Bombas is sending out a breach notification to consumers. It says, in part: What Happened? We first started selling Bombas socks online using an outside vendor to develop and manage our website and a third party e-commerce platform for purchases. Malware in the code of the e-commerce platform was identified and initially removed from our…
University of Toledo alerts some faculty, students of lost flash drive
Lauren Lindstrom reports: A lost flash drive containing the names and Social Security numbers of an undisclosed number of people associated with the University of Toledo prompted the university to send out letters alerting those affected by the “security incident.” A UT faculty member lost an unencrypted flash drive containing personal information belonging to some…
UK: The University of Greenwich fined £120,000 by Information Commissioner for “serious” security breach
The University of Greenwich has been fined £120,000 by the Information Commissioner following a “serious” security breach involving the personal data of nearly 20,000 people – among them students and staff. It is the first university to have been fined by the Commissioner under the existing data protection legislation (Data Protection Act 1998). The investigation…
Teen phone monitoring app leaked thousands of user passwords
Zack Whittaker reports: At least one server used by an app for parents to monitor their teenagers’ phone activity has leaked tens of thousands of accounts of both parents and children. The mobile app, TeenSafe, bills itself as a “secure” monitoring app for iOS and Android, which lets parents view their child’s text messages and…
Manuel Delia’s Blog Cyber-Attacked By Ukrainian Hackers On A Scale ‘Rarely Seen On Other Maltese Websites’
Tom Diacono reports: Journalist-blogger Manuel Delia has warned his blog is being targeted by Ukrainian hackers in what he described as one of the most vicious cyber-attacks in Maltese history. “The storm has been raging for most of this week and every effort of the technical team to counter the attack is met by a…
Actor Advertises Japanese PII on Chinese Underground
Kelly Sheridan reports: A dataset containing more than 200 million lines of Japanese personally identifiable information (PII) has been found on the Chinese underground market, researchers report. It’s believed the data is authentic and was exfiltrated from multiple Japanese website databases. Experts at FireEye iSIGHT Intelligence first noticed the actor advertising the dataset in December…