Amanda Bronstad reports: AshleyMadison.com’s parent company is hoping to knock out more than 20 class actions filed over its 2015 data breach by invoking online arbitration agreements the plaintiffs signed when they subscribed to its matchmaking services. The move to arbitrate comes after Avid Life Media Inc., which has been rebranded as Ruby Corp., agreed…
PH: ‘Comeleak’: Poll chief rapped for data breach, may face criminal prosecution
Vito Barcelo reports: The National Privacy Commission found the Commission on Elections liable for violating the Data Privacy Act of 2012 and recommended the criminal prosecution of Chairman J. Andres D. Bautista for “the worst recorded breach on a government-held personal database in the world” last March. In a decision, dated Dec. 28, on NPC Case…
Instances of new and destructive ransomware grow rapidly
If you are following what’s happening with hackers attacking misconfigured MongoDB databases, wiping the data, and then demanding ransom for its return, then you’ll know that although this problem seemed to start on or around December 21 with an actor known as “Harak1r1,” within days of it garnering media attention, we saw almost identical warning…
Emory Healthcare patient data hijacked and held for ransom? (UPDATED)
Yesterday, I noted a somewhat alarming report that misconfigured MongoDB installations are being wiped by a hacker who steals the databases and then holds them for ransom of .2 BTC (approximately $200 at yesterday’s rate or $220 at today’s rate). This latest threat was reported yesterday by Catalin Cimpanu of Bleeping Computer after an ethical hacker, Victor Gevers, disclosed the discovery he had made as part of Project 366. On…
Box.com plugs account data leakage flaw
Tom Spring writes: Box.com has changed the way it handles publicly shared accounts and folders after a researcher found confidential documents and data belonging to Box.com users via Google, Bing and other search engines. While Box.com maintains this is a case of its customers unintentionally over-sharing, it says it has “fixed” the issue. The problem…
TX: Letter notifies 23,000 NISD employees, students of email breach
Katrina Webber reports: The Northside Independent School District has sent letters to about 23,000 former and current students and employees regarding a security breach that might have put their personal information at risk. NISD spokesman Barry Perez said school district officials first got a hint about the trouble in August when it was discovered that…