On the heels of its acquisition by Chegg, developer education site Thinkful said an unauthorized third party had breached its systems. “We recently discovered that an unauthorized party may have gained access to certain Thinkful company credentials so, out of an abundance of caution, we are notifying all of our users,” company Vice President of…
Security scans of a WeWork building in New York’s Financial District uncovered security vulnerabilities in the company’s WiFi network that exposed financial records and devices of companies in the building. A tenant moving into the building in 2015 began scanning the facilities to ensure his company wouldn’t be vulnerable to attack, according a CNET report,…
The Consumer Financial Protection Bureau (CFPB) has been probing of Bank of America (BoA) for allegedly opening customer credit card accounts with authorization a la Wells Fargo. The BoA investigation emerged after the bureau posted documents to its site showing the back and forth regarding turning over emails and other records with the bank’s attorneys,…
Customers of commercial food service wholesaler Restaurant Depot received phishing emails asking for payment of an (attached) outstanding invoice or else the company would deduct the balance from their accounts. Some of those recipients began tweeting to the company’s customer service department with one noting that he “finally got through to tell them. They’re aware.…
Just one day after a report revealed that medical images and health data for millions of patients in the U.S. and abroad sit unprotected on the internet, another probe found accessible medical data online for 24.3 million patients in 52 countries. Among the information linked to the medical records, uncovered by Greenbone Networks, are 737…
The U.S. Justice Department filed suit against former National Security Agency (NSA) contractor Edward Snowden for not running his memoir, “Permanent Record,” through the proper government review prior to its publication. “If only the Justice Department was as concerned with the systematic legal violations carried out by the U.S. government’s mass surveillance programs as they…
HIPAA be damned – medical records, including images and data, on more than five million patients in the U.S. and millions of others worldwide lie unprotected online in full view of anyone with the wherewithal to look and a web browser. A Pro Publica investigation unearthed 187 servers in medical systems across the country that…
If another leaky Elasticsearch server may seem a little anticlimactic, considering how frequently they occur, the latest find by security researchers might have more of a “wow” factor since it exposed information on nearly all of Ecuador’s 16.6 million citizens, 6.7 million of them children. “The irresponsible handling of Personally Identifiable Information (PII) has literally…
After photos of travelers and vehicles crossing U.S. borders were nicked from a Customs and Border Patrol (CBP) subcontractor through a cyberattack, and Suprema BioStar 2 exposed more than 1 million fingerprint records along with facial recognition information and other sensitive data, Sen. Mark Warner, D-Va., pressed CBP for details on how it ensures third-party…
Facebook has repaired a vulnerability in its Instagram social media platform, after a researcher found that it could be exploited to link users’ phone numbers to their account numbers, usernames and actual names. With the help a brute-force algorithm and a network of bots, malicious actors could have leveraged the flaw to bypass data security…
