Data Breaches news & analysis | SC Media

Data Breach

Amazon Logo

Saudis hacked Jeff Bezos’s personal data, probe finds


Saudi Arabia’s government gleaned private information from Amazon CEO Jeff Bezos’s phone, security consultant Gavin de Becker said following an investigation into how texts and intimate photos from Bezos’s phone found their way to the National Enquirer. “Our investigators and several experts concluded with high confidence that the Saudis had access to Bezos’s phone, and…

Toyota reports second breach in five weeks


For the second time in five weeks, Toyota has acknowledged a breach – this one affecting 3.1 million customers at its subsidiaries while the first was in Australia and believed to be the work of Ocean Lotus, or APT32. The company isn’t yet sure if the hackers nicked any data from its systems but said…

UConn Health Center hit with $5M suite over breach


The University of Connecticut Health Center is being hit with a class action lawsuit over a data breach that exposed 326,000 current and former patients. The lawsuit, which is seeking $5 million in damages, was filed last week on behalf of New London, Conn., resident Yoselin Martinez who alleges the university took months after the… ElasticSearch database left unsecured


The movie streaming service Kanopy has been leaking access and API logs through an unsecured ElasticSearch database, according to a cybersecurity researcher. Justin Paine, director of trust and safety at Cloudflare according to LinkedIn, and blogging under the name xxdesmus noted that since March 7 the site has been leaking up to 40 million log…


Paper: Leaked authentication secrets rampant across GitHub


An academic study of GitHub found that more than 100,000 of the web service’s code repositories contain publicly accessible authentication secrets such as API and cryptographic keys, while thousands of new secrets are leaked each day. North Carolina State University researchers Michael Meli, Matthew McNiece (also from Cisco Systems) and Bradley Reaves detail their findings…

Cyber crime ringleader sentenced to five years in prison

Hedge fund manager sentenced to 60 months security fraud, hacking scheme


A hedge fund manager convicted of conspiracy to commit securities fraud and computer intrusion, among other, crimes was sentenced in U.S. District Court to 60 months in prison Thursday. Vitaly Korchevsky, 53, was also ordered to pay a $14.4 million forfeiture and a $250,000 fine for his role in a scheme in which Ukrainian hackers…

Phishing scam stings Oregon Dept. of Human Services, compromises emails containing resident data


The Oregon Department of Human Services (DHS) was the victim of a phishing campaign earlier this year, resulting in a data breach that reportedly involves the records of up to 1.6 million state residents. According to a March 21 Oregon DHS press release, the incident took place last Jan. 8, when nine separate agency employees…

New Jersey bill would broaden PII requiring breach notification


If signed into law, a bipartisan bill sent by New Jersey legislators to Gov. Phil Murphy would expand data breach notification in the state, requiring companies to alert citizens to breaches of a wider range of personal identifiable information (PII), including user names, passwords, email addresses and security questions. “When a data breach occurs and…

Tesla suing self-driving startup Zoox and former employees for data theft


Tesla is accusing self-driving car startup Zoox and former employees of stealing trade secrets. The automaker is suing the start-up and the bunch claiming the employees gave Zoox Tesla’s logistics info to Zoox, while another gave Tesla’s autopilot code to Xiaopeng Motors. Two lawsuits were filed this week with one claiming employees stole “proprietary information…

Rutland Regional Medical Center, Zoll reveal data breaches


Two healthcare organizations suffered data breaches due to their email service resulting in more than 72,000 records being exposed. Rutland Regional Medical Center in Vermont reported several employee email accounts have been compromised, while the medical products firm Zoll had data possibly exposed when an email server migration went awry. In both cases the patient…

Next post in Data Breach