In 2016, I reported on a leak involving a Mexican voter registration database with details on 93.4 million Mexican voters. The list had been in the possession and control of one of the political parties there, Movimiento Ciudadano, who tried to claim that they were hacked by none other than Chris Vickery, who had discovered their…
Nine Iranians Charged With Conducting Massive Cyber Theft Campaign on Behalf of the Islamic Revolutionary Guard Corps
An Indictment charging Gholamreza Rafatnejad, 38; Ehsan Mohammadi, 37; Abdollah Karima, aka Vahid Karima, 39; Mostafa Sadeghi, 28; Seyed Ali Mirkarimi, 34; Mohammed Reza Sabahi, 26; Roozbeh Sabahi, 24; Abuzar Gohari Moqadam, 37; and Sajjad Tahmasebi, 30, all citizens and residents of Iran, was unsealed today. The defendants were each leaders, contractors, associates, hackers-for-hire or…
SAMBA Federal Employee Benefit Association programming error resulted in mismailed information
From their press release: SAMBA Federal Employee Benefit Association (“SAMBA”) recently learned of an incident that may affect information related to eligible family members of subscribers (“family members”) covered by the SAMBA Federal Employees Health Benefits Plan in 2017. “We take this incident, and member privacy, very seriously,” Walter E. Wilson, SAMBA’s Executive Director stated….
Class action suit vs. CenturyLink and DirecTV alleges customer data can be accessed via internet search
Nat Levy reports: A lawsuit against internet provider CenturyLink and AT&T-owned DirecTV alleges the companies fail to adequately protect personal customer data — to the point that it can be found through a simple internet search. The suit was filed Monday in U.S. District Court in Seattle and seeks class action status. The plaintiff, James Jantos,…
How “Hacker Search Engine” Shodan Caught Leakage of 750MB Worth Of Server Passwords
Update: I missed the original credit/source for this story when I posted it, but do see Dan Goodin’s article on Ars Technica. Original post: Remember Memcached servers? Now, we have another case of servers exposed online and fulfilling evil intentions of the hackers. This time, thousands of etcd servers maintained by corporates and organizations are…
360,000 current and former Pennsylvania teachers notified of breach
So that breach in February affecting Pennsylvania teachers affected approximately 360,000 current and former teachers. A 30-minute exposure leads to so much cost and anxiety. Ouch.