Gov’t, Judicial IT Systems Beset by Access Control Bugs

October 1, 2024 at 05:16PM Numerous high- and critical-severity bugs were discovered in government agency software platforms, posing security risks to sensitive personal data such as Social Security numbers and voter registrations. Security researcher Jason Parker exposed vulnerabilities in 19 platforms, including an issue with Georgia’s voter cancellation portal. Outdated systems and inadequate funding contribute … Read more

Verizon Subsidiary Settles With FCC for $16M Over Three Data Breaches

July 24, 2024 at 08:39AM Telecommunications provider TracFone Wireless has agreed to a $16 million civil penalty to settle investigations into three data breaches involving the compromise of customer information. The breaches, occurring between Jan 2021 and Jan 2023, exploited APIs and led to unauthorized access to customer information. TracFone will implement an information security … Read more

Attack on Consumer Electronics Manufacturer boAt Leaks Data on 7.5M Customers

April 10, 2024 at 07:58AM A hacker known as “ShopifyGUY” leaked 2GB of personal info from boAt customers in India. The company controls 26% of the wearables market and 40% of earbud sales. Despite selling for $2, the info appears genuine. Companies are advised to invest in anti-exfiltration tools and encrypt their databases to safeguard … Read more