U.S. Charges 4 Chinese Military Officers in 2017 Equifax Hack

Krebs on Security

Justice Department today unsealed indictments against four Chinese officers of the People’s Liberation Army (PLA) accused of perpetrating the 2017 hack against consumer credit bureau Equifax that led to the theft of personal data on nearly 150 million Americans. The U.S.

Pentagon Travel Provider Data Breach Counts 30,000 Victims

Data Breach Today

Department of Defense Has Begun Notifying Military and Civilian Breach Victims The Pentagon is warning that a data breach at a third-party travel management service provider exposed records for an estimated 30,000 civilian and military personnel.

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Pentagon Data Breach Exposed 30,000 Travel Records

Data Breach Today

Department of Defense Has Begun Notifying Military and Civilian Breach Victims The Pentagon is warning that a data breach at a third-party travel management service provider exposed an estimated 30,000 civilian and military personnel records.

UK printing company Doxzoo exposed US and UK military docs

Security Affairs

UK printing company Doxzoo exposed hundreds of gigabytes of information, including documents related to the US and British military. Military documents belong to the US and UK military, experts noticed that the incident also impacted Doxzoo customers from India, Nigeria and Sri Lanka.

Healthcare giant Magellan Health discloses data breach after ransomware attack

Security Affairs

is an American for-profit managed health care company, its customers include health plans and other managed care organizations, employers, labor unions, various military and governmental agencies and third-party administrators. ” reads the data breach notice issued by the company.

List of data breaches and cyber attacks in July 2020 ­– 77 million records breached

IT Governance

After mammoth amounts of personal data were leaked in May and June, we’ve seen a reversion to the mean this month. You can find our full list of publicly disclosed data breaches from July in this blog. Bitcoin scam leaks personal data of users from across the globe (248,926).

List of data breaches and cyber attacks in March 2020 – 832 million records breached

IT Governance

With organisations across the globe turned upside down by the COVID-19 pandemic, there has never been a worse time to suffer a data breach or cyber attack. Australia’s Defence Force Recruiting systems were taken offline after security breach (unknown). Data breaches.

Apply Military Strategy to Cybersecurity at Black Hat Trainings Virginia

Dark Reading

This special October event in Alexandria, Virginia offers unique, practical courses in everything from data breach response to military strategy for cybersecurity

Autoclerk travel reservations platform data leak also impacts US Government and military

Security Affairs

vpnMentor’s discovered a breach in a database belonging to Autoclerk, a reservations management system owned by Best Western Hotels and Resorts Group. The list of affected users includes the US government, military, and Department of Homeland Security (DHS). .

Vermont’s Amendments to Data Breach Law and New Student Privacy Law Effective July 1, 2020

Hunton Privacy

On July 1, 2020, amendments to Vermont’s data breach notification law, signed into law earlier this year, will take effect along with Vermont’s new student privacy law. Security Breach Notice Act. Student Data Privacy. Security Breach U.S.

Equifax Breach: Four Members of Chinese Military Charged with Hacking


Feds have charged four members of the Chinese People’s Liberation Army (PLA) in connection with the infamous 2017 Equifax breach. Breach Government apache struts flaw breach china hacks Chinese people's liberation army Chinese PLA data breach Equifax Equifax breach hack Hackers personal data

Anthem, Apple and the Pentagon: A Data-Breach Cornucopia


Breach Critical Infrastructure Government Hacks Privacy Vulnerabilities 000 victims 30 Anthem apple Apple ID credit card breach data breach Department of Defense goa report military personnel payment fraud Pentagon record fine travel office weapons vulnerabilitiesA record fine and two new compromises kick off the autumn compromise season.

Data Breach Exposes Records of 114 Million U.S. Citizens, Companies

The Security Ledger

citizens and companies was discovered sitting online unprotected due to misconfigured search, a data leak that is estimated to affect about 83 million people. The post Data Breach Exposes Records of 114 Million U.S. A massive database holding more than 114 million records of U.S.

Chinese Military personnel charged with hacking into credit reporting agency Equifax

Security Affairs

The United States Department of Justice charged 4 Chinese military hackers with hacking into credit reporting agency Equifax. The four members of the Chinese military unit are Wu Zhiyong (???), were members of the PLA’s 54 th Research Institute, a component of the Chinese military.

List of data breaches and cyber attack in March 2019 – 2.1 billion records leaked

IT Governance

There’s a new compiler at the helm of our monthly list of data breaches, following the departure of IT Governance stalwart Lewis Morgan, who leaves me with some mighty big shoes to fill. All-in-one widget ShareThis discloses data theft (617 million). Data breaches.

GUEST ESSAY: Pentagon’s security flaws highlighted in GAO audit — and recent data breach

The Last Watchdog

And yet two recent disclosures highlight just how brittle the military’s cyber defenses remain in critical areas. The result: personal information and credit card data of at least 30,000 U.S. military and civilian personnel were compromised. Being the obvious target that it is, the U.S. Department of Defense presumably has expended vast resources this century on defending its digital assets from perennial cyber attacks. Related: Why carpet bombing email campaigns endure.

Cabinet Office at risk of further data breaches, review concludes

The Guardian Data Protection

Series of recommendations are made following leak of New Year honours list details A government department admonished for publishing honours list details in error is at “significant risk” of making further and bigger personal data breaches, a review has found.

Military documents about MQ-9 Reaper drone leaked on dark web

The Security Ledger

Hackers have put up for sale on the dark web sensitive military documents, some associated with the U.S. military’s MQ-9 Reaper drone aircraft, one of its most lethal and technologically advanced drones, security research firm Recorded Future recently discovered. » Related Stories Fitness apps: Good for your health, not so much for military security Evasive new botnet can take over enterprise devices to steal data, spread ransomware U.S.

DOD DISA US agency discloses a security breach

Security Affairs

The Defense Information Systems Agency (DISA) US agency in charge of secure IT and communication for the White House has disclosed a data breach. Got another #PII #breach letter from DoD. military and civilian personnel.

Washington State Comprehensive Privacy Bill Loses Steam, Data Breach Law Amendment Heads to Governor’s Desk

Data Matters

On April 22, 2019, the Washington state legislature passed HB1071 (“the Bill”) to strengthen the state’s existing data breach notification law. Reminders on Usernames and Passwords : If consumer usernames or passwords are breached, the notice to affected residents must instruct the affected consumer to change his or her password and security question or answer, or to take other appropriate steps to protect the online account. CCPA Cybersecurity Data Breaches Legislation U.S.

Nine States Pass New And Expanded Data Breach Notification Laws

Data Protection Report

While laws like the California Consumer Privacy Act (CCPA) are getting all the attention, many states are actively amending their breach notification laws. The Attorney General will also be permitted to publish information concerning breaches. Data breach breach breach notification

Washington Amends Data Breach Notification Law

Hunton Privacy

As reported by Bloomberg Law , on May 7, 2019, Washington State Governor Jay Inslee signed a bill ( HB 1071 ) amending Washington’s data breach notification law. biometric data generated by automatic measurements of an individual’s biological characteristics such as a fingerprint, voiceprint, eye retinas, irises or other unique biological patterns or characteristics that is used to identify a specific individual. Security Breach U.S.

Analysis: Indictments in Equifax Hack

Data Breach Today

The latest edition of the ISMG Security Report analyzes the indictments of four Chinese military officers in connection with the 2017 Equifax data breach. Also featured: Advice on implementing NIST's new privacy framework; lessons learned in a breach disclosure

From China with Love: New York Firm sold millions in PRC Surveillance Gear to US Government, Military

The Security Ledger

Military, the Department of Energy and other government agencies that it claimed were "Made in the U.S.A". Independent Security Researchers Feel the Chill Up North Podcast Episode 141: Massive Data Breaches Just Keep Happening.

Here’s Why Credit Card Fraud is Still a Thing

Krebs on Security

Whoever compromised the shop siphoned data on millions of card accounts that were acquired over four years through various illicit means from legitimate, hacked businesses around the globe — but mostly from U.S.

Sales 199

Maze Ransomware operators hacked the Xerox Corporation

Security Affairs

Maze ransomware operators have breached the systems of the Xerox Corporation and stolen files before encrypting them. It consists of multiple screenshots showing the compromised server(s) files and data encrypted by the ransomware.”

Washington State Legislators Approve Amendments to Data Breach Law

Hunton Privacy

The Bill was requested by Attorney General Ferguson and would strengthen Washington’s data breach law. The request to amend the current law followed Attorney General Ferguson’s third annual Data Breach Report , which found that data breaches affected nearly 3.4 The Bill’s key amendments include: Expanding breach notification requirements to more types of consumer information. Introducing a specific rule for breach of usernames and passwords.

List of data breaches and cyber attacks in September 2019 – 531 million records leaked

IT Governance

Thanks to a whopping data breach from an unknown server exposing 419 million data records, our monthly total comes to 531,596,111 breached records. This brings the total amount of breached records for the year so far to 10,331,579,614. Data breaches.

Secret Service Investigates Breach at U.S. Govt IT Contractor

Krebs on Security

Secret Service is investigating a breach at a Virginia-based government technology contractor that saw access to several of its systems put up for sale in the cybercrime underground, KrebsOnSecurity has learned. The U.S.

IT 241

List of data breaches and cyber attacks in May 2020 – 8.8 billion records breached

IT Governance

We have just seen 8,801,171,594 breached data records in one month. Indeed, it bears reminding relatively small breaches can often be the most damaging – such as an email gaffe this month in which the identities of 250 abuse survivors in Northern Ireland were exposed.

Japan suspects HGV missile data leak in Mitsubishi security breach

Security Affairs

it suspects a possible leak of data including details of a prototype missile. Mitsubishi revealed that personal data on some 8,000 people also might have been leaked. Now, the authorities suspect a data leak that could have exposed details of a prototype missile.

Did Maze ransomware operators steal 10 GB of data from Canon?

Security Affairs

According to the media outlet, the alleged incident resulted in the loss of data for users of their free 10GB storage feature. At the time the company only confirmed an internal investigation on a problem related to “10GB of data storage.”

Iran-linked APT35 accidentally exposed 40 GB associated with their operations

Security Affairs

Researchers at IBM X-Force Incident Response Intelligence Services (IRIS) discovered an unsecured server belonging to Iran-linked APT35 group (aka ITG18, Charming Kitten , Phosphorous, and NewsBeef ) containing data for many domains managed by the threat actor.

0v1ru$ hackers breach FSB contractor SyTech and expose Russian intel projects

Security Affairs

SyTech , a contractor for the Federal Security Service of the Russian Federation (FSB) has been hacked, attackers stole data about interna l projects. “According to the data received, the majority of non-public projects of Sytech were commissioned by military unit No.

Colorado Amends Data Breach Notification Law and Enacts Data Security Requirements

Hunton Privacy

Recently, Colorado’s governor signed into law House Bill 18-1128 “concerning strengthening protections for consumer data privacy” (the “Bill”), which takes effect September 1, 2018. Attorney General Notification: If an entity must notify Colorado residents of a data breach, and reasonably believes that the breach has affected 500 or more residents, it must also provide notice to the Colorado Attorney General.

ID Numbers for 120 Million Brazilians taxpayers exposed online

Security Affairs

It is not clear how long data remained exposed online or who accessed them. The folder included data archives ranging in size from 27 megabytes to 82 gigabytes. A question remains without response, why this kind of data was exposed a third-party server.

Security Affairs newsletter Round 264

Security Affairs

Breaking News data breach information security news it security news malware Newsletter Pierluigi Paganini Security Affairs Security NewsA new round of the weekly SecurityAffairs newsletter arrived!