Australia has ordered an Australian national, David Kee Crees, extradited to the U.S., where he faces 22 counts involving hacking, fraud, and aggravated identity theft. Two of Crees’ better-known aliases were “Abdilo” and “DR32.” “Abdilo” DataBreaches started reporting on Crees in 2015 when he was known to this site as “Abdilo.” At the time, he…
Hacker breaches Fast Company systems to send offensive Apple News notifications
Carly Page reports: U.S. business publication Fast Company has confirmed that a hacker breached its internal systems to send offensive push notifications to Apple News users. In a statement, Fast Company said that a threat actor breached the company’s content management system (CMS) on Tuesday, giving them access to the publication’s Apple News account. Read more at TechCrunch.
New changes allow Optus data leak victims to change licence numbers
Nick Pearson reports: State governments have begun announcing special changes to allow people exposed in the Optus data leak to get new driver’s licences as soon as possible. Among the details accessed by the hacker are driver’s licence numbers, which are commonly used to verify someone’s identity. NSW Customer Services Minister Victor Dominello said people in the state can get…
Third fine imposed by Polish SA on the Surveyor General of Poland for failure to notify the personal data breach
As seen on the European Data Protection Board website, a decision that reminds us how broad the definition of “personal information” is in the GDPR. The monetary penalty is not large by U.S. standards (slightly more than $12,100.00), but it’s the point and notification required. Background information Date of final decision: 6 July 2022 National…
Malaysian Telecom RedOne hit by DESORDEN
On September 19, DESORDEN Group claims to have hit redONE Network Sdn Bhd. redONE is a telecom in Malaysia with more than 1.2 million subscribers. redONE also offers financial services via bank partnership (its redCARD program) and insurance services via insurer partnership (its redCARE program). According to statements made to DataBreaches by DESORDEN, when redONE…
CISA Requests Public Comment on Implementing Regulations for the Cyber Incident Reporting for Critical Infrastructure Act
Jim Garland, Micaela McMurrough, Ashden Fein, Caleb Skeath, and Matthew Harden of Covington and Burling write: On September 12, 2022, the U.S. Cybersecurity and Infrastructure Security Agency (“CISA”) published a Request for Information, seeking public comment on how to structure implementing regulations for reporting requirements under the Cyber Incident Reporting for Critical Infrastructure Act of 2022…