AT&T has been notifying some wireless customers of an incident involving an unnamed vendor. In a notice sent to a customer who shared it with DataBreaches, AT&T wrote: AT&T’s commitment to customer privacy and data security is a top priority. We recently determined that an unauthorized person breached a vendor’s system and gained access...
The email in my inbox on Friday night had the subject line, “Hey sexy,” and appeared to come from “[email protected]” <[email protected]>. Under normal circumstances, I would have just sent it to trash, but the Twitter user known to me as “Pompompurin,” had alerted me to check my email for what he described as a...
Xave Gregorio reports: Fintech platform Cashalo reported Saturday it has been hit by a data breach, but assured that accounts and passwords of their users have not been compromised as these have been encrypted. Cashalo said it discovered two days ago that there was “unauthorized access” to a database archive containing some personal data...
Kat Jerich reports: The nonprofit Center for Internet Security announced this week that it had launched a no-cost ransomware protection service for private hospitals in the United States. The Malicious Domain Blocking and Reporting service, which is already available for public hospitals, health departments and healthcare organizations, uses Enterprise Threat Protector software from the...
There’s an update to the case involving Ardit Ferizi, whose criminal history and conviction for hacking and providing material support to a terrorist organization have been covered previously. Just last month, Ferizi had been sentenced to 20 years in prison, but was granted a reduction to time served plus 10 years supervised release, to...
Sheila A. Millar and Tracy P. Marshall of Keller & Heckman write: Third-party service providers are vital to many companies and they handle a wide range of business activities essential for companies to deliver their own offerings. But a company is not adequately protecting consumers if it fails to perform proper due diligence on...
Mathew Richards reports: Following a five-day trial, a Dallas man was convicted on Friday on charges for computer fraud and aggravated identity theft in connection with his hacking of a New York-based technology company, according to the U.S. Attorney’s Office and the Albany Field Office of the Federal Bureau of Investigation. 30-year-old Tyler C....
Raymond Leong, Dan Perez, and Tyler Dean report: FireEye Mandiant recently discovered a new malware family used by APT41 (a Chinese APT group) that is designed to monitor and save SMS traffic from specific phone numbers, IMSI numbers and keywords for subsequent theft. Named MESSAGETAP, the tool was deployed by APT41 in a telecommunications...
In May 2016, the Dallas FBI raided dental integrator and independent researcher Justin Shafer because of allegations that he had accessed an FTP server without authorization. Shafer was subsequently raided twice more, and in March 2017, he was arrested and charged with stalking a federal employee – not hacking or any criminal conduct related...
In 2023, Resolve to Fix Your Organization’s Meta Pixel Problem