Data Breaches News and Analysis
Hacker behind Montgomery County school data breach identified
A Montgomery County, Md., high school student earlier this month hacked into the Naviance college prep system and downloaded and shared the PII from about 1,400 fellow students. The initial investigation using information provided by Naviance led the school district to initially suspect two students. On October 7 the Montgomery County Police Department was brought…
Baltimore belatedly buys cyberinsurance
In what could be the poster child case for closing the barn door after the horse has left, the Baltimore City Council has approved the purchase of cyber insurance, six months after the municipality suffered a damaging ransomware attack. The Baltimore Sun reported the city conducted a bidding process and selected two plans. “The first…
Report: Hacker steals Dutch prostitution forum data
Hookers.nl, a Dutch online forum for prostitutes, escorts and their clientele, has reportedly suffered a data breach that has exposed the details of 250,000 users, whose data is being offered for sale. Compromised information includes email addresses, usernames, IP addresses and passwords. Usernames are typically aliases but certain real names can likely be derived from…
Imperva CTO: Breach caused by mishandled database migration
The data breach that recently affected certain customers of Imperva’s Cloud Web Application Firewall (WAF) product was made possible by a series of missteps as the cybersecurity company migrated to a cloud-based database service, the firm’s chief technology officer disclosed yesterday in a blog post. Collectively, these errors allowed an unauthorized party to steal an…
Stolen credentials used to access TransUnion Canada’s consumer credit files
A malicious actor used stolen credentials to access a web portal operated by credit reporting agency TransUnion Canada and then used that portal to access consumer files. This week, BleepingComputer posted a report containing scanned images of a disclosure notification that TransUnion Canada has begun mailing out to affected consumers. The notification, dated Sept. 19,…
Health, personal data of 1 million New Zealanders exposed in series of intrusions
The medical and personal information of about 1 million people was exposed after a breach of Tū Ora Compass Health, a primary health organization (PHO) located in New Zealand. The non-governmental organization (NGO) discovered four intrusions – by what Ministry of Health Director-General of Health Ashley Bloomfield said were two hacktivists and two “more sophisticated…
Data on 92M Brazilians found for sale on underground forums
Several members-only dark web forums are reportedly auctioning what appears to be a stolen government database featuring the personal information of 92 million Brazilian citizens. The 16GB SQL database contains such information as name, birth date, mother’s name, gender and tax details including taxpayer IDs, according to BleepingComputer, which credits the discovery to a researcher…
Hy-Vee details 2019 POS data breach incident
Mid-Western supermarket chain Hy-Vee issued an update regarding the POS data breach it reported in August, including when it happened on the locations involved. Hy-Vee said in an October 3 release that unauthorized access was detected on July 29, 2019 and focused on Hy-Vee fuel pumps, drive-thru coffee shops, and restaurants at Hy-Vee Market Grilles,…
1,600 Electronic Arts FIFA 20 players’ reg data compromised
An Electronic Arts website for its EA Sports FIFA 20 Global Series operated for about 30 minutes with a glitch during which time 1,600 users had their personal information exposed. The incident began on October 3 at 1 pm when users began noticing and informing the company that they were viewing others registration details, the…
Evidence tying Cobalt Group to Magecart Group 4 unveiled
The security firms Malwarebytes and HYAS have strung together several pieces of evidence that they believe tie Magecart Group 4 to the Cobalt Group. The two companies found that the Cobalt Group and Magecart Group 4 have several overarching similarities, such as the use of advanced techniques during their attacks and a history with banking…
Attacker breaches Comodo forums by exploiting vBulletin flaw
More than 170,000 users of online forums operated by cybersecurity company Comodo Group reportedly had their data stolen by a malicious actor who exploited a recently disclosed vulnerability in vBulletin’s internet forum software. The Clifton, N.J.-based Comodo learned of the attack on September 29, and responded by taking its forums offline and applying patches, the…
The word is out: Zynga was breached
A well-known hacker is taking credit for a data breach at the mobile game maker Zynga, claiming he gained access to 218 million user records. On Sept. 12, Zynga reported that a cybersecurity incident had taken place and account login information for certain players of Draw Something and Words With Friends may have been accessed.…
DoorDash data breach hits 4.9 million customers, merchants and drivers
Food delivery service DoorDash confirmed a data breach affecting 4.9 million customers and merchants took place in May and included general PII and partial payment card information. The company learned in early September that a third-party vendor had been accessed on May 4, 2019 and was able to gain access to information including names, email…
Russian man pleads guilty to financial firm hacks
Russian Andrei Tyurin has pleaded guilty to taking part in a cybercriminal campaign that targeted the U.S. financial sector and stole personal data from roughly 100 million customers of various firms, the DOJ announced this week. Tyurin, 35, pleaded guilty in a Southern New York federal court to one count of conspiracy to commit computer…
Eight cities’ payment records impacted in Click2Gov portal breach
For the second time since 2017, the third-party government bill-payment portal Click2Gov has experienced a significant data breach affecting thousands of individuals in multiple cities across the U.S. Government entities use the Click2Gov portal to accept payments for permits, licenses, fines and utilities. Discovered by fraud intelligence experts at Gemini Advisory, this latest attack compromised…
Sleeping on the job? Verlo Mattress Factory exposes database
It looks like Verlo Mattress Factory forgot to leave off the last “S” for security: A security researcher has come across an open Elastic database set containing 387,000 records associated with customers of Verlo Mattress Factory. Jeremiah Fowler, senior security researcher with SecurityDiscovery.com, reported that he discovered the non-password protected database on September 5 that…
Thinkful confirms breach
On the heels of its acquisition by Chegg, developer education site Thinkful said an unauthorized third party had breached its systems. “We recently discovered that an unauthorized party may have gained access to certain Thinkful company credentials so, out of an abundance of caution, we are notifying all of our users,” company Vice President of…
Report: Scotiabank exposed source code and credentials on GitHub repositories
For months in some instances, Canadian banking giant Scotiabank reportedly stored highly sensitive digital property on a series of publicly open and accessible GitHub repositories, potentially exposing its internal source code, login credentials and access keys. The financial institution had the repositories “torn down” earlier this week after being alerted to the error, according to…
Cyber insurance premium costs rise 5 percent for 2019, despite increased attacks
The average cost for cyber insurance rose about five percent in 2019 despite the large increase in the number of attacks and claims files, a new report has found. The business insurance advisory firm AdvisorSmith told SC Media this counter intuitive result is due to the fact that while claims rose 20 percent in 2018…
Malinda Air locks down publicly exposed servers
Indonesian budget airline Malindo Air reported on September 19 it had locked down the formerly publicly exposed servers that had compromised passenger data. The airline had confirmed just one day prior that passenger data had been compromised and that it was working with Amazon Web Services and its e-commerce partner GoQuo to investigate the problem.…
