Domain: databreaches.net
Stories and comments across the archive that link to databreaches.net.
Stories · 6
-
Hacker Leaks 'Orange Is the New Black' Episodes After Failing To Extort Netflix (bleepingcomputer.com)
An anonymous reader writes: "A hacker (or hacker group) known as The Dark Overlord (TDO) has leaked the first ten episodes of season 5 of the "Orange Is The New Black" show after two failed blackmail attempts, against Larson Studios and Netflix," reports BleepingComputer. The hacker said he stole hundreds of gigabytes of audio files from Larson Studios last December. "TDO claims the studio initially agreed to pay a ransom of 50 Bitcoin ($67,000) by January 31, and the two parties even signed a contract, albeit TDO signed it using the name 'Adolf Hitler.'" This might have been the reason why the company thought this was a joke and didn't pay the ransom as initially agreed.
At this point, the hacker turned from the studio to Netflix, but the company didn't want to pay either. As a warning, the hacker leaked the first episode of season 5, but half a day later, he leaked 9 more. "According to Netflix's website, season 5 is supposed to have 13 episodes and is scheduled for release in June, this year." The hacker also claims he's in possession of shows and movies from other movie studios and television channels, such as FOX, IFC, NAT GEO, and ABC. Some of the titles include "Celebrity Apprentice," "NCIS Los Angeles," "New Girl," and "XXX The return of Xander Cage". -
A Huge Trove of Patient Data Leaks, Thanks To Telemarketers' Bad Security (zdnet.com)
"A trove of records containing personal and health information on close to a million people was exposed after a former developer working at a telemarketing company uploaded a backup of its database to the internet," writes ZDNet. An anonymous reader quotes their report: The data contained personal and health-related information, such as names, addresses, dates of birth, phone numbers, email addresses, Social Security numbers, health insurance information, and other data relating to the types of health problems the individuals have regarding the products they need, though many of the records were truncated or incomplete. An examination showed that the database was used to market products to thousands of customers by telemarketers at HealthNow -- no longer a registered business as of 2015. Several records we've seen included customized notes written by staff who were tasked with calling customers, such as when they are home and any other relevant information on the subject.
The database apparently lingered online for years in an AWS instance until it was discovered two weeks ago in search results from Shodan by a Twitter user calling himself Flash Gordon. Databreaches.net, which investigated the breach with ZDNet, believes this as a teachable moment. "Before you give your personal or health insurance information to telemarketers or firms that call to offer you supplies for diabetes or back pain or other conditions, think twice." -
FBI Raids Dental Software Researcher Who Found Patient Records On Public Server (dailydot.com)
blottsie writes: Yet another security researcher is facing possible prosecution under the CFAA for accessing data on a publicly accessible server. The FBI on Tuesday raided Texas-based dental software security researcher Justin Shafer, who found the protected health records of 22,000 patients stored on an anonymous FTP. "This is a troubling development. I hope the government doesn't think that accessing unsecured files on a public FTP server counts as an unauthorized access under the CFAA," Orin Kerr, a George Washington University law professor and CFAA scholar told the Daily Dot. "If that turns out to be the government's theory -- which we don't know yet, as we only have the warrant so far -- it will be a significant overreach that raises the same issues as were briefed but not resolved in [Andrew 'weev' Auernheimer's] case. I'll be watching this closely." It was also reported this week via The Intercept that a provision snuck into the still-secret text of the Senate's annual intelligence authorization that would give the FBI the ability to demand individuals' email data and possibly web-surfing history from their service providers using those beloved 'National Security Letters' -- without a warrant and in complete secrecy. -
Dissension Grows Inside Anonymous Because Of Political Propaganda (softpedia.com)
An anonymous reader writes from a report on Softpedia: Political tensions relating to the U.S. presidential race are creating turmoil inside the Anonymous hacker collective, muddling waters even more in a group that's known for its lack of leadership and a common goal. The most recent Anonymous infighting relates to the actions of the group's most famous news portal known as AnonHQ, who's been showing downright public support for Bernie Sanders, while being extremely busy at bashing Trump, Cruz, and more recently issuing video threats against Clinton. Ever since Anonymous' official news source has started showing public support for Sanders, many of the group's divisions have publicly disavowed it and have even gone so far as launching constant waves of DDoS attacks at what once used to be the hacker's official news portal. Last month, when a former Anonymous member decided to dox himself, he said in interviews that the group had been infiltrated by government agents. -
Hacker GhostShell Doxes Himself So He Could Get a Job In the Industry
An anonymous reader writes: One of the most notorious hackers around has decided to dox himself after getting tired of hacking companies and failing to find a legitimate job in the infosec community. Razvan Eugen Gheorghe, 24, is one of the early LulzSec members and leader of Team GhostShell. He is now hoping to get arrested so that he could negotiate a plea deal and become a white hat hacker with a company or state agency somewhere. For the past 4 years, the hacker was literally 2km away from Romania's crime investigation unit, a 10-minute ride away. -
Following Data Leak, HIV Dating App's Developers Threaten Infection (csoonline.com)
itwbennett writes: Sometime before November 29, the MongoDB housing the data of Hzone, a dating app for HIV-positive singles, was exposed to the Internet. The company, displeased with having the security incident disclosed, responded to an email notification from DataBreaches.net with this threat: "Why do you want to do this? What's your purpose? We are just a business for HIV people. If you want money from us, I believe you will be disappointed. And, I believe your illegal and stupid behavior will be notified by our HIV users and you and your concerns will be revenged by all of us. I suppose you and your family members don't want to get HIV from us? If you do, go ahead." Hzone later apologized for the threat.