Annie Shalvey has an update on a hack previously noted on this site: Providence officials are working to determine who hacked the city’s website on Saturday. A screen grab of the site over the weekend showed a hacker offering to sell “all sensitive data and database” collected. City officials said Monday the hacker asked for a $1,500…
Shannen Doherty: My Ex-Manager Tricked SAG Into Revealing Medical Information (Exclusive Audio)
Eriq Gardner reports: When Tanner Mainstain employee Kimberly Gabay was asked her name, she responded, “Shannen Doherty.” The firm also was able to provide the actress’ social security number. Shannen Doherty’s lawsuit against her former business management firm was stunning enough for the revelation that the Beverly Hills, 90210 star has breast cancer, but in…
University of Washington Medicine Pays $750,000 to Settle HHS Charges Relating to Organization-Wide Risk Assessment
From the U.S. Department of Health and Human Services, this press release announcing that U. of Washington Medicine has settled charges it potentially violated HIPAA’s Security Rule. The investigation stemmed from an incident reported on this site in November, 2013. The University of Washington Medicine (UWM) has agreed to settle charges that it potentially violated the…
MacKeeper leak of 13M customers’ data acknowledged by Kromtech
Earlier today, I had mentioned a leak that Chris Vickery uncovered that involved over 13 million customers or users of MacKeeper, but now a bunch of reporters have reported on that leak in more depth. To their credit, Kromtech issued a disclosure statement about the leak, which was posted on MacKeeper: MacKeeper Security Advisory Kromtech is…
KY: Child identity theft legislation pre-filed in House
Brad Bowman reports that House Majority Caucus Chair Rep. Sannie Overly, D-Paris, pre-filed a bill that would protect children from identity theft by allowing parents or guardians to request a security freeze in cases of card fraud for children under 18 and an incapacitated person. Bowman reports: Currently, there are 22 states that allow parents,…
Despite warnings earlier this year, tens of thousands of databases continue to leak (update1)
Back in February, some students from the Centre for IT-Security, Privacy and Accountability (CISPA) at Saarland University, Germany made headlines when they reported that they had found approximately 40,000 MongoDB Databases exposed on Port 27017, a port that is open by default in a MongoDB Database installation. Anyone who searches Shodan would be able to easily locate such leaking databases. So what happened after they…