Jun 182019

Jeremy Hill of Bloomberg reports:

Retrieval-Masters Creditors Bureau Inc., whose business was blamed for a large-scale data breach that affected millions of Quest Diagnostics Inc. customers, filed for Chapter 11 protection, citing fallout from the security issue.

The company, which collects patient receivables for medical labs under the name American Medical Collection Agency, listed assets and liabilities of as much as $10 million in its bankruptcy petition filed in the Southern District of New York. It’s aiming to liquidate, the company said.

Read more on Yahoo!

Jun 142019

Sue Dremann reports the follow-up on a hack that occurred in 2015 and that was previously reported on this site.

The 36-year-old man who hacked and temporarily shut down Palo Alto Online and other Embarcadero Media websites nearly four years ago was sentenced Wednesday in San Jose federal court to time already served, one-year of home incarceration with electronic monitoring, three years of supervised release and $27,130 in restitution to the company.

Read more on Palo Alto Online.  Dremann provides a lot of details about the case, including why sentencing had been delayed.

Jun 142019

Mark Wyciślik-Wilson reports:

Security firm Symantec was attacked by a hacker back in February, but the company did not reveal details of the incident.

The attack has been brought to light by Guardian Australia which has seen some of the data extracted by hackers. This comprises not only passwords, but what is thought to be a list of Symantec clients — including government agencies. But Symantec is downplaying the data breach, dismissing it as a “minor incident”.

Read more on Beta News.

Jun 122019

Allegra Frank reports:

When music pirates go low, Radiohead goes high. After a hacker stole 18 hours’ worth of unreleased music that the band recorded during the late ’90s, one of its peak creative periods, Radiohead didn’t fight to keep the tracks out of the public ear. Instead, the band made the stolen tunes available to purchase online, with proceeds going to charity.

What a classy response.

Read more on Vox.

Jun 122019

Catalin Cimpanu reports:

Evite, a social planning and e-invitations service, and one of the biggest sites on the Internet, has officially admitted to a security breach that ZDNet first reported back in April.

At the time, a hacker named Gnosticplayers put up for sale the customer data of six companies, including Evite.

The hacker claimed to be selling ten million Evite user records that included full names, email addresses, IP addresses, and cleartext passwords.

Now note the next bit especially carefully:

ZDNet reached out to notify Evite of the hack and that its data was being sold on the dark web on April 15; however, the company never returned our request for comment.

So two months after they were alerted to the sale of the data, Evite first issues an FAQ and statement?  Do consumers have a right to be angry about the delay in responding or commenting?  What do you think?

Read more on ZDNet.