Nick McCarthy reports: Two teenage Birmingham brothers have been quizzed over a £1million credit card fraud that sparked co-ordinated raids in England, Finland, Spain and Canada. West Midlands Police swooped on a house in Great Barr and arrested an 18-year-old man on suspicion of fraud and cybercrime offences. Officers also spoke to the teenager’s 15-year-old brother at the…
WindhamCountyVT.gov site hacked, data dumped
On November 12, @CyberZeist announced on Twitter that the Windham County Sheriff’s Office had been hacked, and that not only was the self-described blackhat giving away the full database, but he was willing to provide backdoor access to the site: Giving away #Backdoor access to Windham County Sheriff’s Office(https://t.co/dlaEW3AvCc)- https://t.co/F7IfQPf97m #HappyWeekend — CyberZeist (@cyberzeist) November 12,…
NHS patients being put ‘at risk’ because of cybersecurity flaws
Tom Cheshire reports: A Sky News investigation has discovered the NHS trusts putting patients at risk by not protecting their data online. Seven NHS trusts, serving more than two million people, spent nothing on cybersecurity in 2015. Sky News worked with security experts to find serious flaws in their cybersecurity, which could be easily exploited by…
UK signs order to extradite Lauri Love to U.S.
Kelly Fiveash reports: The UK’s home secretary, Amber Rudd, has signed an extradition order agreeing that hacking suspect Lauri Love should face trial in the US. Love’s family plan to appeal against the decision. The 31-year-old—who has Asperger’s syndrome—faces up to 99 years in prison and fears for his own life, his lawyers have said….
In: Data of 34 million Keralites leaked in massive data breach; govt had ignored vulnerability reports
And this, kids, is what happens when an entity keeps ignoring vulnerability reports from researchers or infosec folks. In this case, an IT consultant, “N.T.R.,” hacked civilsupplieskerala.gov: “I wrote to the NIC several times pointing to the vulnerabilities and even called the civil supplies office warning them about a possible breach, but they ignored me….
Follow-up: Investigation Confirms No Patient or Employee Information Compromised in Cyberattack on Appalachian Regional Health system
ARH has issued an update to its report of a ransomware attack that occurred in August: After a thorough investigation into the late August cyberattack on the Appalachian Regional Healthcare (ARH) system, findings from independent computer forensic experts as well as federal authorities have determined that no ARH patient or employee health or financial information…