Almost 235 Million YouTube, TikTok and Instagram Profiles Exposed Online by Unsecured Database

A security researcher has found a database with almost 235 social media profiles scraped from the Internet, likely belonging to Social Data. Public user data is precious, and many companies want to gather it and sell it. Social media networks represent… Continue reading Almost 235 Million YouTube, TikTok and Instagram Profiles Exposed Online by Unsecured Database

Ex Tennessee University Employee Sentenced to Over 30 Months for Student Loan Fraud, Aggravated Identity Theft

A former admissions worker at Tennessee State University (TSU) was sentenced to more than 30 months in federal prison after pleading guilty to student loan fraud, wire fraud and aggravated identity theft. The US Department of Justice said Renauld Clayt… Continue reading Ex Tennessee University Employee Sentenced to Over 30 Months for Student Loan Fraud, Aggravated Identity Theft

Carnival Corporation Discloses Ransomware Attack; Personal Data of Employees and Guests Potentially Accessed

Carnival Corporation, the world’s largest cruise line operator, disclosed that one of its brands suffered a ransomware attack involving unauthorized access and encryption of data. According to an 8-K form submitted to the Securities and Exchange Commis… Continue reading Carnival Corporation Discloses Ransomware Attack; Personal Data of Employees and Guests Potentially Accessed

CISA Warns of Phishing Campaign Used to Deploy KONNI Malware

The Cybersecurity and Infrastructure Security Agency (CISA) advised users to be wary of an email attachment containing a malicious Microsoft Word document that’s used to deploy KONNI malware. Phishing is one of the main methods hackers use to spread ma… Continue reading CISA Warns of Phishing Campaign Used to Deploy KONNI Malware

Canada Revenue Agency Discloses Credential Stuffing Attack on 5,500 Service Accounts

A credential stuffing attack targeting Canada Revenue Agency (CRA) accounts has forced the government tax collector to suspend its online services over the weekend. The compromised accounts were linked to the GCKey portal, a system used by 30 federal d… Continue reading Canada Revenue Agency Discloses Credential Stuffing Attack on 5,500 Service Accounts

Amazon Echo Exploit, Privacy Shield, Capital One Data Breach Update

In episode 134 for August 17th 2020: Details on new critical vulnerabilities found in Amazon Echo devices, what the end of the Privacy Shield framework means EU citizens personal data, and new data breach fines issued to Capital One and Twitter by the … Continue reading Amazon Echo Exploit, Privacy Shield, Capital One Data Breach Update

Walgreens Discloses Data Breach Impacting Personal Health Information of More Than 72,000 Customers

The second-largest pharmacy chain in the US recently disclosed a data breach that may have compromised the personal health information (PHI) of more than 72,000 individuals across the United States. According to Walgreens spokesman Jim Cohn, prescripti… Continue reading Walgreens Discloses Data Breach Impacting Personal Health Information of More Than 72,000 Customers

Twitter Hack Lessons Learned, TikTok Ban, Rite Aid Facial Recognition Cameras

In episode 133 for August 10th 2020: What we can learn from the big Twitter hack, why everyone is trying to ban TikTok, and pharmacy chain Rite Aid’s use of facial recognition cameras. ** Links mentioned on the show ** How the FBI tracked down th… Continue reading Twitter Hack Lessons Learned, TikTok Ban, Rite Aid Facial Recognition Cameras

Summit Medical Associates Discloses Ransomware Attack; Patient and Affiliate Information Potentially Impacted

Summit Medical Associates disclosed on August 4 that a ransomware attack earlier this year may have compromised personal information of patients and affiliates. According to a data breach notification, Summit discovered that it became unable to access … Continue reading Summit Medical Associates Discloses Ransomware Attack; Patient and Affiliate Information Potentially Impacted

Users Advised to Reset Passwords After Zello Data Breach

Zello, a popular push-to-talk app, has disclosed a data breach that could have potentially allowed malicious actors to gain access to users’ email addresses and hashed passwords. Zello boasts 140 million users worldwide, and facilitates real-time… Continue reading Users Advised to Reset Passwords After Zello Data Breach