Fernando Del Valle reports: A San Benito school district online auction sold thousands of computers and tablets, some of which contained employees’ and students’ personal data, a computer store owner said Wednesday. South Texas Auction Co.’s records show the district sold more than 2,000 computers and 1,500 tablets during a July 23 online auction,...
The Federal Trade Commission has taken enforcement action for the first time under its Health Breach Notification Rule against the telehealth and prescription drug discount provider GoodRx Holdings Inc., for failing to notify consumers and others of its unauthorized disclosures of consumers’ personal health information to Facebook, Google, and other companies. In a first-of-its-kind...
Sergiu Gatlan reports: GitHub says unknown attackers have stolen encrypted code-signing certificates for its Desktop and Atom applications after gaining access to some of its development and release planning repositories. So far, GitHub has found no evidence that the password-protected certificates (one Apple Developer ID certificate and two Digicert code signing certificates used for...
Mark Rasch writes: On January 9, 2023, the U.S. Supreme Court heard oral arguments on a criminal tax investigation case out of California that might impact the scope and extent of attorney-client privileges in data forensic investigations. The case, called In Re Grand Jury, Dkt. No. 21-1397, involves a federal grand jury demand for records created...
Habiba Rashid reports: Ronald Craig Ilg, 56, was sentenced to eight years in prison for hiring hitmen on the dark web to assault and kidnap victims. The doctor in Spokane, Washington paid $60,000 in Bitcoin as payment for the tasks he asked the hitmen to perform. … the first was a former colleague, also a Spokane-area...
Bill Toulas reports: Hackers breached Zacks Investment Research (Zacks) company last year and gained access to personal and sensitive information belonging to 820,000 customers. An internal investigation into the incident determined that a threat actor gained access to the network somewhere between November 2021 and August 2022. It is unclear if any data...
In September 2022, DataBreaches reported Stratford University had been the target of three ransomware attacks in previous months by REvil, Snatch Team, and Avos Locker. Snatch Team and Avos Locker had informed DataBreaches that neither had encrypted Stratford’s files; they exfiltrated and attempted to ransom them. Stratford never responded to inquiries from DataBreaches about the...
The following is the DOJ’s press release on Sebastien Raoult: Seattle – A 21-year-old French citizen from Epinal, France, will appear tomorrow January 27, 2023, in U.S. District Court in Seattle on a nine-count indictment alleging conspiracy to commit computer fraud and abuse, conspiracy to commit wire fraud, four counts of wire fraud and three...
On January 20, the data protection officer for Credit Suisse AG filed a breach notification with the Maine Attorney General’s Office. According to their notice, a breach occurred on or about January 1, 2016. The exact date was unknown, and the breach reportedly wasn’t discovered until December 21, 2022. The summary description of the...
In 2023, Resolve to Fix Your Organization’s Meta Pixel Problem