Graham Cluley writes: One popular service which has its own Chrome browser extension is Mega.nz – the cloud-based file-sharing service founded by the shadowy larger-than-life figure of Kim Dotcom (he severed all ties with Mega three years ago.) This week, as ZDNet reports, the official Chrome browser extension for Mega.nz was compromised with a malicious…
For 2nd Time in 3 Years, Mobile Spyware Maker mSpy Leaks Millions of Sensitive Records
Brian Krebs reports: mSpy, the makers of a software-as-a-service product that claims to help more than a million paying customers spy on the mobile devices of their kids and partners, has leaked millions of sensitive records online, including passwords, call logs, text messages, contacts, notes and location data secretly collected from phones running the stealthy…
Personal info for 2,000 DC students mistakenly posted online
Fox5 reports: The personal information for 2,000 homeless D.C. students was mistakenly published online and accessible for six months, school officials said. According to D.C. Public Schools, the accidental disclosure took place after a spreadsheet with the students’ information was provided to the D.C. Council. The spreadsheet was then posted on the council’s website. The information included…
Ca: Midland servers hacked, attackers demanding ransom
Andrew Mendler reports: The Town of Midland’s computer systems were hacked over the long weekend. In the early morning hours of Sept. 1, the town became the victim of a cyber-attack in which the town’s network was illegally accessed and infected with ransomware. [..] In late April, Wasaga Beach had their computer systems hacked and…
Brazilian credit bureau investigates potential data leak
Rogerio Jelmayer reports: Brazilian credit bureau Boa Vista SCPC is investigating a possible leak of millions of items of personal data. A group of hackers called Fatal Error claimed it accessed the database of the company, which has more than 350mn personal data about its customers, according a report by local daily Folha de S….
NY Cyber Law Hits 3rd Deadline: Toughest Yet to Come
Craig A. Newman of Patterson Belknap writes: By today, financial institutions are required to meet their next deadline for compliance with New York’s cybersecurity law. The regulation – enacted in March 2017 –includes a series of rolling deadlines that require banks and insurance companies covered by the law to meet varying data security requirements. Today’s…