Header image

Indian tech startup exposed Byju’s student data

Posted on by Dissent

Zach Whittaker reports: India-based technology startup Salesken.ai has secured an exposed server that was spilling private and sensitive data on one of its customers, Byju’s, an education technology giant and India’s most valuable startup. The server was left unprotected since at least June 14, according to historical data provided by Shodan, a search engine for exposed…

Read more

Hackers use zero-day to mass-wipe My Book Live devices

Posted on by Dissent

Lawrence Abrams reports that preliminary reports attributing a mass-wipe to a CVE from 2018 were not quite the whole story. Western Digital had originally told BleepingComputer that the attacks were being conducted through a 2018 vulnerability tracked as CVE-2018-18472, which was not fixed as the device has been out of support since 2015. It turns out that…

Read more

Bucks County behavioral health and substance abuse nonprofit struck in cyberattack, urges clients to check their information

Posted on by Dissent

Anthony Salamone reports: The records of an unspecified number of clients of an Upper Bucks County behavioral-health and substance abuse nonprofit, which serves the Lehigh Valley, might have been stolen as part of a ransomware attack on the agency earlier this year. Penn Foundation in West Rockhill Township said it informed clients Tuesday of the…

Read more

Morningstar data breach reveals KPMG deal maker lists

Posted on by Dissent

Liam Walsh and Edmund Tadros report: A software glitch has exposed the key companies garnering the interest of big four advisory group KPMG’s deal makers and restructuring experts. The flaw in an alert system, run by US financial research firm Morningstar, for ASX-listed companies meant third parties could even view project names KPMG had assigned. That included…

Read more