Earlier reports that US Federal employee data stolen from the Office of Personnel Management (OPM) have shown up for sale on the black market appear to be quite false. KrebsOnSecurity's investigation suggests that the data being traded by criminals appears to have come from a different agency: Federal Prison Industries (that is, Unicor.gov). The AP notes the absence of OPM data from the black market (for now — it's unwise to expect them to stay out of criminal hands indefinitely) as further evidence that the breach is the work of an intelligence service as opposed to crooks. That would also account for the relatively muted US diplomatic response: the Americans have long distinguished legitimate intelligence collection from industrial espionage. The OPM hack strikes many as the former; thus outrage is directed against OPM, not the Chinese government.
A side note on industrial espionage: many see the St. Louis Cardinals' (alleged, low-grade) hack of the Houston Astros as indicating widespread corporate hacking of competitors. Others are less sure: US professional sports are different, and have a signal-stealing tradition.
Wikileaks, dumping 276,394 stolen documents, reminds us that Sony Pictures was hacked last year.
Repeat-offending skid "Mufasa," who'd earlier said he Australia's iiNEt ISP, hacks US pharmaceutical company Akorn "to teach them a security lesson," a motive belied by his offering stolen data for sale to the highest bidder.
Interesting discussions of OS X and iOS vulnerabilities, as well as accounts of SAP static encryption issues.
The US Treasury Department sees an ISIS-Bitcoin-social-media nexus.
A note to our readers: the CyberWire will be covering SINET's Innovation Summit in New York next week. We'll live-tweet the proceedings and devote at least one special issue to the conference.