At a glance.
- Stolen Russian driver records offered for a steal.
- Missouri school employee data exposed.
- Hacker sued by Facebook for scraping user data.
- Neighborhood watch goes high-tech.
Stolen Russian driver records offered for a steal.
Claiming to be in possession of a database allegedly stolen from the Moscow traffic police department, a hacker is attempting to sell 50 million records of Moscow driver data for a mere $800 on an underground forum. Russian news source Kommersant says they contacted a sampling of the exposed individuals and confirmed the validity of the data. As BleepingComputer explains, Russian experts are unsure who might be responsible for the leak, some saying it could be the result of a hacker exploiting a vulnerability in the system, while others believe it could be an inside job. Alexei Parfentiev of SearchInform stated, “The insider job looks more likely because the requirements of regulators on internal structures in the traffic police are less strict than those that concern protection from external attacks.” However an analyst at InfoWatch Group believes the database could be compiled from breaches of car insurance companies.
Missouri school employee data exposed.
Chief Investment Officer reports that an unauthorized intruder accessed the Public School and Education Employee Retirement Systems (PSRS/PEERS) of the state of Missouri. According to a notice sent to impacted employees and beneficiaries, the attack occurred in September and was the result of an intruder gaining unauthorized access to an employee’s email account for under an hour. The compromised data included employee names, internal PSRS/PEERS account numbers, and possible dates of birth, but Social Security numbers were not exposed.
Hacker sued by Facebook for scraping user data.
Facebook is suing a Ukrainian resident for allegedly scraping user data and selling it on the dark web, the Record by Recorded Future reports. The social media giant claims in 2018 and 2019 Alexander Alexandrovich Solonchenko collected the data of over 178 million users by exploiting the (now retired) Contact Importer feature of the Facebook Messenger service. By using an automated tool to feed the Facebook servers with millions of random phone numbers, Solonchenko was able to gather data on the accounts associated with the numbers, which he then put up for sale last December on cybercrime marketplace RaidForums. And reportedly, Facebook wasn’t his only victim. “Since 2020, Solonchenko has sold stolen or scraped data from Ukraine’s largest commercial bank, Ukraine’s largest private delivery service, and a French data analytics company,” Facebook stated in the court documents.
Neighborhood watch goes high-tech.
The Washington Post discusses the rise in the use of neighborhood surveillance services in the US despite the fact that the nation’s property crime rates are at an all-time low. Companies like Flock Safety are marketing “safety-as-a-service” packages that offer motion-sensing cameras and license plate scanners for communities seeking to prevent break-ins and track traffic, and Flock says its services are being used in fourteen hundred cities across forty states. However, the surge in surveillance has pitted residents focused on fighting potential crime against their privacy-minded neighbors. Adam Schwartz of the Electronic Frontier Foundation says, “It does, frankly, create new public safety problems when you put powerful surveillance tools in the hands of untrained people who are fixated on local crime.”