Richard Chirgwin reports: Police are now saying that yesterday’s Melbourne train-heist-and-wreck was possible because miscreants bought stolen keys online. The vandalism, the cost of which is now estimated at AU$3 million rather than the original $2 million, involved people getting into an idle train at Hurstbridge station, starting it, and taking it on a 50-metre…
FastMail falls over as web service extortionists widen attacks and up their prices
Although the DDoS attack and extortion demand made on ProtonMail was the first to draw a lot of media attention – possibly because ProtonMail paid the demand – Hushmail, Runbox, Zoho, and VFEMail were also hit with DDoS attacks, seemingly by the hackers who call themselves the Armada Collective. Neomailbox was also hit, and now Iain Thompson reports that FastMail was hit, too:…
WI: Dean Health Plan notifies 960 members after data lost in transit
WKOW reports: Officials with Dean Health Plan say protected health data for nearly 1,000 members may have been breached after some documents sent to a bank were lost in transit. They say the affected documents included member identification numbers, member names, and procedure codes – no Social Security numbers or other financial information. Read…
Massive Hack of 70 Million Prisoner Phone Calls Indicates Violations of Attorney-Client Privilege
Jordan Smith and Micah Lee report: An enormous cache of phone records obtained by The Intercept reveals a major breach of security at Securus Technologies, a leading provider of phone services inside the nation’s prisons and jails. The materials — leaked via SecureDrop by an anonymous hacker who believes that Securus is violating the constitutional rights of inmates — comprise over…
NZ: Police go to PM over hacker “Rawshark’s” identity
David Fisher reports: John Key was approached by police about his claimed knowledge of the identity of the hacker “Rawshark” but won’t say if he cooperated. The approach came after the Prime Minister said publicly he had been given the name of a person who was said to be the hacker Rawshark. If you’re as…
Google, Apple Remove InstaAgent App Due To Password Snooping
Lord Marin writes: Apple (NASDAQ: AAPL) and Google (NASDAQ: GOOGL) have removed InstaAgent, an app for Instagram, because of its malicious behaviour. It was storing and sending the passwords of its users to a third-party server. The app’s advertised function was that it could track who visits an Instagram user’s account. It garnered many downloads…