#Privacy: SAP apologies after personal data of gun owners exposed

The personal data of almost 38,000 gun owners has been leaked to dealerships, subsequently forcing the German software giant SAP to apologise. Shortly after the Christchurch shootings earlier this year, a government gun buyback scheme was introduced, which SAP is supporting. The scheme allows owners to return their firearms to dealerships and police stations having […]

#Privacy: TfL enforces mandatory password reset for its Oyster and contactless accounts

Transport for London (TfL) has locked all Oyster and contactless accounts following a data breach incident which took place earlier this year. In August, a credential stuffing attack resulted in threat actors targeting 1,200 Oyster card account holders and taking control of them for a brief moment. Subsequently, TfL locked all Oyster and contactless accounts […]

#Privacy: Mixcloud breach exposes millions of users

The personal data of tens of millions of Mixcloud users have been put on sale on the dark web.  In a statement, the British streaming service, Mixcloud announced that it has received reports about hackers gaining unauthorised access to some of its systems.  “Our understanding at this time is that the incident involves email addresses,  […]

#Privacy: Alaska named the most vulnerable state to cybercrime

A new risk index has been  developed whereby state-by-state statistics on four of the most common types of cybercrime was analysed.  Created by Cardconnect, the index utilised data published by the Federal Bureau of Investigation’s Crime Complaint Center.  The four types of online crime analysed were credit card fraud, identity theft, personal data breach and […]

#Privacy: New malware campaign found targeting hotel guest data

At least 20 hotels have fallen victim to a new malware campaign impacting hotel guest data in 12 countries.  The malware campaign, named RevengeHotels, has been targeting hotels, hostels, hospitality and tourism companies since 2015.  Researchers at Kaspersky, have noted that the campaign has since expanded, targeting more than 20 hotels in Brazil, Argentina, Bolivia, […]

#Privacy: Smartwatch exposes kids location and personal data

Researchers have warned that a children’s smartwatch has been leaking users’ personal and GPS data, exposing them to multiple threats. Created by the Chinese manufacturer, Shenzhen Smart Care Technology (SMA) Ltd., the SMA M2 smartwatch helps parents track their kids’ location, make phone calls, send messages and even send them notifications when their child leaves […]

#Privacy: Thanksgiving eCards found spreading malware

Malicious Thanksgiving Day eCards are now distributing the Emotet Trojan and other malware. Discovered by BleepingComputer, a new malicious email campaign, attached with a malicious Word document disguising itself as a Thanksgiving Day Greeting Card, has been unearthed. The email appears to be sent from someone sending the greeting card and wishing the victim a […]

#Privacy: Adobe announces Magento Marketplace data breach

Adobe has disclosed a data breach incident that exposed the account information of Magento Marketplace users.  According to Adobe, an unauthorised third-party had exploited an undisclosed vulnerability within the marketplace website. This ultimately allowed them to gain unauthorised access to a database containing information on the marketplace’s registered users.  The exposed information included names, email […]

#Privacy: Another healthcare organisation struck by ransomware

A ransomware attack on Great Plains Health (GPHealth) has forced staff to switch to pen and paper to maintain workflow.  On Monday evening, ransomware was detected in the GPHealth computer network. Almost immediately, the information systems team uncovered the issue and worked through the night to reduce its impact on local health services.  The following […]

#Privacy: Ransomware forces security firm to shut down network

A Spanish security company, Prosegur, and announced that it was a victim of a ransomware attack. On Twitter, Prosegur confirmed that the incident detected corresponds to a “generic attack” caused by the Ryuk ransomware.  Subsequently, the attack impacted all Prosegur locations in Europe and the entire company network was down, forcing employees to go home.  […]