Jay Peters reports: 5CA is a customer service support company that works with Discord. Recently, the chat platform said the vendor had been breached as part of a “security incident” where 70,000 government ID photos may have leaked. Now, 5CA says in a post on its website that it was “not hacked.” According to Discord, “this incident impacted a…
Attorney General James Secures $14.2 Million from Car Insurance Companies Over Data Breaches
NEW YORK – New York Attorney General Letitia James today secured $14.2 million from eight car insurance companies for failing to protect the private information of more than 825,000 New Yorkers. The data breaches were part of a hacking campaign that targeted car insurance companies’ quoting tools and stole people’s personal information, including driver’s license…
$19M in Settlements Underscore Cybersecurity Risks for TPAs and Insurers
Steven L. Imber, Justin T. Liby, Jennifer L. Osborn, Zachary R. Dyer, and Pavel (Pasha) A. Sternberg of Polsinelli PC write: In two separate but related actions, third party administrators (TPAs) and their insurance business partners agreed to substantial settlements to resolve allegations that they failed to adequately safeguard sensitive data from cyberattacks. In the…
Months After Being Notified, a Software Vendor is Still Exposing Confidential and Sealed Court Records
In a special edition of “No need to hack when it’s leaking,” DataBreaches reports on a software vendor that, despite multiple attempts by multiple parties, continues to expose confidential and sealed court records. Overview As a matter of policy, DataBreaches does not publish unredacted stolen or leaked data if it would expose personally identifiable or…
From sizzle to drizzle to fizzle: The massive data leak that wasn’t (1)
After days of endlessly urging Salesforce or companies to pay them so that their data would not be leaked, the deadline for Salesforce to pay came and went. And as it went, ScatteredLAPSUS$Hunters leaked data from six of the 39 companies listed on its dark web leak site. But that’s where the massive leak that…
In a few days, the PowerSchool hacker will learn his sentence, and his life as he has known it will end. (1)1)
In November 2021, when “g0retrance” defaced the website of the Massachusetts Interscholastic Athletic Association (MIAA) with a message saying “PWNED,” the hacker, who also used the moniker “netsaosa,” left a message under it “should have listened to my emails instead of ignoring me … don’t worry, this is harmless. just to get ur attention :)” Boston.com…