CNN: 4 companies affected by security breaches in June

CNN: 4 companies affected by security breaches in June. “There’s been a sharp rise in cyberattacks in recent weeks, often disrupting services and products that are essential to everyday lives…. The uneasy trend continued in June, with several high-profile companies like McDonald’s and Peloton revealing they, too, were targeted by hackers. These incidents highlight the growing need for cybersecurity professionals, a space that’s facing a skills gap.”

WUSA: Hackers demand $4 million ransom from DC police, as more officers’ confidential info posted to the dark web

WUSA: Hackers demand $4 million ransom from DC police, as more officers’ confidential info posted to the dark web. “In the latest escalation of an unprecedented cyber-attack against U.S. law enforcement, hackers belonging to the Russian-speaking Babuk syndicate posted a $4 million ransom demand against the Metropolitan Police Department on the dark web. The demand came as more D.C. police officers received notice their confidential information was included within the scope of the April hack.”

BBC: Cyber-attack hackers threaten to share US police informant data

BBC: Cyber-attack hackers threaten to share US police informant data. “Washington DC’s Metropolitan Police Department has said its computer network has been breached in a targeted cyber-attack, US media report. A ransomware group called Babuk is reportedly threatening to release sensitive data on police informants if it is not contacted within three days. The FBI is investigating the extent of the breach, US media reported, citing the Washington DC police department.”

Albania: Alarm Over Indications Of Personal Data Breach, Election Campaign Violations (Transparency International)

Transparency International: Albania: Alarm Over Indications Of Personal Data Breach, Election Campaign Violations. “On 11 April, an Albanian media portal published a database containing personal data and private information of 910,000 individuals, allegedly maintained by the country’s ruling Socialist Party. It was revealed – and since then confirmed – that ‘patrons’ were assigned to voters who tracked their political preferences. Additional comments, recorded by the patrons, reportedly detail their interactions with citizens, with some instances amounting to possible voter intimidation.”

Business Insider: 533 million Facebook users’ phone numbers and personal data have been leaked online

Business Insider: 533 million Facebook users’ phone numbers and personal data have been leaked online. “A user in a low level hacking forum on Saturday published the phone numbers and personal data of hundreds of millions of Facebook users for free online. The exposed data includes personal information of over 533 million Facebook users from 106 countries, including over 32 million records on users in the US, 11 million on users in the UK, and 6 million on users in India. It includes their phone numbers, Facebook IDs, full names, locations, birthdates, bios, and — in some cases — email addresses.”

KCLR: Database with details for nearly 450,000 across Ireland compromised by hackers

KCLR: Database with details for nearly 450,000 across Ireland compromised by hackers. “The Irish Data Protection Commission says it’s received a breach notification from Fastway Couriers. The customer data impacted includes names, addresses, email accounts and phone numbers, but the company says nobody’s financial data was at risk. It’s understood that up to 450,000 people may be impacted.”

The Verge: Security startup Verkada hack exposes 150,000 security cameras in Tesla factories, jails, and more

The Verge: Security startup Verkada hack exposes 150,000 security cameras in Tesla factories, jails, and more. “Verkada, a Silicon Valley security startup that provides cloud-based security camera services, has suffered a major security breach. Hackers gained access to over 150,000 of the company’s cameras, including cameras in Tesla factories and warehouses, Cloudflare offices, Equinox gyms, hospitals, jails, schools, police stations, and Verkada’s own offices, Bloomberg reports.”

CNET: Microsoft Exchange attackers strike more than 30,000 US organizations

CNET: Microsoft Exchange attackers strike more than 30,000 US organizations. “On March 2, Microsoft released an emergency security update for its Microsoft Exchange email and communications software, patching a security hole in versions of the software going back to 2013. But as customers slowly update their systems, there are signs that at least 30,000 organizations across the US have already been hit by hackers who stole email communications from their systems.”

Ars Technica: Rookie coding mistake prior to Gab hack came from site’s CTO

Ars Technica: Rookie coding mistake prior to Gab hack came from site’s CTO. “Over the weekend, word emerged that a hacker breached far-right social media website Gab and downloaded 70 gigabytes of data by exploiting a garden-variety security flaw known as an SQL injection. A quick review of Gab’s open source code shows that the critical vulnerability—or at least one very much like it—was introduced by the company’s chief technology officer.”

Wired: Far-Right Platform Gab Has Been Hacked—Including Private Data

Wired: Far-Right Platform Gab Has Been Hacked—Including Private Data . “WHEN TWITTER BANNED Donald Trump and a slew of other far-right users in January, many of them became digital refugees, migrating to sites like Parler and Gab to find a home that wouldn’t moderate their hate speech and disinformation. Days later, Parler was hacked and then dropped by Amazon web hosting, knocking the site offline. Now Gab, which inherited some of Parler’s displaced users, has been badly hacked too. An enormous trove of its contents has been stolen—including what appears to be passwords and private communications.”

ProPublica: The U.S. Spent $2.2 Million on a Cybersecurity System That Wasn’t Implemented — and Might Have Stopped a Major Hack

ProPublica: The U.S. Spent $2.2 Million on a Cybersecurity System That Wasn’t Implemented — and Might Have Stopped a Major Hack. “The software company SolarWinds unwittingly allowed hackers’ code into thousands of federal computers. A cybersecurity system called in-toto, which the government paid to develop but never required, might have protected against this.”