It used to be that in February and March, we’d see a number of reports of breaches involving employees’ W-2 tax statements that were due to printing or mailing errors. This year, we’re seeing reports of W-2 data theft via phishing. Because a W-2 form provides the employee’s name, Social Security number, address, and earnings information for the…
TalkTalk chief signals change after cyber attack
Daniel Thomas reports: The damaging cyber attack on TalkTalk’s website last year will lead to a fundamental change in how the company operates, says chief executive Dido Harding, who signalled that chasing customers with low-cost offers would be tempered with greater responsibility. […] “It goes a lot deeper than security,” she says. “TalkTalk’s culture is one of…
Apple users targeted in first known Mac ransomware campaign
Jim Finkle reports: Apple Inc customers were targeted by hackers over the weekend in the first campaign against Macintosh computers using a pernicious type of software known as ransomware, researchers with Palo Alto Networks Inc told Reuters on Sunday. […] Palo Alto Threat Intelligence Director Ryan Olson said the “KeRanger” malware, which appeared on Friday,…
More than 2,500 General Communication, Inc. employees’ W-2 information stolen in phishing scam
KTVA in Anchorage reports: Information found on GCI employees’ W-2 forms was stolen in an apparent phishing scam in February, according to the company. In an email Friday, GCI President Greg Chapados explained the information was accessed by someone claiming to be an employee of GCI. The individual, purporting to be GCI’s chief financial officer,…
Daesh hackers threaten 55 New Jersey police officers by releasing home addresses, phone numbers and working locations
James Wilkinson reports: ISIS hackers have threatened 55 New Jersey police officers by releasing their names, addresses, telephone numbers and working locations online. The Caliphate Cyber Army (CCA), an ISIS-affiliated group of hackers that largely focuses on defacing websites and spreading propaganda, released an Excel spreadsheet containing the details of 55 New Jersey Transit Authority police…
Cumbrian hacker’s cyber attack forced Moonpig to close website on three continents in 2015
Moonpig.com has had two security incidents that I’ve previously noted on this site, but a matter before a UK court now involving an attack in July, 2015, does not match what Moonpig.com described in its July 26, 2015 statement. Is this a different (third) incident or just a very different version of what happened in July, 2015? News…