37 min
Bourbon and Breaches Season 2 Episode 1 Week of November 4th Bourbon and Breaches by HackNotice
-
- Tech News
In this episode of Bourbon and Data Breaches, we cover the following stories:
"1. Uber ex-CSO verdict raises thorny issues of cyber governance and transparency https://www.cybersecuritydive.com/news/uber-cso-convicted/634332/The former chief security officer of Uber was convicted in a historic federal trial earlier this month, after the defendant was charged with covering up a ransomware attack while his firm was under investigation by the Federal Trade Commission for prior lapses in data protection.
2. Microsoft data breach exposes customers’ contact info, emails https://www.bleepingcomputer.com/news/security/microsoft-data-breach-exposes-customers-contact-info-emails/ Microsoft said today that some of its customers' sensitive information was exposed by a misconfigured Microsoft server accessible over the Internet.
3. Shein owner fined $1.9M for failing to notify 39M users of data breach https://techcrunch.com/2022/10/13/shein-zoetop-fined-1-9m-data-breach/A data breach from 2018 is putting Shein under the spotlight as the ultra-fast fashion e-commerce platform continues to conquer Gen Z markets across the world. Zoetop, the firm that owns Shein and its sister brand Romwe, has been fined $1.9 million by New York for failing to properly handle a security incident, according to a notice from the state’s attorney general office this week. New York doesn’t publicly release data breach notifications like Maine, New Hampshire, California or other states, which is why the notice came so much later than when the cyberattack happened
4. Optus tells customers affected by data breach they can no longer use passports as online ID https://www.theguardian.com/business/2022/oct/17/optus-tells-customers-affected-by-data-breach-they-can-no-longer-use-passports-as-online-id Optus customers told they would not need a new passport after their documents were compromised in the recent data breach have now been notified that they can no longer use this document for online identification. Daniel Reeders, whose passport was one of more than 100,000 exposed in the Optus hack, had been told that all was well and he did not need to start the process to receive a new passport. However, late Friday he was informed he would no longer be able to use his passport online as identification
5. New York fines EyeMed $4.5 million for 2020 email hack, data breach https://www.scmagazine.com/analysis/privacy/new-york-fines-eyemed-4-5-million-for-2020-email-hack-data-breach The state of New York has slapped EyeMed Vision Care with yet another fine over its massive 2020 email hack and healthcare data breach. This time the vision benefits company will pay a $4.5 million penalty for multiple security violations that “contributed to” the data exposure"
In this episode of Bourbon and Data Breaches, we cover the following stories:
"1. Uber ex-CSO verdict raises thorny issues of cyber governance and transparency https://www.cybersecuritydive.com/news/uber-cso-convicted/634332/The former chief security officer of Uber was convicted in a historic federal trial earlier this month, after the defendant was charged with covering up a ransomware attack while his firm was under investigation by the Federal Trade Commission for prior lapses in data protection.
2. Microsoft data breach exposes customers’ contact info, emails https://www.bleepingcomputer.com/news/security/microsoft-data-breach-exposes-customers-contact-info-emails/ Microsoft said today that some of its customers' sensitive information was exposed by a misconfigured Microsoft server accessible over the Internet.
3. Shein owner fined $1.9M for failing to notify 39M users of data breach https://techcrunch.com/2022/10/13/shein-zoetop-fined-1-9m-data-breach/A data breach from 2018 is putting Shein under the spotlight as the ultra-fast fashion e-commerce platform continues to conquer Gen Z markets across the world. Zoetop, the firm that owns Shein and its sister brand Romwe, has been fined $1.9 million by New York for failing to properly handle a security incident, according to a notice from the state’s attorney general office this week. New York doesn’t publicly release data breach notifications like Maine, New Hampshire, California or other states, which is why the notice came so much later than when the cyberattack happened
4. Optus tells customers affected by data breach they can no longer use passports as online ID https://www.theguardian.com/business/2022/oct/17/optus-tells-customers-affected-by-data-breach-they-can-no-longer-use-passports-as-online-id Optus customers told they would not need a new passport after their documents were compromised in the recent data breach have now been notified that they can no longer use this document for online identification. Daniel Reeders, whose passport was one of more than 100,000 exposed in the Optus hack, had been told that all was well and he did not need to start the process to receive a new passport. However, late Friday he was informed he would no longer be able to use his passport online as identification
5. New York fines EyeMed $4.5 million for 2020 email hack, data breach https://www.scmagazine.com/analysis/privacy/new-york-fines-eyemed-4-5-million-for-2020-email-hack-data-breach The state of New York has slapped EyeMed Vision Care with yet another fine over its massive 2020 email hack and healthcare data breach. This time the vision benefits company will pay a $4.5 million penalty for multiple security violations that “contributed to” the data exposure"
37 min