We haven’t seen many data security enforcement actions under the Gramm-Leach-Bliley Act (GLBA) Safeguards Rule, but a recent case is a good opportunity to remind entities that they may be covered by it even if they didn’t know it. Edward McAndrew, Kim Phan, and Zaven Sargsian of Ballard Spahr write: The Federal Trade Commission (FTC)…
Search Results for: credential stuffing
NortonLifeLock warns that hackers breached Password Manager accounts
Bill Toulas reports: Gen Digital, formerly Symantec Corporation and NortonLifeLock, is sending data breach notifications to customers, informing them that hackers have successfully breached Norton Password Manager accounts in credential-stuffing attacks. According to a letter sample shared with the Office of the Vermont Attorney General, the attacks did not result from a breach on the…
Files With 42 Million Emails and Passwords Found On Free Hosting Service
Ionut Ilascu reports: A huge database with email addresses, passwords in clear text, and partial credit card data has been uploaded to a free, public hosting service. The operator of the sharing service sent the set to Troy Hunt, Australian security researcher and creator of the Have I Been Pwned data breach index site, to…