C. T. Bowen reports: Hillsborough County has notified more than 70,000 people that a global data breach may have put their personal information at risk. The breach involved the MOVEit file transfer tool, a third-party service that complies with federal Health Insurance Portability and Accountability Act (HIPAA) regulations. The breach also may have affected 106…
Owner of BreachForums pleads guilty in federal court to three counts, including one involving child pornography
Update and note: After this post appeared and was posted on Mastodon, some people complained about the original headline, characterizing it as “clickbait.” That was not my intention. I was just trying to accurately describe what I saw as the most noteworthy part of the situation without mentioning either CSAM or CP in the headline…
Millions of personal records unprotected in flawed telemedicine application software
Rosie Talaga reports: QuickBlox, a software development framework used in telemedicine and finance, was found to have several critical security flaws, according to a joint study from computer and network security research firms Check Point Research and Claroty Team82 published July 12. QuickBlox’s video and chat features are commonly used in mainstream telemedicine applications and platforms. The…
Bjorka strikes again? 34 million Indonesian Passports Exposed in a Massive Immigration Directorate Data Breach
Alicia Hope reports: Over 34 million Indonesian passports were leaked in a massive data breach impacting the country’s Immigration Directorate General at the Ministry of Law and Human Rights. Cybersecurity researcher and founder of Ethical Hacker Indonesia, Teguh Aprianto, disclosed the breach on his Twitter account @secgron, attributing the attack to a hacktivist identified as…
FTC investigates OpenAI over data leak and ChatGPT’s inaccuracy
Cat Zakrzewski reports: The Federal Trade Commission has opened an expansive investigation into OpenAI, probing whether the maker of the popular ChatGPT bot has run afoul of consumer protection laws by putting personal reputations and data at risk. The agency this week sent the San Francisco company a 20-page demand for records about how it…
Two Teens Accused of Masterminding Hacks on Grand Theft Auto and Uber
Katharine Gemmell reports: Two UK teenagers were accused of being key members of the notorious hacking group Lapsus$, with prosecutors alleging that the pair were involved in hacks on companies including Nvidia Corp., Rockstar Games Inc., and Uber Technologies Inc. Arion Kurtaj, 18, and a 17-year-old boy, who can’t be named for legal reasons, were hit with joint…