What the Hack? Podcast
What the Hack? Podcast
What the Hack? Podcast
What the Hack? Podcast

Data Security

The latest on data breaches and cybersecurity and data security by Adam K Levin.

Black Lives Matter malware
The U.S. and global protests of the killing of George Floyd are being used to spread malware according to the cybersecurity non-profit organization abuse.ch.  The Zurich-based group identified a phishing campaign that capitalizes on the Black Lives Matter movement to distribute malware. Emails with the subject line “Vote anonymous about ‘Black Lives Matter’” have been sending a variant of TrickBot,...
Honda ransomware
Japanese automotive manufacturer Honda is investigating a possible ransomware attack that has caused company-wide network outages. Several news outlets have reported that the company’s servers have been infected with the EKANS ransomware which led to network connectivity issues in Europe and Japan over the weekend. "On Sunday, June 7, Honda experienced a disruption in its computer network that has caused a...
Joomla data leak
Administrators of the open source Joomla content management system announced a data incident that potentially compromised the information of 2,700 developers. A database containing the personal data of users of Joomla Resources Directory website was discovered on an unprotected Amazon Web Services bucket following an internal audit. Leaked information included names, addresses, email addresses, phone numbers, encrypted passwords, and IP...
Mathway breach
Over 25 million user logins and passwords from a popular math app are being offered for sale on the dark web following a data breach. Mathway, a popular app for iOS and Android devices, recently uncovered evidence of the breach after a hacking group announced it was selling Mathway user data on the dark web for roughly $4,000 in Bitcoin.  ShinyGroup,...
celebrity law firm hack
The hackers who attacked a major entertainment and media law firm have now doubled the sum they’re demanding, and have included a threat to reveal compromising data on President Donald Trump. Grubman Shire Meiselas & Sacks represents high-profile clients including U2, Madonna, Lizzo, Drake, and Lady Gaga among many others. The firm was targeted with ransomware earlier this month, which...
Magellan Health Ransomware
In the wake of an April ransomware attack, Fortune 500 healthcare company Magellan Health announced that a hacker exfiltrated customer data. The ransomware attack was first detected by Magellan Health April 11, 2020, and was traced back to a phishing email that had been sent and opened five days earlier. Subsequent investigation revealed that customer data had been exfiltrated prior...
celebrity data breach
A major entertainment and media law firm experienced a massive data breach that may have compromised the data of many celebrities including Bruce Springsteen, Lady Gaga, Madonna, Nicki Minaj, Christina Aguilera, and others. Grubman Shire Meiselas & Sacks, a New York-based law firm, was hit by a ransomware attack that compromised at least 756 gigabytes of client data, including contracts,...
Password manager
It’s World Password Day, and much like every other day of the year, the state of password security is terrible.  Despite repeated warnings from security experts and IT departments, “123456” is still the most common password for the last seven years, narrowly edging out “password.” The problem isn’t limited to easily guessed passwords: a recent study of remote workers found that...
Adult site leaks 7 TB of data
Users on an adult streaming platform may have experienced the wrong kind of exposure when over seven terabytes of data was found on an unprotected database online. The damage done could include the dissemination of amateur pornographic user images.  CAM4, a video streaming service primarily for adult amateur webcam content, reportedly left more than 11 million user records online on...
Pharma exec credential breach
The online credentials for 68% of pharmaceutical executives analyzed for a study have been compromised recently. The study, conducted by cybersecurity firm Blackcloak, found that the email accounts of over two-thirds of pharmaceutical executives had been compromised within the last five to ten years. Of the compromised emails, 57% were found on the dark web and had been either cracked...