Apr 232018
 

Sum Lok-kei reports:

Hong Kong’s second-largest residential broadband provider will purge the data of 900,000 former customers, as well as reducing how long it holds information, after a hack last week compromised the data of hundreds of thousands of customers.

Hong Kong Broadband Network (HKBN) announced the new security measures as CEO William Yeung Chu-kwong admitted on Monday the hacked personal information of 380,000 current and former customers was stored in an unencrypted database.

Read more on South China Morning Post.

Apr 232018
 

Ryan Ross reports:

The P.E.I. government’s website appears to have been the victim of a ransomware attack.

Visitors to some pages on the website this morning were met with a screen that said “Oops, your website have been encrypted!”

The page warned that files on the website were encrypted and no longer accessible.

Read more on The Guardian.

Miguel Gomez adds that the payment demanded by the attackers was 0.0057 BTC, approximately USD $50.00.

Read more about why Gomez thinks this was likely a strain of WannaCry on  Cryptovest.

Apr 232018
 

Steve Silva reports:

Halifax Regional Centre for Education (HRCE) has shut down registration for its Excel program due to a “privacy breach,” the organization tweeted Monday morning.

“The issue has been contained. We are currently investigating. Will share more info as it becomes known,” read part of the tweet from the organization, which was formally the Halifax Regional School Board.

Read more on Global News. See also The Star/Halifax.

Apr 232018
 

Khaleej Times reports:

If you were a regular customer of ride-sharing service Careem, this piece of news might leave you worried.

The Dubai-based company today acknowledged that a cyber attack on January 14, 2018 resulted in the theft of personal data of up to 14 million people in Middle East, North Africa, Pakistan and Turkey.

Information like the customer’s name, email address, phone number and trip data were stolen in the cyber attack.

Read more on Khaleej Times.

The statement on Careem’s blog reads, in part:

Careem has identified a cyber incident involving unauthorised access to the system we use to store data. While we have seen no evidence of fraud or misuse related to this incident, it is our responsibility to be open and honest with you, and to reaffirm our commitment to protecting your privacy and data.

We also want to share with you the actions we’re taking to address the issue and to prevent it from happening in the future.

WHAT HAPPENED

On January 14th of this year, we became aware that online criminals gained access to our computer systems which hold customer and captain account data. Customers and captains who have signed up with us since that date are not affected.

WHAT WE ARE DOING

As soon as we detected the breach, we launched a thorough investigation and engaged leading cybersecurity experts to assist us in strengthening our security systems. We are also working with law enforcement agencies.

Throughout the incident, our priority has been to protect the data and privacy of our customers and captains. Since discovering the issue, we have worked to understand what happened, who was affected, and what we needed to do to strengthen our network defences.

[….]

 

Apr 232018
 

Kayleigh Bateman reports:

TSB has issued an apology, this morning, after weekend upgrades to its online banking platform left several customers unable to access their own accounts, yet able to view other peoples.

Addressing the online banking data leak in a statement this morning TSB said: “We’re really sorry that some of our customers experienced problems accessing our mobile app and internet banking yesterday evening. Both of these services are now up and running again.”

Read more on Information-Age.