A user on a popular hacker forum is selling three databases that purportedly contain user credentials and device data stolen from three different Android VPN services – SuperVPN, GeckoVPN, and ChatVPN – with 21 million user records being sold in total. Read more on CyberNews.com. The seller, who has been a member of the...
Claire Simpson reports an update to an email gaffe breach that I had characterized as one of the worst breaches in 2020. I had been somewhat surprised to later read that four out of five victims groups were backing Brendan McAllister. I am not surprised that at least some of those exposed by the...
The Jones Day dump contains prescription drug records. Who’s notifying those patients of the breach?
By now, many are aware that Jones Day, a giant law firm, had some of its files stolen due to vulnerabilities in the standalone file transfer administration system by Accellion. Jones Day is one of dozens of Accellion clients that have found themselves investigating and dealing with breaches affecting their businesses and clients. The...
Sergiu Gatlan reports: American telecommunications provider T-Mobile has disclosed a data breach after an unknown number of customers were apparently affected by SIM swap attacks. In a data breach notice sent to impacted customers on February 9, 2021, and filed with US attorney generals’ offices, T-Mobile revealed that an unknown attacker gained access to customers’...
Manikanta Immanni reports: Zee5, an Indian OTT platform with over 150 million users had a part of its userbase’s data leaked again. Found by Rajshekhar Rajaharia, an internet security researcher, over 9 million users of Zee5 allegedly leaked online earlier this week. This is the second time Zee5 in news for a data breach, with the...
NOS reports: Staring College, with offices in Lochem and Borculo, has paid ransom to cyber criminals who locked files. School board member Carlien Krist-Spit tells Omroep Gelderland that payment has been made to prevent education from being given for a longer period of time. The school noted the attack on Tuesday. A lot of data suddenly turned out...
Ranjan Agarwal, Keely Cameron, J. Sébastien A. Gittens, and Justin Lambert of Bennett Jones write: Court of Queen’s Bench of Alberta, in Setoguchi v Uber B.V., 2021 ABQB 18, recently dismissed an application for certification of a proposed class action resulting from a data breach because there was no evidence of harm or loss. This...
Zack Whittaker reports: Jamaica’s JamCOVID app and website were taken offline late on Thursday following a third security lapse, which exposed quarantine orders on more than half a million travelers to the island. JamCOVID was set up last year to help the government process travelers arriving on the island. Quarantine orders are issued by...
Joe Uchill reports: At a joint hearing of the House Oversight and Homeland Security Committee about the SolarWinds-related espionage campaign, Rep. Michael McCaul, R-Texas, said that he and Rep. Jim Langevin, D-R.I., are working on legislation to require companies to notify the federal government after similar breaches. The Friday House hearing was the second hearing...
Universal Health Services lost $67 million in cyberattack recovery