The governmment continues to enforce contractors’ obligations to adhere to cybersecurity standards in their Department of Defense (DoD, now Department of War) contracts. A press release today reveals another enforcement action: Georgia Tech Research Corporation (GTRC) has agreed to pay the United States $875,000 to resolve allegations that it violated the False Claims Act and federal common…
Company that sells software for monitoring sex offenders, terrorists, and hackers was hacked (1)
Mikael Thalen reports: A company that sells spyware that monitors individuals on parole and probation had its data leaked to a cybercrime forum this week. The leak, according to an analysis by Straight Arrow News, exposed highly sensitive information regarding employees of the corrections system and those under court-ordered supervision. The affected company, RemoteCOM, describes itself…
London nurseries hit by hackers, data on 8,000 children stolen
James Pearson reports: Cybercriminals have stolen data on over 8,000 children attending nurseries in London operated by childcare provider Kido International, the hackers said on their dark web portal. The gang, which calls itself Radiant, evidenced its claim by publishing the names, photos, home addresses, and family contact information of 10 children it said attended…
Harrods warns customers their personal data could have been stolen by hackers in new cyber-attack
Aidan Radnedge reports: Harrods has warned some customers that their personal data could have been taken in an IT systems breach – in the latest cyber-attack to hit a major UK firm. The luxury department store based in London’s Knightsbridge said information, such as names and contact details, of its e-commerce customers was taken after…
Cyber threat-sharing law set to shut down, along with US government
iconBrandon Vigliarolo reports: Barring a last-minute deal, the US federal government would shut down on Wednesday, October 1, and the 2015 Cybersecurity Information Sharing Act would lapse at the same time, threatening what many consider a critical plank of US cybersecurity policy. The CISA Act of 2015 (not to be confused with the CISA Act…
Archer Health was leaking protected health information. Criminals appear to have found it. (2)
From our “No Need to Hack When It’s Leaking” files, a report involving Archer Health, an in-home healthcare provider. Website Planet recently reported a misconfigured bucket that was found by researcher Jeremiah Fowler. The unencrypted and non-password-protected database reportedly contained approximately 145k files (totaling 23 GB). “In a limited sampling of the exposed files, I…