Catalin Cimpanu reports: OpenSubtitles, a website that provides free subtitles for movie fans, has disclosed today that it was hacked last year and subsequently paid a ransom to silence the hacker about the attack. The company disclosed today the incident after a copy of the stolen files leaked online and were indexed by the HaveIBeenPwned website….
Kings Plant Barn the latest retailer hit by click-and-collect data breach
Chris Keall reports: Kings Plant Barn has contacted customers about a security breach to FlexBooker, the internet-based system it uses to organise click-and-collect bookings. Names, email addresses and collection times were exposed. But the gardening chain says no credit card, password details or mobile have been spilled. Read more at New Zealand Herald.
Albuquerque Schools Confirm Ransomware Attack, Resume Class
Cedar Attanasio reports confirmation of what many of us suspected: Albuquerque Public Schools officials said Tuesday a cyber threat that forced the district to cancel classes for two days last week was a ransomware extortion attack. Read more at AP. The district is still saying that there is no evidence that any personal info of…
Unhappy New Year for cybercriminals as VPNLab.net goes offline
Do threat actors feel like walls are closing in on them? They might well be feeling that way — or maybe they should be feeling that way. From Europol, today: This week, law enforcement authorities took action against the criminal misuse of VPN services as they targeted the users and infrastructure of VPNLab.net. The VPN…
South Africa’s new traffic fine system exposed personal data
Jan Vermeulen reports: An online interface set up for the Administrative Adjudication of Road Traffic Offences (Aarto) system exposed the personal information of every South African who received an infringement notice under the new law. Personal data contained in the leak included full names, ID numbers, residential or business addresses, phone numbers, vehicle registration information,…
Earth Lusca Hackers Aimed at High-Value Targets in Government and Private Sectors
Ravie Lakshmanan reports: An elusive threat actor called Earth Lusca has been observed striking organizations across the world as part of what appears to be simultaneously an espionage campaign and an attempt to reap monetary profits. “The list of its victims includes high-value targets such as government and educational institutions, religious movements, pro-democracy and human rights organizations…