Graham Cluley writes: A security researcher has revealed details of a flaw in Facebook Messenger that made it possible for “any website to expose who you have been messaging with.” Imperva’s Ron Masas, who in the past has identified a bug that allowed unauthorised websites to view Facebook users’ location histories, likes and interests, discovered…
Hackers Broke Into Admissions Databases at 3 Colleges — and Then Offered to Sell Applicants Their Files
Eric Hoover reports: On Thursday morning a high-school senior in Texas received a strange email. “You are now presented with a unique opportunity,” it said, “to purchase your entire admissions file.” The message appeared to have been sent by Grinnell College, to which the student had applied. But Grinnell hadn’t sent the message; apparently, someone…
An Email Marketing Company Left 809 Million Records Exposed Online
Alyssa Foote reports: By this point, you’ve hopefully gotten the message that your personal data can end up exposed in all sorts of unexpected internet backwaters. But increased awareness hasn’t slowed the problem. In fact, it’s only grown bigger—and more confounding. Last week, security researchers Bob Diachenko and Vinny Troia discovered an unprotected, publicly accessible…
“Vigilance” admits government computer hacking in retaliation for Philando Castile
AP reports: A Twin Cities man has admitted to hacking into state government databases in 2017 in retaliation for the acquittal of a police officer in the fatal shooting of a black motorist, Philando Castile. Cameron Thomas Crowley, 20, of Lino Lakes, pleaded guilty Thursday in U.S. District Court to one count of intentional access…
To protect the health and well-being of patients scheduled for surgery, Columbia Surgical Specialists paid ransom
DataBreaches.net has received a statement from Columbia Surgical Specialists in Spokane about the ransomware incident that they recently reported to HHS as impacting up to 400,000 patients. Subsequent and ongoing investigation suggests that the number affected may be substantially lower. According to the statement sent to this site, the practice became aware of the attack…
Marriott CEO apologizes for data breach, unsure if China responsible
David Shephardson reports: Marriott International Inc Chief Executive Arne Sorenson apologized on Thursday before a U.S. Senate panel for a massive data breach involving up to 383 million guests in its Starwood hotels reservation system and vowed to protect against future attacks. […] Committee Chairman Rob Portman noted that Starwood said it had discovered malware…