Bourbon and Breaches by HackNotice

In this episode of Bourbon and Data Breaches, we cover the following stories:  

 "1. Uber ex-CSO verdict raises thorny issues of cyber governance and transparency https://www.cybersecuritydive.com/news/uber-cso-convicted/634332/The former chief security officer of Uber was convicted in a historic federal trial earlier this month, after the defendant was charged with covering up a ransomware attack while his firm was under investigation by the Federal Trade Commission for prior lapses in data protection.   

2. Microsoft data breach exposes customers’ contact info, emails   https://www.bleepingcomputer.com/news/security/microsoft-data-breach-exposes-customers-contact-info-emails/ Microsoft said today that some of its customers' sensitive information was exposed by a misconfigured Microsoft server accessible over the Internet.  

3. Shein owner fined $1.9M for failing to notify 39M users of data breach https://techcrunch.com/2022/10/13/shein-zoetop-fined-1-9m-data-breach/A data breach from 2018 is putting Shein under the spotlight as the ultra-fast fashion e-commerce platform continues to conquer Gen Z markets across the world. Zoetop, the firm that owns Shein and its sister brand Romwe, has been fined $1.9 million by New York for failing to properly handle a security incident, according to a notice from the state’s attorney general office this week. New York doesn’t publicly release data breach notifications like Maine, New Hampshire, California or other states, which is why the notice came so much later than when the cyberattack happened  

4. Optus tells customers affected by data breach they can no longer use passports as online ID  https://www.theguardian.com/business/2022/oct/17/optus-tells-customers-affected-by-data-breach-they-can-no-longer-use-passports-as-online-id Optus customers told they would not need a new passport after their documents were compromised in the recent data breach have now been notified that they can no longer use this document for online identification. Daniel Reeders, whose passport was one of more than 100,000 exposed in the Optus hack, had been told that all was well and he did not need to start the process to receive a new passport. However, late Friday he was informed he would no longer be able to use his passport online as identification  

5. New York fines EyeMed $4.5 million for 2020 email hack, data breach https://www.scmagazine.com/analysis/privacy/new-york-fines-eyemed-4-5-million-for-2020-email-hack-data-breach The state of New York has slapped EyeMed Vision Care with yet another fine over its massive 2020 email hack and healthcare data breach. This time the vision benefits company will pay a $4.5 million penalty for multiple security violations that “contributed to” the data exposure"

In this episode of BnB, we discuss the top 5 cybersecurity news of the week:  

 1. Trickbot internal message leaked 

2. Memorial Hermann patients affected by breach 

3. Puma affected by Kronos incident 

4. More dark net forums seized in government effort 

5. $3.6 billon of stolen bitcoin recovered

In this episode of Bourbon and Data Breaches, we discuss the week's top 5 cybersecurity news:  

1. Belarusian railways compromised.  

2. Linn County officials try to get systems up and running.  

3. OpenSubtitles confirms data breach affecting 7 million people.   

4. Bloomington school district reveals a 334 percent spike in cybersecurity insurance rates.   

5. School district didn't inform parents about the attack, so threat actors reached out to the victims directly.

Welcome to the first BnB episode of 2022. In this episode, we cover the Top Five Cybersecurity News of the Week of January 10th:   

1. AvosLocker remotely access boxes in safe mode.   

2. Ransomware group Ragnar_Locker claims successful hack of Sectrio.  

Bourbon Break: In this episode, we try the Two Stars Bourbon.   

3. A ransomware attack on an Alberquerque jail took away access to camera feeds and disabled automatic door mechanisms.    

4. Hackers target dozens of Ukrainian government websites and leave message "be afraid and expect the worst."   

5. Members of REvil ransomware gang arrested in Russia.

This is the final Bourbon and Data Breaches Videocast of the Year. In this episode, we cover the Top Five Cybersecurity News of the Week of November 29th:   

1. IKEA battles an ongoing cyberattack where multiple employees were targeted to become victims of phishing attacks.   

2. Panasonic faces another data breach where hackers took advantage of a third-party vendor. The tech giant is working to fix the impact.   Bourbon Break: In this episode, we try the Heaven's Door Double Barrel Whiskey by Bob Dylan.   

3. DNA Diagnostics Center, a DNA testing firm in Ohio, was recently breached. Hackers gain access to the information of over 2 million customers.   

4. Notorious fraudster Krasr recruits 7 Amazon employees as moles and steals $160,000 from the business.   

5. Planned Parenthood (Los Angeles) data breach results in 400,000 people whose data was stolen.

In this week of Bourbon and Data Breaches, the HackNotice Team discusses the Top 5 cybersecurity news of the week: 

1. The U.K. Labor Party has a "cyber incident" that exposed the details of both supporters and members. 

2. Kaspersky says threat actors in a spear-phishing attempt used an Amazon eMail token issued to a third-party contractor. 

3. Ransomware group Conti targets a prolific jeweler, exposes details of affluent people and celebrities. 

4. Cryptocurrency lender CREAM Finance was recently hacked that led to over $130 million stolen. 

5. A Luton man's identity was stolen, and the identity thief sold the man's house on the man's behalf.

In this episode of bourbon and data breaches, the HackNotice team discusses the five latest cybersecurity breaches of this week:  

1. A hacker breached the Argentinian government and stole the entire country’s ID details. The data is now being sold in private circles.  

2. The notorious ransomware group REvil claims that they are closing shop again.  

Bourbon Break: LoneStar 1835 Single Barrell Bourbon Whiskey.

3. Sinclair TV-Network outage was not a technical difficulty but a ransomware attack. 

4. A ransomware gang found a creative way to recruit members. Posing as a cybersecurity company. 

5. Ferrara, a prominent U.S. candy-maker, suffers a ransomware incident right before Halloween.

In this episode of bourbon and data breaches, the HackNotice team discusses the five latest cybersecurity breaches of this week:  

1. OnlyFans Employees were able to access Models' and Users' data even after leaving.   

2. Facebook outage blamed on bad DNS server and BGP issues.  

3. Twitch suffered a major data breach, where hackers accessed 'everything.'  

4. Syniverse quietly admits to hackers being in their system for years.  

5. Outdated and Misconfigured Apache Airflow servers leak sensitive data information.

In this episode of bourbon and data breaches, the HackNotice team discusses the five latest cybersecurity breaches of this week:  

1. Ransomware gang BlackMatter targets New Cooperative, IOWA, demanding a $5.9 Million Ransom.   

2. Biden administration targets ransomware payment 'enablers.'  

3. FBI held onto the decryptor key during the REvil attacks in July.  

4. Information of 250 Afghan interpreters exposed on accident   

5. Anonymus takes credit for taking of hosting provider Epik, leaks data of 15 million users

In this episode of bourbon and data breaches, the HackNotice team discusses the five latest cybersecurity breaches of this week:  

1. Alt-Right Texas group's website leaked the resumes of applicants.  

2. Ransomware gang REvil's servers come back online after a two-month hiatus  

3. Howard University was affected by ransomware leading the school to cancel classes for a day. 

4. Central Bank of Ireland mistakenly exposes personal information of 50 credit union executives  

5. US Cybercom warns of mass exploitation of Atlassian Confluence vulnerabilit

In this special episode of Bourbon and Breaches, the HackNotice team says goodbye to a cast member while welcoming a new one.   

This episode features a beer instead of a bourbon considering it's our crew members' last time as a moderator, so we decided to have a special episode per his request.   

Tune in as we discuss the 5 recent data breaches, from Discord Malwares to Texas' school ISD's.   

As always, if you want us to cover a breach or a bourbon, leave a comment below and we'll get to it.

In our recent discussion in Bourbon and Data Breaches, we open a bottle of Rebel Yell Bourbon and talk about the most interesting cybersecurity stories affecting millions of people's data. Our topics of the week:

Clop: Ransomware Gang or Softwre?

Intuit, Turbotax user accounts compromised

Pelotons are new frontier for hackers

EA Games source code leaked over Slack trickery

Ransomware gang REvil A/B tests headlines to see which grab more attention

In our recent discussion in Bourbon and Data Breaches, we open a bottle of Leopold Bros Bourbon and talk about the most interesting cybersecurity stories affecting millions of people's data. Our topics:

FUJIFILM shuts down network after suspected ransomware attack

U.S. says ransomware attack on meatpacker JBS likely from Russia

MTA Hacked in April Cyberattack; Employee, Customer Info Was Not Compromised

Scripps notifying 147,000 people about data breach tied to cyberattack

More than 11,000 people’s personal information released in APD data leak

In our recent discussion in Bourbon and Data Breaches, we open a bottle of Old Forester 100 Proof Bourbon Whiskey and talk about the most interesting cybersecurity stories affecting millions of people's data. Our topics:

The dangers of remote work

Our thoughts on the RSA hack

Ransomware gangs vs the health industry

Paying ransomware and getting fined

Military veterans' data in constant danger

In our recent discussion in Bourbon and Data Breaches, we open a bottle of Maker's Mark Blueberry Yum Yum and talk about the most interesting cybersecurity stories affecting millions of people's data. Our topics:

US Customs and Border Protection

Brazilian Court System

Escort Sites posted to Github

Ransomware as a Service

IRS wants crypto

In our recent discussion in Bourbon and Data Breaches, we open a bottle of Evan Williams Single Barrel and talk about the most interesting cybersecurity stories affecting millions of people's data. Our topics:

Signal: https://signal.org/en/

The Oscars: https://www.oscars.org/

European Soccer: https://www.uefa.com/

Treehouse Hotels: treehousehotels.com

Washington DC Police Department: https://mpdc.dc.gov/

In our recent Bourbon and Data Breaches discussion, we talk about the most interesting cybersecurity stories affecting millions of people's data. Our topics:

Mercato: mercato.com

NBA: nba.com

Apple: apple.com

FBI: fbi.gov

For bourbon, we're tasting Chamber's Bay Distillery Boathouse Bourbon

In our recent Bourbon and Data Breaches discussion, we talk about the most interesting cybersecurity stories affecting millions of people's data. Our topics:

Public Water Hack

College Universities

Facebook

Home Security Video

Hacker Schemes

For bourbon, we're tasting Angel's Envy Bourbon - https://www.angelsenvy.com/

In our recent Bourbon and Data Breaches discussion, we talk about the most interesting cybersecurity stories affecting millions of people's data. Our topics:

SpaceX: https://www.spacex.com/

PHP Programming

Fat Face: fatface.com

Ransomware Gang Refunds

Luby's: lubys.com

For bourbon, we're tasting Still Austin Bourbon - https://stillaustin.com/booze/straight-bourbon-whiskey/

In Episode 18 of Bourbon and Data Breaches, we cover the most recent cyberattacks and stories that have put millions of people's data at risk. We cover:

High School Homecoming Scandal

Hobby Lobby: hobbylobby.com

Acer: acer.com

Tesla: tesla.com

Microsoft: microsoft.com

We're sampling David Nicholson Reserve during the data breach reviews - https://davidnicholsonbourbon.com/whiskey/

In Episode 16 of Bourbon and Data Breaches, we cover the most recent cyberattacks that have put millions of people's data at risk. Who's on the list?

Microsoft: https://www.microsoft.com

CIBA Insurance: https://www.cibaservices.com

European Medicines Agency: https://www.ema.europa.eu/en

American Airlines: https://www.aa.com

We're sampling Oak & Eden Bourbon during the data breach reviews https://www.oakandeden.com/

In Episode 15 of Bourbon and Data Breaches, we cover the most recent cyberattacks that have put millions of people's data at risk. Who's on the list?

T Mobile: https://www.t-mobile.com/

Solarwinds: solarwinds.com

Qualys: http://qualys.com/

Oxford University: https://www.ox.ac.uk/

Gab: https://gab.com/

We're sampling Bib & Tucker Bourbon during the data breach reviews - https://bibandtuckerbourbon.com/

In Episode 14 of Bourbon and Data Breaches, we cover the most recent cyberattacks that have put millions of people's data at risk. Who's on the list?

Clubhouse App

Kia: kia.com

Apple: apple.com

We're sampling Four Roses Bourbon during the data breach reviews - https://fourrosesbourbon.com/

In Episode 12 of Bourbon and Data Breaches, we cover the most recent cyberattacks that have put millions of people's data at risk. Who's on the list?

Serco: https://www.serco.com/

Snapchat: https://www.snapchat.com/

WhatsApp: https://www.whatsapp.com/?lang=en

Office of the Australian Information Commissioner: https://www.oaic.gov.au/

What we're sipping during the breach reviews: Larceny Wheated Bourbon - https://larcenybourbon.com/

In Episode 10 of Bourbon and Data Breaches, we cover the most recent cyberattacks that have put millions of people's data at risk. Who's on the list?

Excellus Health Plan: https://www.excellusbcbs.com/

Pfizer: https://www.pfizer.com/

BioNTech: https://biontech.de/

What we're sipping during the breach reviews: Early Times - https://www.earlytimes.com/

In Episode 9 of Bourbon and Data Breaches, we cover the most recent cyberattacks that have put millions of people's data at risk. Who's on the list?

Nissan: https://www.nissanusa.com/

Parler App

Jetbrains: https://www.jetbrains.com/

Reserve Bank of New Zealand: https://www.rbnz.govt.nz/

JP Morgan Chase: https://www.jpmorganchase.com/

What we're sipping during the breach reviews: Basil Hayden's -https://www.basilhaydens.com/

In Episode 8 of Bourbon and Data Breaches, we cover cyber threats from corporate espionage and poor cybersecurity practices by companies that handle your data. Who's on the list?

Ticketmaster: https://www.ticketmaster.com/

T-Mobile: https://www.t-mobile.com/

Sabre: https://www.sabre.com/

British Airways: https://www.britishairways.com/

Solarwinds (followup): https://www.solarwinds.com/

We review Evan Williams Single Barrel Vintage: https://heavenhilldistillery.com/evan-williams-single-barrel-vintage.php

In Episode 7 of Bourbon and Data Breaches, we talk about how school systems can breed hackers and how recent breaches can impact nearly everyone that operates on the internet.

Solar Winds: https://www.solarwinds.com/

Dental Care Alliance: https://www.dentalcarealliance.net/

Instagram: https://www.instagram.com/

Ledger: https://www.ledger.com/

We review David Nicholson 1843 Kentucky Straight Bourbon Whiskey: https://davidnicholsonbourbon.com/

In Episode 6 of Bourbon and Data Breaches, we're covering the evolution of the "Nigerian Prince scam," hackers targeting COVID vaccine research, US retailers, iPhones, and cybersecurity firms.

Kmart: https://www.kmart.com/

Apple: https://www.apple.com/

FireEye: https://www.fireeye.com/

We review Wild Turkey Longbranch Bourbon.

Wild Turkey: https://wildturkeybourbon.com/

In Episode 5 of Bourbon and Data Breaches, we're covering bugs affecting Microsoft by way of Xbox, Tesla, Walmart, Amazon, eBay, and Sophos.  

Microsoft: https://www.microsoft.com/en-us/

Xbox: https://www.xbox.com/en-US/

Tesla: https://www.tesla.com/

Walmart: https://www.walmart.com/

Amazon: https://www.amazon.com/

eBay: https://www.ebay.com/Sophos: https://www.sophos.com/en-us.aspx

In Episode 4 of Bourbon & Breaches, we take a look at recent data cyberattacks aimed at Spotify (https://www.spotify.com/us/), Liquid cryptocurrency (https://www.liquid.com/), Facebook Messenger (https://www.messenger.com/) and more.

Hackers are breaking into organizations to steal data to sell to the dark web. We are discussing some of the biggest recent data breaches and tasting different bourbons while we're at it. Check out Bourbon and Data Breaches with the HackNotice Team.  

In this episode we look at hackers targeting: 

Campari: https://www.campari.com/ 

Capcom: https://www.capcom.com/ 

Mattel: https://www.mattel.com/en-us 

Prestige Software: http://www.prestige-soft.com/en/index.html 

GEO Group: https://www.geogroup.com/ 

and more.

Hackers are breaking into organizations to steal data to sell to the dark web. We are discussing some of the biggest recent data breaches and tasting different bourbons while we're at it. Check out Bourbon and Data Breaches with the HackNotice Team.