Bloomberg News reports: China ordered more than two dozen technology firms to carry out internal inspections as part of a campaign to root out illegal online activity. The Ministry of Industry Information Technology on Friday told 25 of its largest internet and hardware companies including Alibaba Group Holding Ltd. and Tencent Holdings Ltd. to carry out internal reviews and rectify issues…
The Life Cycle of a Breached Database
Brian Krebs writes: Every time there is another data breach, we are asked to change our password at the breached entity. But the reality is that in most cases by the time the victim organization discloses an incident publicly the information has already been harvested many times over by profit-seeking cybercriminals. Here’s a closer look…
Follow-up: Woman Who Stole and Sold Protected Health Information Sentenced to 2 ½ Years in Prison
There was a follow-up last week to a case DataBreaches.net has reported on several times, beginning in December, 2020 when Demetrius Cervantes, 46, of McKinney, and Amanda Lowry, 40, of Sherman, Texas pleaded guilty to conspiracy to obtain protected health information from a protected computer. A third conspirator, Lydia Henslee, faced additional charges and subsequently…
EE: Threat actor downloads close to 300,000 personal ID photos
ERR News reports: A hacker was able to obtain over 280,000 personal identity photos following an attack on [Estonia’s] state information system last Friday. The suspect is reportedly a resident of Tallinn. The culprit had already obtained personal names and ID codes and was able to obtain a third component, the photos, by making individual…
McAfee: Babuk ransomware decryptor causes encryption ‘beyond repair’
Jonathan Greig reports that a new report from McAfee Advanced Threat Research gives horrible reviews to Babuk’s cross-platform binary — so horrible that not only should victims not pay them, but affiliates should avoid them. “It seems that Babuk has adopted live beta testing on its victims when it comes to its Golang binary and…
Biden Directs Agencies to Develop Cybersecurity Standards for Critical Infrastructure
Dustin Volz reports: WASHINGTON—President Biden on Wednesday issued a new directive instructing federal agencies to develop voluntary cybersecurity goals for companies that operate U.S. critical infrastructure, a move that came as senior officials said the administration was exploring the possibility of pursuing mandatory standards. Read more on WSJ. Related: Biden Moves to Reinforce Critical Infrastructure…