The VA’s monthly report to Congress for November has been released, and we’re still seeing low-tech breaches involving papers being left where they shouldn’t be left. Exhibit A, from the VA in Boston: An 11-page clinic list was found in a public bathroom in a heavily trafficked area. The list had been printed on November 4,…
PA: Rivers Casino Hit With Computer Virus
AP reports that the Rivers Casino in Pittsburgh released a statement disclosing that its system had been compromised with malware, but officials reportedly say it didn’t compromise the personal information of its customers. Read more on CBS. There is no statement on the casino’s web site as of the time of this posting, but I imagine…
Three Men Arrested In Hacking And Spamming Scheme; Targeted Personal Information Of 60 Million People
Three men from Florida, New Jersey, and Maryland were charged today with a wide-ranging computer hacking and identity theft scheme that compromised the personally identifiable information (PII) of millions of people and generated more than $2 million in illegal profits, U.S. Attorney Paul J. Fishman announced. Timothy Edward Livingston, 30, of Boca Raton, Florida; Tomasz…
Update: OkHello (FINALLY) secures its leaking database (Update2)
After discovering that OkHello video chat service’s database was still leaking – nine days after Chris Vickery and I first notified them and tried to get them to secure it – I sent two more emails to OkHello last night to repeat the notification. Both were to email addresses that were only found last night (and great thanks to Steve Ragan…
Number of leaking MongoDB databases increasing: Shodan founder
Yesterday’s news about a MongoDB database belonging to MacKeeper (Kromtech) leaking certainly got a lot of media attention. But now do read John Matherly’s comments on Shodan. Matherly, the founder of Shodan, notes that the number of available, unauthenticated instances of MongoDB has actually increased in the past few months. Of note, he explains that increase is occurring…
UK: Arrest made in VTech hack
There’s been an arrest in connection with the VTech hack that made headlines for involving 6.4 million children’s profiles. Much of the early disclosure about the hack was due to the hacker reaching out to Motherboard to tell them what he had done and what he had obtained. Thankfully, he seemed more interesting in exposing the infosecurity problem than…