Last week, the Specialised Commercial Crime Court of East London, Eastern Cape, handed down a prison sentence of three years to a hacker who stole just under R600 000 from the province’s education department. The crime took place in 2013, when Bruce Owen, in his thirties at the time, broke into the inner workings of…
Update: Tucson Unified School District sends out notifications about January cyberattack
There’s another update to the January cyberattack on TUSD by the Royal ransomware group. While the district was still claiming that sensitive data hadn’t been compromised, data from employees was already being leaked on the dark web as early as February. In the last week of August, TUSD sent out notifications to 28,948 people and…
NL: Security breach at land registry exposes millions of addresses
Dutch News reports: A data breach at the Dutch land registry Kadaster has exposed the addresses of every homeowner in the Netherlands, an investigation by RTL Nieuws has found. The privacy watchdog AP called for the agency to close the loophole immediately after it was discovered by journalists. The Kadaster’s website includes a search facility…
Jp: Medical organizations and IT vendors “should bear part of the cyber damage”.
[Translation:] A document released on August 24 by the Japan Medical Association Policy Research Institute (Nichi-Isouken), which aims to plan medical policy, is causing controversy on SNS. Regarding contracts and responsibility sharing between medical institutions and system vendors, based on the “principle of good faith”, if the vendor’s risk explanation is insufficient, the medical institution…
Medically-tailored food provider, PurFoods, discloses data breach
Jurgita Lapienytė reports: PurFoods, which positions itself as a provider of “tailored home-delivered meals,” has reported a data breach affecting over 1.2 million people. PurFoods (doing business as Mom’s Meals) filed a data breach report with the Maine Attorney General’s Office, stating that attackers acquired sensitive info such as name or other personal identifier, together…
Kroll Employee SIM-Swapped for Crypto Investor Data
Brian Krebs reports: Security consulting giant Kroll disclosed today that a SIM-swapping attack against one of its employees led to the theft of user information for multiple cryptocurrency platforms that are relying on Kroll services in their ongoing bankruptcy proceedings. And there are indications that fraudsters may already be exploiting the stolen data in phishing attacks. Cryptocurrency…