The Office of Inadequate Security
Jeremiah Fowler discovered a non-password-protected database that contained more than 4.8 million records belonging to Care1 — a Canadian company offering AI software solutions to support optometrists in delivering enhanced patient care: The publicly exposed database was not password-protected or encrypted. It contained over 4.8 million documents with a total size of 2.2 TB. In a…
Kyodo News reports that Japanese publishing firm Kadokawa Corporation paid Black Suit $2.98 million in cryptocurrency after a ransomware attack in June. But looking at BlackSuit’s leak site, it appears BlackSuit leaked their data anyway. A screenshot of some of the negotiations in mid-June published by Kyodo News reveals that BlackSuit was demanding $8.25 million…
A motor insurance worker who unlawfully accessed personal information has been handed a suspended prison sentence after an investigation by the Information Commissioner’s Office. Rizwan Manjra, 44, from Bolton, led a team dealing with accident claims for Markerstudy Insurance Services Limited (MISL), based in the Arndale Centre in Manchester city centre. His unlawful conduct was…
Carley Welch reports: In order for the alliance to be better equipped at dealing with cyber threats, NATO is in the process of standing up a new cyber center — to go online by 2028 — that will meld parts of its various cyber entities into one, a NATO official told Breaking Defense this week. “This center will…
A press release from Dutch Politie: Starting this week, law enforcement agencies from fifteen different countries, together with Europol, are once again taking large-scale action against DDoS-for-hire services. In Operation PowerOFF, three arrests were made internationally, 27 websites were taken offline and data from three servers was secured. The Dutch police, under the authority of…
Jonathan Wheatley reports: Krispy Kreme said a cyber security attack has disrupted its online operations in the part of the US, as the doughnut maker warned it would have a material impact on its business. The US company said on Wednesday that it had been notified on November 29 of “unauthorised activity” in part of…