Entire Source Code Base Stolen and Posted Online The term a massive breach doesn’t quite describe what took place at Twitch, Amazon’s streaming platform. Twitch announced the breach on Twitter on Oct. 6, 2021. The amount of data is staggering—around 125GB—but the scope of its content is truly astonishing. The hackers stole: All of Twitch’s source code. All of it. Every piece of software they’ve written in-house. Remuneration details for their content creators.
533 Million Facebook Accounts from 106 Countries Leaked Online Yet again, Facebook suffers a data breach embarrassment. Underlining once more—as if it was needed—that Facebook does not practice what it preaches when it comes to safeguarding and protecting its users’ personal data. The breached data is freely available on the Dark Web. Usually, breaches of this type are monetized. The threat actors charge other cybercriminals for access to the data.
Warner Music Group (WMG) has suffered a data breach that has compromised the personal and financial information of thousands of its customers. Its e-commerce sites have been attacked and breached by a group of alleged Magecart operators. Magecart attacks are based on injecting malicious scripts into JavaScript-based websites in order to “skim” sensitive information such as financial and payment details. WMG has c. 4,000 employees and operates in 70 countries, so the number of affected data subjects could run into the millions.
Intel Data Protected By Worthless Passwords Intel: “We believe an individual with access downloaded and shared this data” McKay Consulting: No shock, Sherlock. Intel has suffered a data breach of sensitive and company-confidential information related to its as yet unlreased Tiger Lake platform. This is design level data including source code, development and debugging tools, schematics, roadmaps and other similar information. A misconfigured Akamai content delivery network (CDN) server seems to have been the entry point for the hackers.
US Bans TikTok and WeChat Mobile Apps It has long been known that free mobile apps make their money by selling your data to advertisers. That’s what funds most of the mobile apps in existence and, for that matter, many of the websites around the world. That’s the economics of the digital world. What is more sinister is the collection of data for surveillance, or the censoring of messages that pass through those apps.
Personal Data from 18 Data Breaches Offered to Hackers - At no cost! A threat actor has offered the databases from 18 breaches to other hackers without cost. The figures are mind-boggling—386 million personal records. Usually the data is sold to other cybercriminals. They buy it to perpetrate identity and fraud based crimes, and to use it in phishing campaigns and other email-based scams. The databases came from breaches at these companies:
A Simple Human Error Exposes Email Addresses Substack, a subscription newsletter service sent an email to its users telling of them of a change of terms, and an updated privacy policy. Which is fine, that’s required practice. But they pasted about 500 emails into the cc field, instead of the bcc field. That meant that everyone on the email saw all of the other recipients’ email addresses. In an email about a privacy policy - whoops.
Why Choosing Data Processors Needs Due Care and Attention Blackbaud, the world’s largest supplier of “education administration, fundraising, and financial management software” has suffered a breach in May, 2020. There are over 20 UK Universities and other organizations affected by the breach. And, because under the General Data Protection Regulations (GDPR) regulations you are jointly responsible for breaches that occur at your data processors, those customers are now facing fines from the Information Commissioner’s Office.
Iranian Hacking Group’s Training Videos Available Online An Advanced Persistent Threat (APT) is a state-sponsored cyber-offensive group who perpetrare international acts of cyberwarfare against political enemies and opposing countries. Charming Kitten are an Iranian APT, famous for leaking episodes and scripts from HBO’s Game of Thrones in 2017. A elementary error by a member of the APT has left one of their cloud resources unsecured and accessible from the internet.
If it’s Free, You’re the Product On the internet if something is free you have to ask yourself how they make money. Usually, it is by selling your data. A Virtual Private Network (VPN) is usually a good thing to use. They can help to anonymize your on-line activity and prevent unwanted cyber-snooping when you’re using a public Wi-Fi. Decent VPNs cost money. For a small monthly fee you get a fast, reliable, secure service.
Copyright (c) 2020-22 McKay Consulting. All Rights Reserved.
Template by Bootstrapious. Ported to Hugo by DevCows.
