Collaborate Disseminate
From their notice: CoinGecko, the world’s largest independent cryptocurrency data aggregator, experienced a data breach on June 5, 2024, through its third-party email platform, GetResponse. How did the data breach happen? On June 5, 2024, around 06:30 … Continue reading Important Security Notice: Data Breach Incident on June 5, 2024 | CoinGecko
Joseph Cox reports: Google has accidentally collected childrens’ voice data, leaked the trips and home addresses of car pool users, and made YouTube recommendations based on users’ deleted watch history, among thousands of other employee-reported priva… Continue reading Google Database Reveals Thousands of Privacy Incidents
Euractiv and Reuters report: Germany’s Christian Democratic Union (CDU), the country’s leading opposition party, has been hit by a major cyberattack and has taken parts of its IT-infrastructure off the grid as a precautionary measure, authorities said … Continue reading Germany’s Christian Democratic party hit by ‘serious’ cyberattack
The Hacker News reports: Cloud computing and analytics company Snowflake said a “limited number” of its customers have been singled out as part of a targeted campaign. “We have not identified evidence suggesting this activity was caus… Continue reading Snowflake Warns: Targeted Credential Theft Campaign Hits Cloud Customers
Solomon Klappholz reports: Snowflake has pinned the blame on a series of high-profile data breaches in recent days on customers failing to adequately secure production environments by using two-factor authentication. In a statement on 2 June 2024, Snow… Continue reading Snowflake data breach claims spark war of words over culpability; researchers may have been trolled
From a summary of Rhode Island’s data breach notification law, as summarized by PerkinsCoie: Notification Obligation. Any Entity to which the statute applies shall provide notification of (i) any disclosure of PI or (ii) any breach of the securit… Continue reading WD & Associates had a breach in February 2023. Individuals still haven’t been notified.
On May 23, the U.S. Department of Justice, joined by 29 state attorneys general and the District of Columbia, sued Live Nation Entertainment and its wholly-owned subsidiary, Ticketmaster, for violating the Sherman Antitrust Act. In his prepared remarks… Continue reading Hacked? Ticketmaster’s terrible, horrible, no good, very bad week just got worse
It has not happened often, but now another court has held that a breached entity cannot protect an investigation into a breach by declaring it legally privileged. Naomi Neilson reports: The Australian Federal Court has ruled that Optus will not be able… Continue reading Optus fails to keep report into cyber attack out of class action
Ang Qing reports from Singapore: A company running online language lessons for children around the world used a password based on its website name, LingoAce, making it vulnerable to the data breach that resulted. More than half a million users were aff… Continue reading Sg: Software firm fined $74k for data breach caused by weak password; half a million users affected
Zack Whittaker reports: A consumer-grade spyware app has been found running on the check-in systems of at least three Wyndham hotels across the United States, TechCrunch has learned. The app, called pcTattletale, stealthily and continually captured scr… Continue reading Spyware found on US hotel check-in computers