A prominent Beltway consulting firm inadvertently "doxed" some six-thousand Boeing employees. IMGE left files exposed through "human error," the Daily Beast reports. Boeing is (or maybe was) a customer of IMGE.
Ransomware attacks continue to show the criminal gangs’ growing tendency to steal data before they take the information hostage by encrypting it. Vice warns, breathlessly but with some reason, that "ransomware is spreading like wildfire in the US," and it's now being coupled with data compromise. SC Magazine calls the tactic "name and claim." This trend isn't confined to the US, either. BleepingComputer reports that Canadian clinical laboratory firm, LifeLabs, was attacked back in October, and data about some fifteen-million patients were exposed in the course of the attack.The data the hackers gained access to included names, addresses, emails, logins, passwords, dates of birth, and health card numbers. A much smaller subset of patients, some eighty-five thousand, also had the results of their lab work exposed. The Washington Post says that LifeLabs also paid ransom to unlock its filed. The company declined to state how large that ransom was. And, of course, unlocking the files doesn't get the compromised data back.
Hackers accessed data at Brechin High in Angus, Scotland, obtaining lists of pupils diagnosed with various learning disabilities and other psychological conditions. The National calls the experience "humiliating" for the victims.
Vice took a look at the security of Amazon's Ring, the conduit for some recent harassment, and it found that security wanting: "It's awful," says the headline. Privacy flaws also persist in Amazon Alexa and Google Home, whose users continue to face the possibility of eavesdropping, Threatpost reports.