Indictment: Kansas Man Indicted For Tampering With A Public Water System (Department of Justice)

Department of Justice: Indictment: Kansas Man Indicted For Tampering With A Public Water System . “The indictment alleges that on or about March 27, 2019, in the District of Kansas, [Wyatt] Travnichek knowingly accessed the Ellsworth County Rural Water District’s protected computer system without authorization. During this unauthorized access, it is alleged Travnichek performed activities that shut down the processes at the facility which affect the facilities cleaning and disinfecting procedures with the intention of harming the Ellsworth Rural Water District No. 1, also known as Post Rock Rural Water District.”

SC Magazine: Policyholders may be the primary target in hack of cyber insurance provider CNA

SC Magazine: Policyholders may be the primary target in hack of cyber insurance provider CNA. “Insurance firm CNA Financial, a prominent provider of cyber insurance, confirmed a cyberattack against its systems, which has some concerned that cybercriminals may target policyholders. Cybercriminals generally know that companies represented by a cyber insurance company are more likely to pay a large ransomware demand than an uninsured business that doesn’t have the financial backing.”

AP: US charges Swiss ‘hacktivist’ for data theft and leaks

AP: US charges Swiss ‘hacktivist’ for data theft and leaks. “The Justice Department has charged a Swiss hacker with computer intrusion and identity theft, just over a week after the hacker took credit for helping to break into the online systems of a U.S. security-camera startup. An indictment against 21-year-old Till Kottmann was brought Thursday by a grand jury in the Seattle-based Western District of Washington.”

Krebs on Security: WeLeakInfo Leaked Customer Payment Info

Krebs on Security: WeLeakInfo Leaked Customer Payment Info. “A little over a year ago, the FBI and law enforcement partners overseas seized WeLeakInfo[.]com, a wildly popular service that sold access to more than 12 billion usernames and passwords stolen from thousands of hacked websites. In an ironic turn of events, a lapsed domain registration tied to WeLeakInfo let someone plunder and publish account data on 24,000 customers who paid to access the service with a credit card.”

Washington Post: High-schooler and her mother hacked school records to steal homecoming queen election, police say

Washington Post: High-schooler and her mother hacked school records to steal homecoming queen election, police say. “In a sparkling silver dress, the homecoming queen at J.M. Tate High School in Cantonment, Fla., stood on the football field on a brisk evening in late October to accept her crown. But among the students, whispers already had begun spreading about her victory. The homecoming queen had bragged for years about abusing the access her mother had to student records as an assistant principal in the same school system, witnesses later told investigators.”

The Verge: Teen ‘mastermind’ behind the great Twitter hack sentenced to three years in prison

The Verge: Teen ‘mastermind’ behind the great Twitter hack sentenced to three years in prison. “Teenage Twitter hacker Graham Ivan Clark has pleaded guilty to last summer’s unprecedented bitcoin scam attack that involved the takeover of dozens of high-profile accounts on the social network, according to paperwork filed in Florida court on Tuesday. Clark, who was 17 when accused of leading the scam, will spend three years in prison as part of his plea deal.”

FBI: FBI Releases the Internet Crime Complaint Center 2020 Internet Crime Report, Including COVID-19 Scam Statistics

FBI: FBI Releases the Internet Crime Complaint Center 2020 Internet Crime Report, Including COVID-19 Scam Statistics. “The 2020 Internet Crime Report includes information from 791,790 complaints of suspected internet crime—an increase of more than 300,000 complaints from 2019—and reported losses exceeding $4.2 billion. State-specific statistics have also been released and can be found within the 2020 Internet Crime Report and in the accompanying 2020 State Reports.”

ZDNet: Microsoft investigates potential ties between partner security firm, Exchange Server attack code leak

ZDNet: Microsoft investigates potential ties between partner security firm, Exchange Server attack code leak. “The suspected state-sponsored Chinese hacking group Hafnium was originally attributed to exploitation of the zero-days. Now, however, proof-of-concept (PoC) code has been released and more advanced persistent threat (APT) groups are attempting to capitalize on the situation. Ransomware, too, is now being deployed in some attacks.”

VICE: A Hacker Got All My Texts for $16

VICE: A Hacker Got All My Texts for $16. “While I was on a Google Hangouts call with a colleague, the hacker sent me screenshots of my Bumble and Postmates accounts, which he had broken into. Then he showed he had received texts that were meant for me that he had intercepted. Later he took over my WhatsApp account, too, and texted a friend pretending to be me. Looking down at my phone, there was no sign it had been hacked. I still had reception; the phone said I was still connected to the T-Mobile network. Nothing was unusual there. But the hacker had swiftly, stealthily, and largely effortlessly redirected my text messages to themselves. And all for just $16.”

KCLR: Database with details for nearly 450,000 across Ireland compromised by hackers

KCLR: Database with details for nearly 450,000 across Ireland compromised by hackers. “The Irish Data Protection Commission says it’s received a breach notification from Fastway Couriers. The customer data impacted includes names, addresses, email accounts and phone numbers, but the company says nobody’s financial data was at risk. It’s understood that up to 450,000 people may be impacted.”

The Verge: Security startup Verkada hack exposes 150,000 security cameras in Tesla factories, jails, and more

The Verge: Security startup Verkada hack exposes 150,000 security cameras in Tesla factories, jails, and more. “Verkada, a Silicon Valley security startup that provides cloud-based security camera services, has suffered a major security breach. Hackers gained access to over 150,000 of the company’s cameras, including cameras in Tesla factories and warehouses, Cloudflare offices, Equinox gyms, hospitals, jails, schools, police stations, and Verkada’s own offices, Bloomberg reports.”