A Hazleton Area Career Center student was disciplined for attempting to hack into the district’s computer system, the district’s top administrator said. State police and school district officials are investigating an incident involving a student who acquired a wireless key, or code for accessing Hazleton Area’s computer system, Superintendent Dr. Craig Butler said. The system…
Qualcomm flaw exposes millions of Android devices to data theft risk
Lucian Constantin reports: A vulnerability in an Android component shipped with phones that use Qualcomm chips puts users’ text messages and call history at risk of theft. The flaw was found by security researchers from FireEye and was patched by Qualcomm in March. However, because the vulnerability was introduced five years ago, many affected devices…
UK: Employers vicariously liable for data breaches caused by rogue employees
Tim Hickman and Stephen Ravenscroft of White & Case LLP write: In April 2016, the High Court of England and Wales issued its judgment in Axon v Ministry of Defence [2016] EWHC 787 (QB). The court emphasised (albeit obiter) the fact that employers can be liable for data breaches caused by rogue employees (in the present case,…
Northwestern U. notifies employees after breach involving W-2 Express
So, as I had guessed, it’s not just Stanford University and Kroger who are notifying employees that criminals managed to access the database of W-2 Express, an Equifax service. While the W-2 Express database does not appear to have been hacked, criminals have managed to access it by using login credentials possibly acquired in other…
I never meant harm, says student who hacked Canada Revenue to show vulnerability to Heartbleed virus
There’s an update to the hack of the Canada Revenue Agency, first disclosed in April 2014 and the young man who was charged in the case. Jane Sims reports: A student computer whiz who stole 900 social insurance numbers from the files of the Canada Revenue Agency to demonstrate its online vulnerability pleaded guilty and apologized on…
Mail.ru denies mass password breach; researcher stands by findings
Eric Auchard of Reuters reports: Russia’s top Internet company, Mail.ru said on Friday a sliver of its users’ email accounts was vulnerable while denying that tens of millions of other users were at risk after researchers found its data circulating among cyber criminals. […] In a statement, the Moscow-based company said its own study of…