I’ve reported on this concern before, but Tom Spring has a nice write-up on ThreatPost that begins: Recent attacks against insecure MongoDB, Hadoop and CouchDB installations represent a new phase in online extortion, born from ransomware’s roots with the promise of becoming a nemesis for years to come. “These types of attacks have grown from…
Third-party incidents continue to put patient ePHI at risk: Protenus
Protenus, Inc. has released its Breach Barometer for January. As they report, 2017 is starting out where 2016 left off: we are seeing an average of one breach per day involving health data. Protenus’s report, based on 31 incidents, reported that there were 388,307 breached records for the 26 incidents for which they had numbers. The single largest…
Hackers Have Stolen Millions Of Dollars In Bitcoin — Using Only Phone Numbers
Laura Shin reports: Just after midnight on August 11, self-professed night owl Jered Kenna was working at home in Medellin, Colombia, when he was notified the passwords had been reset on two of his email addresses. He tried to set up new passwords himself by prompting the email service to send him text messages containing…
Australia finally gets data breach notification laws at third attempt
Chris Duckett reports: At the third time of asking, Australia will have data breach notification laws. The passage of the Privacy Amendment (Notifiable Data Breaches) Bill 2016 through the Senate on Monday means Australians will in the near future begin to be alerted of their data being inappropriately accessed. The legislation is restricted to incidents involving personal information,…
Senators’ letter points out Yahoo!’s lack of cooperation with Congressional investigation of breaches
Amir Nasr reports: Two Republican senators on Friday pressed Yahoo Inc. Chief Executive Marissa Mayer about her company’s failure to answer questions about data breaches from 2013 and 2014. “Despite several inquiries by committee staff seeking information about the security of Yahoo! user accounts, company officials have thus far been unable to provide answers to many…
NSA Contractor Could Face 200 Years in Prison for Massive Breach
Elias Groll reports: U.S. prosecutors unveiled an indictment Wednesday detailing what may amount to the largest data breach in the history of the National Security Agency — an archive of classified material that may total more than 500 million pages. The incident is a black eye on the secretive spy agency’s attempt to crack down on…