U.S. Charges 4 Chinese Military Officers in 2017 Equifax Hack

Krebs on Security

Justice Department today unsealed indictments against four Chinese officers of the People’s Liberation Army (PLA) accused of perpetrating the 2017 hack against consumer credit bureau Equifax that led to the theft of personal data on nearly 150 million Americans. The U.S.

Healthcare giant Magellan Health discloses data breach after ransomware attack

Security Affairs

is an American for-profit managed health care company, its customers include health plans and other managed care organizations, employers, labor unions, various military and governmental agencies and third-party administrators. ” reads the data breach notice issued by the company.

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Pentagon Travel Provider Data Breach Counts 30,000 Victims

Data Breach Today

Department of Defense Has Begun Notifying Military and Civilian Breach Victims The Pentagon is warning that a data breach at a third-party travel management service provider exposed records for an estimated 30,000 civilian and military personnel.

UK printing company Doxzoo exposed US and UK military docs

Security Affairs

UK printing company Doxzoo exposed hundreds of gigabytes of information, including documents related to the US and British military. Military documents belong to the US and UK military, experts noticed that the incident also impacted Doxzoo customers from India, Nigeria and Sri Lanka.

Pentagon Data Breach Exposed 30,000 Travel Records

Data Breach Today

Department of Defense Has Begun Notifying Military and Civilian Breach Victims The Pentagon is warning that a data breach at a third-party travel management service provider exposed an estimated 30,000 civilian and military personnel records.

Pentagon Defense Department travel records data breach

Security Affairs

Pentagon – Defense Department travel records suffered a data breach that compromised the personal information and credit card data of U.S. military and civilian personnel. military and civilian personnel.

Apply Military Strategy to Cybersecurity at Black Hat Trainings Virginia

Dark Reading

This special October event in Alexandria, Virginia offers unique, practical courses in everything from data breach response to military strategy for cybersecurity

Autoclerk travel reservations platform data leak also impacts US Government and military

Security Affairs

vpnMentor’s discovered a breach in a database belonging to Autoclerk, a reservations management system owned by Best Western Hotels and Resorts Group. The list of affected users includes the US government, military, and Department of Homeland Security (DHS). .

Equifax Breach: Four Members of Chinese Military Charged with Hacking

Threatpost

Feds have charged four members of the Chinese People’s Liberation Army (PLA) in connection with the infamous 2017 Equifax breach. Breach Government apache struts flaw breach china hacks Chinese people's liberation army Chinese PLA data breach Equifax Equifax breach hack Hackers personal data

Chinese Military personnel charged with hacking into credit reporting agency Equifax

Security Affairs

The United States Department of Justice charged 4 Chinese military hackers with hacking into credit reporting agency Equifax. The four members of the Chinese military unit are Wu Zhiyong (???), were members of the PLA’s 54 th Research Institute, a component of the Chinese military.

Anthem, Apple and the Pentagon: A Data-Breach Cornucopia

Threatpost

Breach Critical Infrastructure Government Hacks Privacy Vulnerabilities 000 victims 30 Anthem apple Apple ID credit card breach data breach Department of Defense goa report military personnel payment fraud Pentagon record fine travel office weapons vulnerabilitiesA record fine and two new compromises kick off the autumn compromise season.

Data Breach Exposes Records of 114 Million U.S. Citizens, Companies

The Security Ledger

citizens and companies was discovered sitting online unprotected due to misconfigured search, a data leak that is estimated to affect about 83 million people. The post Data Breach Exposes Records of 114 Million U.S. A massive database holding more than 114 million records of U.S.

List of data breaches and cyber attack in March 2019 – 2.1 billion records leaked

IT Governance

There’s a new compiler at the helm of our monthly list of data breaches, following the departure of IT Governance stalwart Lewis Morgan, who leaves me with some mighty big shoes to fill. All-in-one widget ShareThis discloses data theft (617 million). Data breaches.

Cabinet Office at risk of further data breaches, review concludes

The Guardian Data Protection

Series of recommendations are made following leak of New Year honours list details A government department admonished for publishing honours list details in error is at “significant risk” of making further and bigger personal data breaches, a review has found.

GUEST ESSAY: Pentagon’s security flaws highlighted in GAO audit — and recent data breach

The Last Watchdog

And yet two recent disclosures highlight just how brittle the military’s cyber defenses remain in critical areas. The result: personal information and credit card data of at least 30,000 U.S. military and civilian personnel were compromised. Being the obvious target that it is, the U.S. Department of Defense presumably has expended vast resources this century on defending its digital assets from perennial cyber attacks. Related: Why carpet bombing email campaigns endure.

Military documents about MQ-9 Reaper drone leaked on dark web

The Security Ledger

Hackers have put up for sale on the dark web sensitive military documents, some associated with the U.S. military’s MQ-9 Reaper drone aircraft, one of its most lethal and technologically advanced drones, security research firm Recorded Future recently discovered. » Related Stories Fitness apps: Good for your health, not so much for military security Evasive new botnet can take over enterprise devices to steal data, spread ransomware U.S.

DOD DISA US agency discloses a security breach

Security Affairs

The Defense Information Systems Agency (DISA) US agency in charge of secure IT and communication for the White House has disclosed a data breach. Got another #PII #breach letter from DoD. military and civilian personnel.

Washington State Comprehensive Privacy Bill Loses Steam, Data Breach Law Amendment Heads to Governor’s Desk

Data Matters

On April 22, 2019, the Washington state legislature passed HB1071 (“the Bill”) to strengthen the state’s existing data breach notification law. Reminders on Usernames and Passwords : If consumer usernames or passwords are breached, the notice to affected residents must instruct the affected consumer to change his or her password and security question or answer, or to take other appropriate steps to protect the online account. CCPA Cybersecurity Data Breaches Legislation U.S.

Nine States Pass New And Expanded Data Breach Notification Laws

Data Protection Report

While laws like the California Consumer Privacy Act (CCPA) are getting all the attention, many states are actively amending their breach notification laws. The Attorney General will also be permitted to publish information concerning breaches. Data breach breach breach notification

Washington Amends Data Breach Notification Law

Hunton Privacy

As reported by Bloomberg Law , on May 7, 2019, Washington State Governor Jay Inslee signed a bill ( HB 1071 ) amending Washington’s data breach notification law. biometric data generated by automatic measurements of an individual’s biological characteristics such as a fingerprint, voiceprint, eye retinas, irises or other unique biological patterns or characteristics that is used to identify a specific individual. Security Breach U.S.

Analysis: Indictments in Equifax Hack

Data Breach Today

The latest edition of the ISMG Security Report analyzes the indictments of four Chinese military officers in connection with the 2017 Equifax data breach. Also featured: Advice on implementing NIST's new privacy framework; lessons learned in a breach disclosure

From China with Love: New York Firm sold millions in PRC Surveillance Gear to US Government, Military

The Security Ledger

Military, the Department of Energy and other government agencies that it claimed were "Made in the U.S.A". Independent Security Researchers Feel the Chill Up North Podcast Episode 141: Massive Data Breaches Just Keep Happening.

Japan suspects HGV missile data leak in Mitsubishi security breach

Security Affairs

it suspects a possible leak of data including details of a prototype missile. Mitsubishi revealed that personal data on some 8,000 people also might have been leaked. Now, the authorities suspect a data leak that could have exposed details of a prototype missile.

Washington State Legislators Approve Amendments to Data Breach Law

Hunton Privacy

The Bill was requested by Attorney General Ferguson and would strengthen Washington’s data breach law. The request to amend the current law followed Attorney General Ferguson’s third annual Data Breach Report , which found that data breaches affected nearly 3.4 The Bill’s key amendments include: Expanding breach notification requirements to more types of consumer information. Introducing a specific rule for breach of usernames and passwords.

List of data breaches and cyber attacks in September 2019 – 531 million records leaked

IT Governance

Thanks to a whopping data breach from an unknown server exposing 419 million data records, our monthly total comes to 531,596,111 breached records. This brings the total amount of breached records for the year so far to 10,331,579,614. Data breaches.

Secret Service Investigates Breach at U.S. Govt IT Contractor

Krebs on Security

Secret Service is investigating a breach at a Virginia-based government technology contractor that saw access to several of its systems put up for sale in the cybercrime underground, KrebsOnSecurity has learned. The U.S.

IT 228

0v1ru$ hackers breach FSB contractor SyTech and expose Russian intel projects

Security Affairs

SyTech , a contractor for the Federal Security Service of the Russian Federation (FSB) has been hacked, attackers stole data about interna l projects. “According to the data received, the majority of non-public projects of Sytech were commissioned by military unit No.

Colorado Amends Data Breach Notification Law and Enacts Data Security Requirements

Hunton Privacy

Recently, Colorado’s governor signed into law House Bill 18-1128 “concerning strengthening protections for consumer data privacy” (the “Bill”), which takes effect September 1, 2018. Attorney General Notification: If an entity must notify Colorado residents of a data breach, and reasonably believes that the breach has affected 500 or more residents, it must also provide notice to the Colorado Attorney General.

ID Numbers for 120 Million Brazilians taxpayers exposed online

Security Affairs

It is not clear how long data remained exposed online or who accessed them. The folder included data archives ranging in size from 27 megabytes to 82 gigabytes. A question remains without response, why this kind of data was exposed a third-party server.

Security Affairs newsletter Round 264

Security Affairs

Breaking News data breach information security news it security news malware Newsletter Pierluigi Paganini Security Affairs Security NewsA new round of the weekly SecurityAffairs newsletter arrived!

Washington, D.C. Amends Data Breach Notification Law, Adds Data Security Requirements

Hunton Privacy

s data breach notification law (the “Bill”). and imposes certain data security requirements on covered businesses. any combination of data elements listed in 1-6, above, that would enable a person to commit identity theft without reference to the individual’s name.

Security Affairs newsletter Round 226

Security Affairs

Poshmark, the social commerce marketplace, discloses a data breach. GermanWiper, a data-wiping malware that is targeting Germany. Machete cyber-espionage group targets Latin America military. StockX hacked, customers data offered for sale on the dark web.

Will Apple Serve Our Veterans, Or Expose Them to Fraud?

Adam Levin

The Wall Street Journal (subscription required) reported a potential new partnership between Apple and the Department of Veterans Affairs that would give military veterans access to portable electronic health records. Data Security Government Technology featured military

Security Affairs newsletter Round 244

Security Affairs

A bug in the decryptor for the Ryuk ransomware could cause data loss. City of Pensacola hit by a cyberattack few days after military base shooting. Rooster Teeth Productions suffered a payment card breach. A new round of the weekly newsletter arrived!

Security Affairs newsletter Round 221 – News of the week

Security Affairs

Germany and the Netherlands agreded to build TEN, the first ever joint military internet. Germany and the Netherlands agreed to build TEN, the first ever joint military internet. A new round of the weekly SecurityAffairs newsletter arrived!

Pentagon’s Warning on DNA Testing is Applicable to all Consumers

ARMA International

On December 23, Yahoo News [1] reported on a Department of Defense memo [2] warning military personnel that using direct-to-consumer (DTC) DNA testing could pose “personal and operational risks.” As quoted in the Military Times article [3] , citing security risks, Cmdr. Military Times.

Security Affairs newsletter Round 248

Security Affairs

Mitsubishi Electric discloses data breach, media blame China-linked APT. US-based childrens clothing maker Hanna Andersson discloses a data breach. OP Glowing Symphony – How US military claims to have disrupted ISIS ‘s propaganda.

An Approach to Cybersecurity Risk Oversight for Corporate Directors

Data Matters

A high-profile cyber incident may cause substantial financial and reputational losses to an organization, including the disruption of corporate business processes, destruction or theft of critical data assets, loss of goodwill, and shareholder and consumer litigation. Even the most resilient systems today can still be breached with the right tools and sufficient resources, and there is not yet a unified theory or framework for addressing vulnerabilities in every context.

Faulty DoD Cybersecurity Leaves U.S. At Risk of Missile Attacks

Adam Levin

threat of compromise… networks, systems, and facilities… are vulnerable to cyberattacks, data breaches, data loss and manipulation, and unauthorized disclosure of technical information… leaving the United States vulnerable to missile attacks that threaten the safety of U.S.

New FIDO2 Devices offer a single token for combined PKI – FIDO use cases, without the need to rip and replace existing infrastructure

Thales eSecurity

The Verizon 2019 Data Breach Investigations Report advises organizations to deploy multifactor authentication throughout all systems and discourage password reuse. And yet, according to Norton , data breaches for 2019 included 3,800 publicly disclosed breaches, 4.1