Sergiu Gatlan reports: According to the Ministry’s public statement, the hackers managed to get their hands on the names, phone numbers, and email addresses of all people who had an account on the French Ariane emergency contact database. The platform is used by the French Ministry of Europe and Foreign Affairs to allow citizens traveling abroad to…
GA: Mind & Motion notifies 16,000 after ransomware attack
One of the newer incidents appearing on HHS’s public breach tool this week is a report from Mind & Motion, LLC in Georgia. Mind & Motion offers various types of therapeutic modalities. On September 30th, 2018, they discovered that their server had been attacked with ransomware. In a notification to patients, they write: We have…
Breaches have consequences: Finnish trafi safety boss resigns over privacy breach
YLE reports: The head of the Finnish Transport Safety Agency Mia Nykopp has resigned after a privacy breach that allowed details about every driver in the country to be easily accessible online. […] Since July it has been possible to view details of every driver’s license online, and to check if they have a valid license. Trafi shut…
ASI Computer Systems notifies customers after discovering support site compromise of login credentials
ASI Computers is notifying some of their customers after discovering on November 1, 2018 that usernames and passwords on a support web site had been hacked prior to December 2016. From their notification to California: ASI confirmed which credentials had been exposed by the following day, November 2, 2018. ASI determined the affected credentials related…
San Bernardino Community College District notifies students whose personal info was exposed in spreadsheet gaffe
Errors involving spread sheets continue to contribute to breaches. Consider this description in a notification from San Bernardino Community College District – Crafton Hills College Campus. The breach occurred on October 25: What HappenedWe recently learned that a District employee inadvertently sent a spreadsheet containing certain individuals’ information to a community college distribution list. Although the…
Ticketmaster tells customer it’s not at fault for site’s Magecart malware pwnage
From the maybe-if-we-just-say-it’s-not-our-fault? dept, Gareth Corfield reports: Ticketmaster is telling its customers that it wasn’t to blame for the infection of its site by a strain of the Magecart cred-stealing malware – despite embedding third-party Javascript into its payments page. In a letter to Reg reader Mark, lawyers for the controversy-struck event ticket sales website said that Ticketmaster “is…