Mastodon Migration
boosted
Dave V. ND9JR
boosted
If the #government gave a crap about any of us the #databroker industry simply wouldn't exist.
It should be illegal to harvest people's data and even worse to sell it. It's called #stalking when we do it.
They are vultures and pick over the corpse of every #databreach
If the #government gave a crap about any of us the #databroker industry simply wouldn't exist.
It should be illegal to harvest people's data and even worse to sell it. It's called #stalking when we do it.
They are vultures and pick over the corpse of every #databreach
Angela Antunovic
boosted
3 media
3 media
Flock Hardcoded the Password for America's Surveillance Infrastructure 53 Times
#HackerNews #FlockSafety #Surveillance #Infrastructure #Password #Breach #Cybersecurity #Privacy #Issues #America
SoundCloud confirms breach after member data stolen, VPN access disrupted
#HackerNews #SoundCloud #Breach #DataSecurity #Cybersecurity #VPNHacked #MemberData
Alex Akselrod
boosted
Major breach of an emergency notification provider (CodeRed/Onsolve), which is a very bad thing.
“Dear Valued Customer,
Further to our previous communications, we’d like to provide you with an update regarding the cybersecurity incident which damaged the OnSolve CodeRED environment in a targeted attack by an organized cybercriminal group. Our forensic analysis continues to indicate that this is an incident strictly contained within the OnSolve CodeRED environment with no contagion beyond.
We have learned that data associated with the legacy OnSolve CodeRED platform was removed from our systems. While there is currently no indication that this data has been published online, we are proactively informing you that it may be leaked.
It appears that the impacted dataset may contain contact information of OnSolve CodeRED users: name, address, email address, phone numbers, and/or associated passwords used to create user profiles for alerts. If the same password is used by users for any other personal or business accounts, those passwords should be changed immediately.”
https://dcsheriff.net/important-nationwide-codered-outage-data-breach-update/
Major breach of an emergency notification provider (CodeRed/Onsolve), which is a very bad thing.
“Dear Valued Customer,
Further to our previous communications, we’d like to provide you with an update regarding the cybersecurity incident which damaged the OnSolve CodeRED environment in a targeted attack by an organized cybercriminal group. Our forensic analysis continues to indicate that this is an incident strictly contained within the OnSolve CodeRED environment with no contagion beyond.
We have learned that data associated with the legacy OnSolve CodeRED platform was removed from our systems. While there is currently no indication that this data has been published online, we are proactively informing you that it may be leaked.
It appears that the impacted dataset may contain contact information of OnSolve CodeRED users: name, address, email address, phone numbers, and/or associated passwords used to create user profiles for alerts. If the same password is used by users for any other personal or business accounts, those passwords should be changed immediately.”
https://dcsheriff.net/important-nationwide-codered-outage-data-breach-update/
Em :official_verified:
boosted
They say "no sensitive information" was compromised, after a data breach involving real names, email addresses, phone numbers, and physical addresses.
That's some serious bullshit right there.
That is, in fact, "sensitive information," you idiots.
#infosec #privacy #DoorDash #breach
DoorDash confirms data breach impacting users’ phone numbers and physical addresses | TechCrunch
https://techcrunch.com/2025/11/17/doordash-confirms-data-breach-impacting-users-phone-numbers-and-physical-addresses/
They say "no sensitive information" was compromised, after a data breach involving real names, email addresses, phone numbers, and physical addresses.
That's some serious bullshit right there.
That is, in fact, "sensitive information," you idiots.
#infosec #privacy #DoorDash #breach
DoorDash confirms data breach impacting users’ phone numbers and physical addresses | TechCrunch
https://techcrunch.com/2025/11/17/doordash-confirms-data-breach-impacting-users-phone-numbers-and-physical-addresses/
I have recordings proving Coinbase knew about breach months before disclosure
https://jonathanclark.com/posts/coinbase-breach-timeline.html
#HackerNews #Coinbase #Breach #Disclosure #Breach #Timeline #Security #Concerns #Cryptocurrency
Oops
BleepingComputer: Hyundai AutoEver America data breach exposes SSNs, drivers licenses
"...Its role is to supply IT solutions and services tailored to the automotive industry, particularly for Hyundai and Kia affiliates, including vehicle telematics, OTA (over-the-air) updates, maps, vehicle connectivity, embedded systems, and autonomous driving systems...."
Looks like somebody broke into #atari's #Sendgrid account and used it to send a bunch of phishing emails.
No explanation given for how; perhaps @zackwhittaker can wheedle it out of them.
Since it says here that they've "secured" the account, my guess is a bad password (or infostealer) + no #2FA. The most obvious explanation is usually the correct one.
Though I suppose a cracked Lastpass vault is also a possibility.
#infosec #breach
Stefano Marinelli
boosted
Wow, the damage from that Red Hat GitLab breach seems to be getting worse by the day. Jeez.
The Crimson Collective, the cybercriminal gang claiming responsibility for breaching the repo and stealing over 500GB of data, now seems to be collaborating with other cybercriminal gangs to extort Red Hat.
From the article, the cybercrim alliance:
"threatens to publish a "multi terabyte of data haul of your most sensitive intellectual property" and accuses Red Hat of failing to safeguard what it claims are trade secrets and personal data, invoking GDPR and US state privacy laws. It also reckons Red Hat's doors were kicked in on September 13 – weeks before the company came clean about the break-in."
https://www.theregister.com/2025/10/07/red_hat_breach_new_claims/?td=rt-9bp
#redhat #gitlab #news #technews #cyberattack #breach #cybersecurity #security #cybercrime #crime #extortion
Wow, the damage from that Red Hat GitLab breach seems to be getting worse by the day. Jeez.
The Crimson Collective, the cybercriminal gang claiming responsibility for breaching the repo and stealing over 500GB of data, now seems to be collaborating with other cybercriminal gangs to extort Red Hat.
From the article, the cybercrim alliance:
"threatens to publish a "multi terabyte of data haul of your most sensitive intellectual property" and accuses Red Hat of failing to safeguard what it claims are trade secrets and personal data, invoking GDPR and US state privacy laws. It also reckons Red Hat's doors were kicked in on September 13 – weeks before the company came clean about the break-in."
https://www.theregister.com/2025/10/07/red_hat_breach_new_claims/?td=rt-9bp
#redhat #gitlab #news #technews #cyberattack #breach #cybersecurity #security #cybercrime #crime #extortion
Missed opportunity to use surprised_pikachu.jpg as a link preview image here
https://www.theverge.com/news/792032/discord-customer-service-data-breach-hack
