes Passenger Flight, Personal Data
Lindsey O’Donnell reports: A vulnerability in British Airways’ e-ticketing system could enable a bad actor to view passengers’ personal data or change their booking information. A security bug discovered in British Airways’ e-ticketing system has the potential to expose passengers’ data, including their flight booking details and personal information. Read more on Threatpost.
FBI: Nashville company Asurion paid $300K ransom after private data was stolen; former employee named as suspect
Brian Kelman reports: A Nashville corporation paid at least $300,000 in ransom to a extortionist who claimed he stole private info of thousands of employees and more than a million customers, according to new court records from an ongoing FBI investigation. Asurion, a global phone insurance and tech support company headquartered in the city, confirmed the breach but said it believes the suspect…