Security News

A Japanese contractor working in the city of Amagasaki, near Osaka, reportedly mislaid a USB drive containing personal data on the metropolis's 460,000 residents. It's unknown how good of a time the man had, but he did reportedly end up passing out in the street, Japanese news source NHK reported the company who employed him as saying, elaborating on an incident report from the Amagasaki city government.

People have become much more sensitive about privacy and are more concerned about who has access to their data, but at the same time they are constantly sharing that information online, whether by logging into a website, by posting something on social media, by creating a new account, etc. In this video for Help Net Security, Nong Li, CEO at Okera, explains what it means for average consumers to share data, what this means in regards to trust, and how that data is going to be used.

A privacy rights org this week lost an appeal [PDF] in a case about the sharing of Bulk Personal Datasets by MI5, MI6, and GCHQ with foreign intelligence agencies. The decision means a contested part of a 2018 ruling by the IPT will stand: that safeguards and rules around data collection between 2015 to 2017 by the state agencies meant that sharing that data was legal - "Compatible with article 8 of the European Convention of Human Rights."

Meyer Corp., maker of Farberware and the largest cookware and bakeware distributor in the U.S., has begun notifying 2,747 employees that a cyberattack that occurred on Oct. 25 compromised their personal data. While the report given to the Maine Attorney General doesn't specifically name the culprit behind the attack, the Conti ransomware group had already announced on its leak site on Nov. 7 it was in possession of the employee data files, according to a report this week on the cyberattack.

The FBI warned the US public that threat actors actively use fake and spoofed unemployment benefit websites to harvest sensitive financial and personal information from unsuspecting victims. Sites used in these attacks are designed to closely resemble official government platforms to trick the targets into giving away their info, infecting them with malware, and claiming unemployment benefits on their behalf.

An outage affected all of its sites, testimony from a whistleblower this week could put the company back in the legal hotseat, and now it's come out that private and personal data from more than 1.5 billion Facebook users was found for sale on a hacker forum. Reported by privacy research company Privacy Affairs, the data found for sale doesn't indicate that the seller actually broke into Facebook's systems, nor that its data tied to any other data breach.

The UK's Ministry of Defence has launched an internal investigation after committing the classic CC-instead-of-BCC email error - but with the names and contact details of Afghan interpreters trapped in the Taliban-controlled nation. The horrendous data breach took place yesterday, with Defence Secretary Ben Wallace promising an immediate investigation, according to the BBC. Included in the breach were profile pictures associated with some email accounts, according to the state-owned broadcaster.

A cyberattack against T-Mobile has compromised the personal information of almost 50 million people, according to the carrier. In an update posted on Tuesday, the company said that certain customer data had been accessed and stolen by unauthorized individuals and that the data did include some personal information for a wide range of customers.

Singapore cable, internet and mobile phone provider StarHub is in the process of notifying 57,191 customers via email that they are victims of a cyber attack that leaked national identity card numbers, mobile numbers and email addresses. The data breach was discovered on July 6 but was not announced until August 6th. StarHub told The Register via email that the company suspects the stolen data file was found within a day of it being uploaded to the third-party web site.

On Wednesday, Atlas VPN released a report using Identity Theft Resource Center data, outlining personal data breaches for the first half of 2021. "Millions of individuals and organizations are affected every day by cyberattacks that threaten to steal sensitive data. Even though more people have become aware of cyber risks, hackers develop new techniques and malware to stay ahead of defense technologies," reads a portion of the blog post written by William S., an Atlas VPN publisher and cybersecurity researcher.