Bourbon and Breaches by HackNotice
By HackNotice
Bourbon and Breaches by HackNoticeNov 05, 2022
Bourbon and Breaches Season 2 Episode 1 Week of November 4th
In this episode of Bourbon and Data Breaches, we cover the following stories:
"1. Uber ex-CSO verdict raises thorny issues of cyber governance and transparency https://www.cybersecuritydive.com/news/uber-cso-convicted/634332/The former chief security officer of Uber was convicted in a historic federal trial earlier this month, after the defendant was charged with covering up a ransomware attack while his firm was under investigation by the Federal Trade Commission for prior lapses in data protection.
2. Microsoft data breach exposes customers’ contact info, emails https://www.bleepingcomputer.com/news/security/microsoft-data-breach-exposes-customers-contact-info-emails/ Microsoft said today that some of its customers' sensitive information was exposed by a misconfigured Microsoft server accessible over the Internet.
3. Shein owner fined $1.9M for failing to notify 39M users of data breach https://techcrunch.com/2022/10/13/shein-zoetop-fined-1-9m-data-breach/A data breach from 2018 is putting Shein under the spotlight as the ultra-fast fashion e-commerce platform continues to conquer Gen Z markets across the world. Zoetop, the firm that owns Shein and its sister brand Romwe, has been fined $1.9 million by New York for failing to properly handle a security incident, according to a notice from the state’s attorney general office this week. New York doesn’t publicly release data breach notifications like Maine, New Hampshire, California or other states, which is why the notice came so much later than when the cyberattack happened
4. Optus tells customers affected by data breach they can no longer use passports as online ID https://www.theguardian.com/business/2022/oct/17/optus-tells-customers-affected-by-data-breach-they-can-no-longer-use-passports-as-online-id Optus customers told they would not need a new passport after their documents were compromised in the recent data breach have now been notified that they can no longer use this document for online identification. Daniel Reeders, whose passport was one of more than 100,000 exposed in the Optus hack, had been told that all was well and he did not need to start the process to receive a new passport. However, late Friday he was informed he would no longer be able to use his passport online as identification
5. New York fines EyeMed $4.5 million for 2020 email hack, data breach https://www.scmagazine.com/analysis/privacy/new-york-fines-eyemed-4-5-million-for-2020-email-hack-data-breach The state of New York has slapped EyeMed Vision Care with yet another fine over its massive 2020 email hack and healthcare data breach. This time the vision benefits company will pay a $4.5 million penalty for multiple security violations that “contributed to” the data exposure"
Bourbon and Data Breaches Week of February 7th 2022
In this episode of BnB, we discuss the top 5 cybersecurity news of the week:
1. Trickbot internal message leaked
2. Memorial Hermann patients affected by breach
3. Puma affected by Kronos incident
4. More dark net forums seized in government effort
5. $3.6 billon of stolen bitcoin recovered
Bourbon and Data Breaches Week of January 28th
In this episode of Bourbon and Data Breaches, we discuss the week's top 5 cybersecurity news:
1. Belarusian railways compromised.
2. Linn County officials try to get systems up and running.
3. OpenSubtitles confirms data breach affecting 7 million people.
4. Bloomington school district reveals a 334 percent spike in cybersecurity insurance rates.
5. School district didn't inform parents about the attack, so threat actors reached out to the victims directly.
Bourbon and Data Breaches Week of January 10th
Welcome to the first BnB episode of 2022. In this episode, we cover the Top Five Cybersecurity News of the Week of January 10th:
1. AvosLocker remotely access boxes in safe mode.
2. Ransomware group Ragnar_Locker claims successful hack of Sectrio.
Bourbon Break: In this episode, we try the Two Stars Bourbon.
3. A ransomware attack on an Alberquerque jail took away access to camera feeds and disabled automatic door mechanisms.
4. Hackers target dozens of Ukrainian government websites and leave message "be afraid and expect the worst."
5. Members of REvil ransomware gang arrested in Russia.
Bourbon and Data Breaches Week of November 29th
This is the final Bourbon and Data Breaches Videocast of the Year. In this episode, we cover the Top Five Cybersecurity News of the Week of November 29th:
1. IKEA battles an ongoing cyberattack where multiple employees were targeted to become victims of phishing attacks.
2. Panasonic faces another data breach where hackers took advantage of a third-party vendor. The tech giant is working to fix the impact. Bourbon Break: In this episode, we try the Heaven's Door Double Barrel Whiskey by Bob Dylan.
3. DNA Diagnostics Center, a DNA testing firm in Ohio, was recently breached. Hackers gain access to the information of over 2 million customers.
4. Notorious fraudster Krasr recruits 7 Amazon employees as moles and steals $160,000 from the business.
5. Planned Parenthood (Los Angeles) data breach results in 400,000 people whose data was stolen.
Bourbon and Data Breaches Week of November 15th
In this episode, the HackNotice Team discusses the latest cybersecurity news.
1. "A new wave of attacks starting late last week has hacked close to 300 WordPress sites to display fake encryption notices, trying to trick the site owners into paying 0.1 bitcoin for restoration. These ransom demands come with a countdown timer to induce a sense of urgency and possibly panic a web admin into paying the ransom."
2. "Trading platform Robinhood said Monday that personal information for more than 7 million customers was accessed during a data breach on November 3rd. The company said in a news release that it does not appear that Social Security numbers, bank account numbers, or debit card numbers were exposed, and no customers have had “financial loss” due to the incident."
3. "The U.S. Federal Bureau of Investigation (FBI) on Saturday confirmed unidentified threat actors have breached one of its email servers to blast hoax messages about a fake "sophisticated chain attack."
4. "A secretive Israeli company helped hack a British news site and used it to take over the devices of some people who visited the site, cyber researchers say. The cybersecurity firm ESET said in a report Tuesday that the company, Candiru, helped an unknown foreign government hack the London news site Middle East Eye with a so-called watering hole attack, which places malicious software on a website to infect and hack the computers of people who visit it."
5. "Roughly three months after Eskenazi Health released a statement announcing a cyber security breach that compromised personal data, some patients are just now receiving that news in the mail. According to this release posted last month, Eskenazi Health was notified of a cyber attack “on or about August 4, 2021” that resulted in the personal information of some employees and patients being leaked to cybercriminals. However, the same release claims the breach actually happened three months prior “on or about May 19, 2021.”
Bourbon and Data Breaches Week of November 5th
In this week of Bourbon and Data Breaches, the HackNotice Team discusses the Top 5 cybersecurity news of the week:
1. The U.K. Labor Party has a "cyber incident" that exposed the details of both supporters and members.
2. Kaspersky says threat actors in a spear-phishing attempt used an Amazon eMail token issued to a third-party contractor.
3. Ransomware group Conti targets a prolific jeweler, exposes details of affluent people and celebrities.
4. Cryptocurrency lender CREAM Finance was recently hacked that led to over $130 million stolen.
5. A Luton man's identity was stolen, and the identity thief sold the man's house on the man's behalf.
Bourbon and Data Breaches Week of October 18th Episode 34
In this episode of bourbon and data breaches, the HackNotice team discusses the five latest cybersecurity breaches of this week:
1. A hacker breached the Argentinian government and stole the entire country’s ID details. The data is now being sold in private circles.
2. The notorious ransomware group REvil claims that they are closing shop again.
Bourbon Break: LoneStar 1835 Single Barrell Bourbon Whiskey.
3. Sinclair TV-Network outage was not a technical difficulty but a ransomware attack.
4. A ransomware gang found a creative way to recruit members. Posing as a cybersecurity company.
5. Ferrara, a prominent U.S. candy-maker, suffers a ransomware incident right before Halloween.
Bourbon & Data Breaches Week of 10.04.2021
In this episode of bourbon and data breaches, the HackNotice team discusses the five latest cybersecurity breaches of this week:
1. OnlyFans Employees were able to access Models' and Users' data even after leaving.
2. Facebook outage blamed on bad DNS server and BGP issues.
3. Twitch suffered a major data breach, where hackers accessed 'everything.'
4. Syniverse quietly admits to hackers being in their system for years.
5. Outdated and Misconfigured Apache Airflow servers leak sensitive data information.
Bourbon & Data Breaches Week of 09.20.2021
In this episode of bourbon and data breaches, the HackNotice team discusses the five latest cybersecurity breaches of this week:
1. Ransomware gang BlackMatter targets New Cooperative, IOWA, demanding a $5.9 Million Ransom.
2. Biden administration targets ransomware payment 'enablers.'
3. FBI held onto the decryptor key during the REvil attacks in July.
4. Information of 250 Afghan interpreters exposed on accident
5. Anonymus takes credit for taking of hosting provider Epik, leaks data of 15 million users
Bourbon & Data Breaches Ep. 31 Week of 09.06.21
In this episode of bourbon and data breaches, the HackNotice team discusses the five latest cybersecurity breaches of this week:
1. Alt-Right Texas group's website leaked the resumes of applicants.
2. Ransomware gang REvil's servers come back online after a two-month hiatus
3. Howard University was affected by ransomware leading the school to cancel classes for a day.
4. Central Bank of Ireland mistakenly exposes personal information of 50 credit union executives
5. US Cybercom warns of mass exploitation of Atlassian Confluence vulnerabilit
Bourbon and Data Breaches Ep. 28
In this special episode of Bourbon and Breaches, the HackNotice team says goodbye to a cast member while welcoming a new one.
This episode features a beer instead of a bourbon considering it's our crew members' last time as a moderator, so we decided to have a special episode per his request.
Tune in as we discuss the 5 recent data breaches, from Discord Malwares to Texas' school ISD's.
As always, if you want us to cover a breach or a bourbon, leave a comment below and we'll get to it.
Bourbon and Data Breaches ep27
In our recent discussion in Bourbon and Data Breaches, we open a bottle of Rebel Yell Bourbon and talk about the most interesting cybersecurity stories affecting millions of people's data. Our topics of the week:
Clop: Ransomware Gang or Softwre?
Intuit, Turbotax user accounts compromised
Pelotons are new frontier for hackers
EA Games source code leaked over Slack trickery
Ransomware gang REvil A/B tests headlines to see which grab more attention
Bourbon and Data Breaches ep26
In our recent discussion in Bourbon and Data Breaches, we open a bottle of Leopold Bros Bourbon and talk about the most interesting cybersecurity stories affecting millions of people's data. Our topics:
FUJIFILM shuts down network after suspected ransomware attack
U.S. says ransomware attack on meatpacker JBS likely from Russia
MTA Hacked in April Cyberattack; Employee, Customer Info Was Not Compromised
Scripps notifying 147,000 people about data breach tied to cyberattack
More than 11,000 people’s personal information released in APD data leak
Bourbon and Data Breaches ep25
In our recent discussion in Bourbon and Data Breaches, we open a bottle of Old Forester 100 Proof Bourbon Whiskey and talk about the most interesting cybersecurity stories affecting millions of people's data. Our topics:
The dangers of remote work
Our thoughts on the RSA hack
Ransomware gangs vs the health industry
Paying ransomware and getting fined
Military veterans' data in constant danger
Bourbon and Data Breaches Week of May 5th, 2021 Discussion
In our recent discussion in Bourbon and Data Breaches, we open a bottle of Maker's Mark Blueberry Yum Yum and talk about the most interesting cybersecurity stories affecting millions of people's data. Our topics:
US Customs and Border Protection
Brazilian Court System
Escort Sites posted to Github
Ransomware as a Service
IRS wants crypto
Bourbon and Data Breaches ep22
In our recent discussion in Bourbon and Data Breaches, we open a bottle of Evan Williams Single Barrel and talk about the most interesting cybersecurity stories affecting millions of people's data. Our topics:
Signal: https://signal.org/en/
The Oscars: https://www.oscars.org/
European Soccer: https://www.uefa.com/
Treehouse Hotels: treehousehotels.com
Washington DC Police Department: https://mpdc.dc.gov/
Bourbon and Data Breaches ep21
In our recent Bourbon and Data Breaches discussion, we talk about the most interesting cybersecurity stories affecting millions of people's data. Our topics:
Mercato: mercato.com
NBA: nba.com
Apple: apple.com
FBI: fbi.gov
For bourbon, we're tasting Chamber's Bay Distillery Boathouse Bourbon
Bourbon and Data Breaches ep20
In our recent Bourbon and Data Breaches discussion, we talk about the most interesting cybersecurity stories affecting millions of people's data. Our topics:
Public Water Hack
College Universities
Home Security Video
Hacker Schemes
For bourbon, we're tasting Angel's Envy Bourbon - https://www.angelsenvy.com/
Bourbon and Data Breaches ep19
In our recent Bourbon and Data Breaches discussion, we talk about the most interesting cybersecurity stories affecting millions of people's data. Our topics:
SpaceX: https://www.spacex.com/
PHP Programming
Fat Face: fatface.com
Ransomware Gang Refunds
Luby's: lubys.com
For bourbon, we're tasting Still Austin Bourbon - https://stillaustin.com/booze/straight-bourbon-whiskey/
Bourbon and Data Breaches ep18
In Episode 18 of Bourbon and Data Breaches, we cover the most recent cyberattacks and stories that have put millions of people's data at risk. We cover:
High School Homecoming Scandal
Hobby Lobby: hobbylobby.com
Acer: acer.com
Tesla: tesla.com
Microsoft: microsoft.com
We're sampling David Nicholson Reserve during the data breach reviews - https://davidnicholsonbourbon.com/whiskey/
Bourbon and Data Breaches ep17
In Episode 17 of Bourbon and Data Breaches, we cover the most recent cyberattacks and stories that have put millions of people's data at risk. We cover:
Verkada: verkada.com
SMS Texts
Public wifi
Hacks as NFTs
Guns Website: guns.com
We're sampling Powers Irish Whiskey during the data breach reviews https://www.powerswhiskey.com/en-us/product/gold-label
Bourbon and Data Breaches ep16
In Episode 16 of Bourbon and Data Breaches, we cover the most recent cyberattacks that have put millions of people's data at risk. Who's on the list?
Microsoft: https://www.microsoft.com
CIBA Insurance: https://www.cibaservices.com
European Medicines Agency: https://www.ema.europa.eu/en
American Airlines: https://www.aa.com
We're sampling Oak & Eden Bourbon during the data breach reviews https://www.oakandeden.com/
Bourbon and Data Breaches ep15
In Episode 15 of Bourbon and Data Breaches, we cover the most recent cyberattacks that have put millions of people's data at risk. Who's on the list?
T Mobile: https://www.t-mobile.com/
Solarwinds: solarwinds.com
Qualys: http://qualys.com/
Oxford University: https://www.ox.ac.uk/
Gab: https://gab.com/
We're sampling Bib & Tucker Bourbon during the data breach reviews - https://bibandtuckerbourbon.com/
Bourbon and Data Breaches ep14
In Episode 14 of Bourbon and Data Breaches, we cover the most recent cyberattacks that have put millions of people's data at risk. Who's on the list?
Clubhouse App
Kia: kia.com
Apple: apple.com
We're sampling Four Roses Bourbon during the data breach reviews - https://fourrosesbourbon.com/
Bourbon and Data Breaches ep13
In Episode 13 of Bourbon and Data Breaches, we cover the most recent cyberattacks that have put millions of people's data at risk. Who's on the list?
Leon Medical Centers Miami: https://leonmedicalcenters.com/
Nocona General Hospital Texas: https://noconageneral.com/
Sitepoint: https://www.sitepoint.com/
We're sampling Bowman Brothers Bourbon during the data breach reviews - https://asmithbowman.com/bowman-brothers/
Bourbon and Data Breaches ep12
In Episode 12 of Bourbon and Data Breaches, we cover the most recent cyberattacks that have put millions of people's data at risk. Who's on the list?
Serco: https://www.serco.com/
Snapchat: https://www.snapchat.com/
WhatsApp: https://www.whatsapp.com/?lang=en
Office of the Australian Information Commissioner: https://www.oaic.gov.au/
What we're sipping during the breach reviews: Larceny Wheated Bourbon - https://larcenybourbon.com/
Bourbon and Data Breaches ep11
In Episode 11 of Bourbon and Data Breaches, we cover the most recent cyberattacks that have put millions of people's data at risk. Who's on the list?
Intel: https://www.intel.com/
Bonobos: https://bonobos.com/
Meetmindful: https://www.meetmindful.com/
ADT Security: https://security.adt.com/d/adt/
What we're sipping during the breach reviews: Balcones Texas Pot Still Bourbon - https://balconesdistilling.com/spirit/texas-pot-still-bourbon/
Bourbon and Data Breaches ep10
In Episode 10 of Bourbon and Data Breaches, we cover the most recent cyberattacks that have put millions of people's data at risk. Who's on the list?
Excellus Health Plan: https://www.excellusbcbs.com/
Pfizer: https://www.pfizer.com/
BioNTech: https://biontech.de/
What we're sipping during the breach reviews: Early Times - https://www.earlytimes.com/
Bourbon and Data Breaches ep9
In Episode 9 of Bourbon and Data Breaches, we cover the most recent cyberattacks that have put millions of people's data at risk. Who's on the list?
Nissan: https://www.nissanusa.com/
Parler App
Jetbrains: https://www.jetbrains.com/
Reserve Bank of New Zealand: https://www.rbnz.govt.nz/
JP Morgan Chase: https://www.jpmorganchase.com/
What we're sipping during the breach reviews: Basil Hayden's -https://www.basilhaydens.com/
Bourbon and Data Breaches ep8
In Episode 8 of Bourbon and Data Breaches, we cover cyber threats from corporate espionage and poor cybersecurity practices by companies that handle your data. Who's on the list?
Ticketmaster: https://www.ticketmaster.com/
T-Mobile: https://www.t-mobile.com/
Sabre: https://www.sabre.com/
British Airways: https://www.britishairways.com/
Solarwinds (followup): https://www.solarwinds.com/
We review Evan Williams Single Barrel Vintage: https://heavenhilldistillery.com/evan-williams-single-barrel-vintage.php
Bourbon and Data Breaches ep7
In Episode 7 of Bourbon and Data Breaches, we talk about how school systems can breed hackers and how recent breaches can impact nearly everyone that operates on the internet.
Solar Winds: https://www.solarwinds.com/
Dental Care Alliance: https://www.dentalcarealliance.net/
Instagram: https://www.instagram.com/
Ledger: https://www.ledger.com/
We review David Nicholson 1843 Kentucky Straight Bourbon Whiskey: https://davidnicholsonbourbon.com/
Bourbon and Data Breaches ep6
In Episode 6 of Bourbon and Data Breaches, we're covering the evolution of the "Nigerian Prince scam," hackers targeting COVID vaccine research, US retailers, iPhones, and cybersecurity firms.
Kmart: https://www.kmart.com/
Apple: https://www.apple.com/
FireEye: https://www.fireeye.com/
We review Wild Turkey Longbranch Bourbon.
Wild Turkey: https://wildturkeybourbon.com/
Bourbon and Data Breaches ep5
In Episode 5 of Bourbon and Data Breaches, we're covering bugs affecting Microsoft by way of Xbox, Tesla, Walmart, Amazon, eBay, and Sophos.
Microsoft: https://www.microsoft.com/en-us/
Xbox: https://www.xbox.com/en-US/
Tesla: https://www.tesla.com/
Walmart: https://www.walmart.com/
Amazon: https://www.amazon.com/
eBay: https://www.ebay.com/Sophos: https://www.sophos.com/en-us.aspx
Bourbon and Data Breaches ep4
In Episode 4 of Bourbon & Breaches, we take a look at recent data cyberattacks aimed at Spotify (https://www.spotify.com/us/), Liquid cryptocurrency (https://www.liquid.com/), Facebook Messenger (https://www.messenger.com/) and more.
Bourbon and Data Breaches ep3
In this episode we look at hackers targeting:
Vertafore: https://www.vertafore.com/
Animal Jam: https://www.animaljam.com/en
123RF: https://www.123rf.com/
Pluto TV: https://pluto.tv/live-tv/tv-land-sitcoms
Lumber Union: https://lumberunion.com/
and more.
How could any of these breaches directly affect you? Find out in this episode of Bourbon and Data Breaches!
Bourbon and Data Breaches ep2
Hackers are breaking into organizations to steal data to sell to the dark web. We are discussing some of the biggest recent data breaches and tasting different bourbons while we're at it. Check out Bourbon and Data Breaches with the HackNotice Team.
In this episode we look at hackers targeting:
Campari: https://www.campari.com/
Capcom: https://www.capcom.com/
Mattel: https://www.mattel.com/en-us
Prestige Software: http://www.prestige-soft.com/en/index.html
GEO Group: https://www.geogroup.com/
and more.
Bourbon and Data Breaches ep1
Hackers are breaking into organizations to steal data to sell to the dark web. We are discussing some of the biggest recent data breaches and tasting different bourbons while we're at it. Check out Bourbon and Data Breaches with the HackNotice Team.