Brian Krebs reports: Over the past 15 years, a cybercrime anonymity service known as VIP72 has enabled countless fraudsters to mask their true location online by routing their traffic through millions of malware-infected systems. But roughly two weeks ago, VIP72’s online storefront — which ironically enough has remained at the same U.S.-based Internet address for more than…
Industry lobbies Congress to extend notification timeline after cybersecurity incidents
Maggie Miller reports: Key industry groups on Wednesday pushed to give organizations at least three days to report cybersecurity incidents to the federal government, effectively opposing Senate legislation that would give them 24 hours to report breaches. Read more on The Hill.
Career Group, Inc. notifies more than 49,000 after paying ransom to threat actors
I haven’t seen any mention of this in news or on their web site, but Career Group Inc. suffered a ransomware attack recently and is notifying those impacted. In a copy of the notification submitted to the Maine Attorney General’s Office, they report that on July 2, Career Group Companies detected potential unauthorized access to…
Fired NY credit union employee nukes 21GB of data in revenge
Sergiu Gatlan reports: Juliana Barile, the former employee of a New York credit union, pleaded guilty to accessing the financial institution’s computer systems without authorization and destroying over 21 gigabytes of data in revenge after being fired. “In an act of revenge for being terminated, Barile surreptitiously accessed the computer system of her former employer, a New…
Wawa paying $9-million in cash, gift cards in data breach settlement; Nov. deadline to file claim
WPVI reports an update to the 2019 WaWa breach covered on this site in a number of posts: Wawa is paying out up to $9-million in cash and gift cards related to a data breach that exposed customers’ credit and debit card numbers and names. The breach happened between March 4, 2019 and December 12, 2019….
700,000 French pharmacy Covid test results left publicly available
Ellie Fullalove reports (machine translation follows): A data leak involving an online platform used to transfer data from antigen tests carried out at pharmacies to the government platform SI-DEP has made 700,000 covid test results public, along with personal information. The platform known as Francetest was alerted to the bug in its system by the…